Robert McLaws: Windows Edition

Blogging about Windows since before Vista became a bad word

Someone's Gonna Get Fired

ZDNet UK is running a story claiming Arno Edelmann, Microsoft's European Business Security PM makes several very damning statements about Windows Live OneCare. Here is an excerpt:

Asked about these problems, Arno Edelmann, Microsoft's European business security product manager, told ZDNet UK on Thursday that the code itself has pieces missing.

"Usually Microsoft doesn't develop products, we buy products. It's not a bad product, but bits and pieces are missing," said Edelmann.

The problem lies with a core technology of OneCare, the GeCAD antivirus code, and how it interacts with Microsoft mailservers. According to Edelmann, the Microsoft updates and mailserver infrastructure do not harmonise.

"It's a problem with the updates, and it's a problem with the implementation," said Edelmann.

If mail is received from a server running Exchange 2007, users are unlikely to encounter problems. However, if mail is received from servers running Exchange 2000 or 2003, the likelihood of quarantining is high, said Edelmann.

"OneCare is a new product — they shouldn't have rolled it out when they did, but they're fixing the problems now," said Edelmann.

According to the security manager, security is only a small part of what Microsoft does, suggesting it does not have as much security expertise as established security vendors.

"Microsoft is not a security company. Security is important, but it's just a little part of Microsoft," said Edelmann.

There are several reasons why I don't think there is a shred of truth in this article whatsoever. First of all, the bug in OneCare quarantines Outlook ".pst" files, as well as Outlook Express ".dbx" files. Anyone that uses Exchange knows that Outlook uses ".ost" files with Exchange, and Outlook Express can't even access it. If you want to use Exchange, you can't use the free mail client, that's how Microsoft sells Outlook licenses.

Second, Microsoft only buys products? Hmm, their massive R&D budget might suggest otherwise. Microsoft has developed a bunch of their own products, contrary to this guy's statement. The .NET Framework, MSN Messenger, Visual Studio Team Foundation Server, and Windows Home Server are all products that were completely built internally. Oh yeah, by the way, did Microsoft build Windows Vista, or buy it?

Thirdly, I've never heard of a Microsoft employee running their mouth off like that. The Security Business PM saying security is only a small part of Microsoft? And if all that stuff is true, wouldn't he be partially responsible for those problems, as a PM in that Product Group?

So either ZDNet UK author Tom Espiner made the article up, or Edelmann had a serious lapse in judgement. Anyone want to take bets on who gets fired first?



  • JoeM said:

    Couldn't agree more Robert.

    March 16, 2007 4:43 PM
  • Michael Bertelsen said:

    Outlook use .pst files for archives and I would realy hate if a antivirus program deleteded a hole archive if there was one mail inside with an infected attachment.

    March 17, 2007 8:00 AM
  • JoeM said:

    I have not had any issues, nor have any companies I deal with.  So who knows.

    March 18, 2007 4:06 PM
  • Neil said:


    Lately my outlook express has been wanting to back up to my "Recycle Bin" ! Can you tell me how to fix this please ? I run Windows XP.

    March 18, 2007 5:37 PM
  • Neil, I'm sorry man, I have no idea. Any of my readers wanna take a shot a this one?

    March 18, 2007 11:21 PM
  • JT said:

    fwiw, Edelmann is part of the marketing division, based in Europe. He is not a "senior manager" (as the original article says) -- he's a front-line employee with zero connection to the product group who, if the article is correct, ran his mouth off inappropriately and inaccurately.

    March 19, 2007 3:39 AM
  • steve said:

    The real trouble with onecare for the home user with several machines is that the firewall can suddenly decide to lock out every other machine on the local subnet after several weeks of use.  Suddenly you can't access your file and print shares from other machines in the network.  Meanwhile onecare settings claim that such local access is allowed.

    This issue has been outstanding for several months now.

    March 19, 2007 7:55 AM
  • JoeM said:

    Steve,  have not seen this yet.  Have installed OC on several PCs

    March 20, 2007 8:23 PM