Roger Halbheer on Security
I know that this is “old news†but I wanted to make sure that everybody has seen that: We will make Microsoft Security Essentials available for small business for free. Small businesses are up to 10 PCs. This is great news as a lot of small businesses do not use Anti-Malware Software and do not need any central management.
DetailsObviously I do not like people to steal software. Additionally, from at least two perspectives it adds security risks: People are less likely to patch and pirated software often comes wit pre-installed malware, which is then hard to detect. There is just such a case now with the iPhone: Fake iPhone jail-breaking tool packed with…
DetailsThe cloud – and now I mean the volcano cloud – showed that there is not always a real need to travel far in to get the right information at an event of conference. I delivered a keynote via LiveMeeting (Virtual Keynotes – Do we always have to travel?) during the time the planes were…
DetailsThis is one of the risks, not a lot of people look into: It is fairly easy for me to setup a Facebook account in another person’s name. This is what happened to Ronald K. Noble, head of Interpol: Interpol Chief Ronald K. Noble Has Facebook Identity Stolen.
Roger
I was reading an interesting article: Forrester Pushes ‘Zero Trust’ Model For Security, where they mainly claim that you should not trust your internal network – something I am asking for since a long time. However, the conclusions Forrester and me are drawing are slightly different. John Kindervag – the person quoted in the article…
DetailsWe are basically asking the industry to follow a Coordinated Vulnerability Disclosure and are therefore not in favor of public vulnerability disclosure as it puts the industry unnecessarily at risk. Recently there was a vulnerability in ASP.NET publically disclosed. We released an advisory and you should look into implementing the suggested workaround: Vulnerability in ASP.NET…
DetailsI am tweeting since quite a while but the click-through rate is below 0.1%. Why is this the case? Is there actually any value of Twitter or is it just a system, which is taking care of it itseld?
DetailsQuite a while ago, I implemented the possibility for people chatting with me via MSN Messenger on the web. I actually created a web-page to do so: Chat with me! I made a mistake, when I changed my LiveID. The bug is fixed.
DetailsNo clue what the source is but if they are right, it is scary: DRG SSH Username and Password Authentication Tag Clouds
Roger
Recently, we had an interesting discussion on Social Media. It actually all started with somebody sending a link around called http://pleaserobme.com/ to see who actually just said that they are not at home – information which can easily be gained through Twitter search.
DetailsAs soon as zero-days appear on the Internet, two things happen: Somebody publishes an exploit and somebody else an unoffical patch. How trustworthy are such updates? How should you handle them? It is all about risk management!
DetailsI am just preparing my trip to South Africa next week. Our Chief Security Advisor in South Africa, Khomotso Kganyago does an outstanding job keeping my busy. He put together a great agenda – I just hope I can cope with everything he is expecting from me. Part of it is a public lecture at…
DetailsKinect will launch a our controller-less gaming device soon. However, is it for gaming only? This could be used much broader.
DetailsI just installed Internet Explorer 9 and am ejoying the new look and feel and the speed…
Look at it yourself!
Our Trustworthy Computing team published a very good paper on Data Governance in the Cloud including areas to consider as well as some real hints how to appraoch it.
DetailsTo prevent non-government organizations from falling victim to nefarious actions taken in the guise of anti-piracy enforcement, Microsoft will create a new unilateral software license for NGOs that will ensure they have free, legal copies of our products.
DetailsAn interesting website was just going live which shows the trends in Cybercrime and tries to anticipate the future development
DetailsI often talk to governments about their Cybersecurity strategy and agenda. Sometimes I think it is extremely hard for a government official or high-ranking military person to really understand what is going on in the cyber space and what this means. It is not too easy for people like us but for somebody who’s job…
DetailsIf you have not seen it, you should probably have a brief look at it. We are seeing a new worm spreading on Exchange. This worm is not exploiting a vulnerability but uses social engineering to spread. Please read our MMPC blog at Emerging Malware Issue: Visal.B or look it up in our malware encyclopedia…
Details