• Accenture
  • Cybercrime
    • Crime
    • Terrorism
  • Fun
  • Government
    • Critical Infrastructure Protection
    • Law Enforcement
    • Legislation
  • Industry
    • Associations
    • Cloud Computing
    • Consumerization of IT
    • Events/Trainings
    • General
    • Incidents
    • Internet of Things
    • Open Source
    • Outsourcing
    • Piracy
    • Social Media
    • Technology
    • Trends
  • Intergovernmental Organizations
  • Microsoft
    • Cloud Computing
    • Consumer
    • Incidents
    • Partner
    • Processes
    • Products
    • Strategy
  • Privacy
  • Security
    • People
    • Policy
    • Process
    • Technology
Catagories
Roger Halbheer on SecurityRoger Halbheer on Security
Roger Halbheer on Security
Information Security Discussion

Roger Halbheer on Security

  • Home
  • Downloads
  • My Photo Gallery
  • Bio and Contact
  • Blogroll
    • Chief Security Advisor Microsoft Finland
    • Chief Security Advisor Microsoft Italy
    • Chief Security Advisor Microsoft Russia
    • Chief Security Advisor Microsoft South Africa
    • Chief Security Advisor Microsoft Switzerland
    • Chief Security Advisor GCR (Chinese)
    • Chief Security Advisor Germany
    • Gerhard Göschl (Microsoft Austria)
    • Microsoft’s Security Blog
    • Trustworthy Computing
    • Microsoft Switzerland Security Blog
    • Shoaib Yousuf
  • Tweetroll
    • Roger Halbheer
    • Henk van Roest
    • Microsoft Security Response
    • Microsoft Digital Crimes Unit
Menu back  
LinkedinRssTwitterXING
Find

Monthly Archives: April 2014

You are here:
  1. Home
  2. 2014
  3. April

Why your data with a US cloud provider is at risk

I think I really do not need to comment this as the title itself says it all: US arrogance puts further doubt on cloud data sovereignty If you add some content, I just think they do not get it: New York-based U.S. Magistrate Judge James Francis last week ruled that local search warrants must include…

April 30, 2014Leave a commentCloud Computing, Government, Industry, LegislationBy Roger Halbheer

The „positive“ side of Heartbleed?

Maybe Heartbleed has the positive side-effect that users think about using different passwords for different sites (and then a password manager?) or websites start to think about using two-factor authentication? The downside typically is, that these effects tend not to last all too long… or how far did Snowden really change people’s behavior? Heartbleed’s silver…

April 30, 2014Leave a commentIndustry, TrendsBy Roger Halbheer

Careful, what you scan for

That’s a big “outch”: Be Careful what you Scan for! Just to quote SANS: After some fun and games at one customer site in particular, I found that the SSL services on the earlier versions of the HP Proiliant Servers iLo ports (iL01 and iLO2) are not susceptible to heartbleed. However, their implementation of SSL…

April 24, 2014Leave a commentIncidents, IndustryBy Roger Halbheer

Heartbleed’s Aftermath: Certificate Revocation

I was doing quite some PKI projects in my former life. One of the key themes during the policy discussion and then afterwards in the implementation was always the way somebody can revoke a certificate and then how the revocation was communicated. Shall OCSP be used or shall we stay with the good old CRLs?…

April 23, 2014Leave a commentCrime, CybercrimeBy Roger Halbheer

Heartbleed from a Operation’s View

This is the first time, I had to go through an emergency update process of that scale – well better, my team went, I do not want to claim any success here for myself. I was basically just an observer. However, there were a few interesting things, which I learned during the last few days:…

April 14, 2014Leave a commentIncidents, IndustryBy Roger Halbheer

A Meeting with an Expert

I guess, you have have been through such meetings as well? At least I felt fairly often like that, when I was in consulting

Roger

April 3, 2014Leave a commentFunBy Roger Halbheer
Copyright by Roger Halbheer Dream-Theme — truly premium WordPress themes