Anyone who trusts microsoft's security gets what they deserve, and deserves what they get.
Microsoft will have a solution for all these security flaws soon. All we'll have to do is go out and buy brand new computers with their new OS Palladium installed on it. It will phone home regularly to the fatherland in Redmond to make sure everything's okie dokie.
Big brother to the rescue.
Yeah, like that's gonna happen.
Microsoft can reduce this impact and regain market confidence by submitting Passport's code to a full open-source review.
What have these folks been smoking? Microsoft will make the reviewers sign NDAs so they can't even talk amongst themselves and do a proper review. MS doesn't want to know about their flaws; they just want to continue to dominate the market.
If MS had been paying attention, they would have picked up on the Passport thing soon after April 12th, when the researcher first tried to contact them. But nooooobody at MS knew a thing about it until he finally posted it to the Full-Disclosure list out of desperation.
Remember back in February (the shortest month of the year, BTW) 2002, when MS took a whole month off to train their folks and review all of their code? Does anyone really think that it could all be done in a single month? Does anyone else have a strange suspicion that it was all for PR?