Roger Halbheer on Security
This is a private post – and does not really have a lot to do with my job at Microsoft. Well, a little… A friend of mine – actually the EMEA Security PR guy at Microsoft – is an addicted dart player and participates often in dart tournaments. Which has a big advantage for me:…
DetailsI was reading a paper recently, where I initially thought it is a joke (it looked scientifically, therefore I was not too scared). But as our research department did it, it is serious and really, really good – at least it definitely made me think. It is called So Long, And No Thanks for the…
DetailsI blogged on Day 1 and Day 2 but as I expected, I was unable to blog yesterday on the conference. However, let me just briefly give you my impression of the final day: The core part of this last day was a whole block on Cloud Computing. There were different presentations on the subject…
DetailsAnd the second day starts. I just met with Jeremy Kirk from IDG and it is great to see that the press is actually interested in such a conference as well. The day today started with a long session on different initiatives against cybercrime. A lot of good information: Interpol offers quite some good services…
DetailsAs you saw from previous posts, I am at the Octopus Conference on Cooperation against Cybercrime at the moment. We had yesterday the Deputy Secretary General of the Council of Europe and one of her key statements was that different bodies (like the Council of Europe, UN etc.) should not compete. The Budapest convention by…
DetailsA few years ago, the Budapest Convention on Cybercrime was signed within the Council of Europe. Since then it was ratified all across the globe by a lot of countries or at least used as the base for legislation. Since a few years as well, the Council of Europe is organizing a conference on Cooperation…
DetailsI once wanted to text Windows 7 XP Mode on my notebook or my home PC but unfortunately I failed as both CPUs do not support Hardware Assisted Virtualization (HAV). Now, we released an update for Windows 7 64bit systems to remove this requirement: Update for Windows 7 for x64-based Systems (KB977206). This could definitely…
DetailsI was recently pinged by a customer asking for the “real†version of this game. It was distributed at RSA in the US and I do not have any anymore – but you can still print it yourself. So, if you want to introduce SDL or if you introduced it already and want to re-enforce…
DetailsOn February 24th we announced the work we did on taking down Waledac – read Tim Cranton’s blog post called Cracking Down on Botnets. Now it is time to look back and try to understand what we learned so far. sudosecure traces the Waledac infections and give a good view of new infections by the…
DetailsWell, you know, fairly often when I look at showcases I am a little bit disappointed I have to admit. Mainly because the technology which is shown is really cool and I would love to leverage it – just it works in the US only. Or better, it works across the globe but the data…
DetailsYou know that I am not a big fan of the requirement for having all Internet users authenticate strongly. There are people in the security arena who think that this is the only way to fight cybercrime – and in parallel accept that they would kill freedom of speech. I recently had a good discussion…
DetailsI was reading two BBC articles this morning. Wow, this is scary, isn’t it? Look at the pictures below: I do not think that I would have seen that… It even has an integrated camera which is switched on, when you move the card in. That’s the original article: Would You Have Spotted the Fraud?…
DetailsIf you are running a blog, you might most probably use one of the websites which show where your user come from – no? Like Clustrmaps, which I used for a few years. Then I found a new one, which I like much more as it gives me more information. If is called WorldMaps and…
DetailsThere is a project called the web hacking incident database (WHID), which collects data and statistics on web-application related security incidents. I was just looking into their report called The Web Hacking Incident Database 2009 which has some pretty interesting statistics in. In order to judge the results and statistics of this database, we have…
DetailsTonight I got this article forwarded to me: Afraid of outside cloud attacks? You’re missing the real threat. David Linthicum (the author) claimed that if you are looking at the hackers attacking “your†cloud from the outside, you are missing the real problem as the insider threat is still bigger. When I read the article,…
DetailsI was looking at some research done by Forrester which could be interesting for you as well. They try to lay out the landscape with regards to data protection for you and it looks fairly compelling. So if you are interested in the situation of the different Privacy laws across the globe and how Forrester…
DetailsTo start with: I am an engineer not a lawyer – and this might be part of the problem… When I started to think about the Cloud and security and thought about all the work I do with Law Enforcement and the challenges they face. Additionally, I started to think about the legal challenges we…
DetailsI often talk about how we learned to engineer security into the products and the results prove that we are on the right track. One of the challenges we always have is how to help the ecosystem to improve as well. One of the ways is to communicate through our website. Not, that this is…
DetailsOur EMEA Security Program Manager, Henk van Roest, started this series internally and with his consent I am publishing it here in my blog as I think it contains a lot of great information for you to use. So far, in the first 4 chapters, we have addressed the usual excuses for not Managing Your…
Details