To begin with, the guy probably has nothing to do with OneCare. Googling the interviewee, Arno Edelmann, only comes up with this presentation about the e-mail product acquired from FrontBridge (now known as ForeFront). These are completely different product lines. That's one of the tricks of hit-pieces: you find somebody at a company who is not qualified to talk on your desired subject, and then quote them as the "authority". You get comments about ForeFront and make them seem like they apply to OneCare.
One of the more interesting bits from that article is:
According to the security manager, security is only a small part of what Microsoft does, suggesting it does not have as much security expertise as established security vendors.What does the word "suggesting" mean? Did Edelmann make that suggestion? Or does the reporter make that suggestion based on what Edelmann aparently said? It may seem like a small point, but if Edelmann didn't actually make that suggestion, then it's a severe violation of journalistic ethics. Journalism has weird ethics: its okay to interview 100 people until one of them makes a quote just like the one you want (at CeBit, I'm sure you can find somebody to suggest the above quote), but it's a firing/sacking offense to make up something like this yourself.
BTW, nobody worth their salt in the security industry would make the claim that Microsoft doesn't have the security expertise. While sales of security products may be a small part of revenue, security is huge part of their RND investment. I know a lot of the guys personally: they employ some of the best and brightest in our industry, and they employ a lot of them. That includes people in their OneCare group. They are the leaders in many areas, such as the SDL stuff that defines what it means to develop secure software.
Hit-pieces like this are damaging to companies. They rarely have a big impact on the market, but they severely impact the organization. Arno Edelmann's career at Microsoft could have been severally damaged, for one thing. His managers may be afraid to let him talk to the press again, for fear of a repeat incident (even though he probably did nothing wrong). Even if his managers stand behind him, he might be personally afraid, and could be less effective at communicating the company's message to the press (at least for a while). At minimum, I'm guessing that he'll be tortured with another round of "media training" where they attempt to teach him the lesson that the press likes to twist your words (a lesson, of course, that he now knows all too well).
A worse effect for an organization is that a bad experience like this causes them to doubt themselves and run away from the press. I saw this happen at ISS after the Mike Lynn incident. Instead of being out front in the press talking about the wonderful stuff we were doing at the company, our PR went into a reactionary mode trying to avoid saying anything controversial. That's hell for people in companies like ISS and Microsoft that do great, but controversial, things.
I'm curious to see Microsoft's response to this, such as complaining to the editor. Editors normally don't like hit-pieces. Taking down the powerful appeals the population at large, but the people with their fingers on the purse-strings are more mature than that, and can recognize the vapid populism and questionable journalistic ethics when they see it. They recognize that when a member of the press catches an "official spokesman" saying such damaging stuff, it's the reporter who is at fault and not the spokesman. Since their credibility is on the line, such editors would like to hear complaints from a company like Microsoft so that they can take appropriate steps. ZDNet UK is unlikely to do so, however, because their editors have based their op-ed position on the "facts" of the hit-piece. Indeed, one wonders whether it was writer who was responsible for creating a hit-piece, or whether he did so at the behest of the editors.