Jeff's InfoSec Blog

Thoughts about information security, privacy, and regulatory compliance. Brought to you by Jeff Newfeld, the product unit manager for security solutions in Microsoft's Core Infrastructure Solutions group.

Browse by Tags

Related Posts
  • Blog Post: The Trustworthy Computing Security Development Lifecycle

    If you're wondering how Microsoft bakes security into its software development practices, this paper (by one of the co-authors of "Writing Secure Code") takes you through the process. This is far more than a guide for individual developers; it goes through the organization stucture and processes necessary...
  • Blog Post: Paparazzi-proof cameras

    Interesting -- a way to "ask" phonecams not to take your picture. Problem is, it's probably omnidirectional and so will impact everyone trying to take a picture of anything in the vicinity. I don't agree that this is paparazzi-proofing anyone -- how long will it take some entrepeneur to hack the controls...
  • Blog Post: DRM is anti-privacy???

    DRM is one of those fascinating areas where we really haven't explored the implications of our decisions. I have seen a lot of complaints about Napster's requiring you to be a mamber of their service in order to continue to listen to music that you downloaded under their subscription. So, your license...
  • Blog Post: Former AOL employee pleads guilty in spam case

    Ouch -- 92 million screen names and email addresses stolen from AOL. The guy netted $28k, and will have to pay $200-400k in restitution. Not exactly a lucrative business, was it? Once again we see privacy compromised from the inside -- nothing that the individual account holder could have done would...
  • Blog Post: Identity theft -- keep buying online, but shred your receipts!

    According to the Better Business Bureau's "2005 Identity Fraud Survey Report" the most common source of identity theft is a lost wallet or check book. Only 11.6% of identity fraud came from access to online records. Here's an interesting observation: customers who regularly monitor their bank accounts...