Jesper's Blog

Obligatory file photo: I am a Senior Security Strategist in the Security Technology Unit at Microsoft. My job is to explain to our customers how to run Microsoft products securely, and to the extent that it is needed, help the product groups figu

May, 2006

  • Free Security Support Number For Your Region

    At an event in Germany today the issue came up how to access the free security support in your region. For a couple of years now Microsoft has offered no-charge support for security issues. However, the number is different in different regions. To find...
  • What is a "zero-day"?

    Once again, it seems misguided reporters have appropriated a technical term and are misusing it in ways to confuse the field. "Hacker" was not the first term they ruined, but it is still the one that irks me the most. The primary definition of "Hacker...
  • I Really Do Not Hate Hardening Guides

    Unfortunately, it seems that people are getting the impression that I hate hardening guides. A few people told me that after I delivered the "Security Myths" presentation at Microsoft's Federal Security Summit West last week. It is really not the case...
  • Going Wild With Administrative Accounts

    Today I got a question that reminded me that I have not written a whole lot about how to manage the accounts used by system administrators. The question was whether I could think of any reasons why you would share an administrative account between several...
  • Are we too simplistic in how we think about risk?

    Yesterday I had a fascinating meeting where we discussed a number of theoretical concepts, including how we think about risk. Risk, of course, should be the driver in everything we do in information security, and risk management should be the discipline...
  • Why your comments no longer automatically show

    Just a quick note to let you know why your comments to my blog no longer show up automatically. It turns out that someone decided my blog was a good place to post ads for online pharmacies, gambling, and all that other stuff that we apparently do not...
  • More Security Myths

    About a year ago Steve Riley and I built a presentation based on a set of security myths we put into the book . It was one of the most popular presentations we have ever made, and we kept coming up with more myths every time we delivered it, or talked...
  • Upcoming engagements

    The schedule for Spring 2006 is in full swing. Just in case anyone is interested in meeting up with me somewhere in the world (or has some new gig they think I should go to) I thought it makes sense to post my schedule here. February 6 and 7 - Albuquerque...
  • Windows Firewall: the best new security feature in Vista?

    It is interesting how some of the best security features in Windows receive either no attention, or get criticized for the strangest reasons. Case in point: Windows Firewall is one of the best firewalls out there, and yet much of the talk about it are...