At an event in Germany today the issue came up how to access the free security support in your region. For a couple of years now Microsoft has offered no-charge support for security issues. However, the number is different in different regions. To find...

Once again, it seems misguided reporters have appropriated a technical term and are misusing it in ways to confuse the field. "Hacker" was not the first term they ruined, but it is still the one that irks me the most. The primary definition of "Hacker...

Unfortunately, it seems that people are getting the impression that I hate hardening guides. A few people told me that after I delivered the "Security Myths" presentation at Microsoft's Federal Security Summit West last week. It is really not the case...

Today I got a question that reminded me that I have not written a whole lot about how to manage the accounts used by system administrators. The question was whether I could think of any reasons why you would share an administrative account between several...

Yesterday I had a fascinating meeting where we discussed a number of theoretical concepts, including how we think about risk. Risk, of course, should be the driver in everything we do in information security, and risk management should be the discipline...

Just a quick note to let you know why your comments to my blog no longer show up automatically. It turns out that someone decided my blog was a good place to post ads for online pharmacies, gambling, and all that other stuff that we apparently do not...

About a year ago Steve Riley and I built a presentation based on a set of security myths we put into the book . It was one of the most popular presentations we have ever made, and we kept coming up with more myths every time we delivered it, or talked...

The schedule for Spring 2006 is in full swing. Just in case anyone is interested in meeting up with me somewhere in the world (or has some new gig they think I should go to) I thought it makes sense to post my schedule here. February 6 and 7 - Albuquerque...

It is interesting how some of the best security features in Windows receive either no attention, or get criticized for the strangest reasons. Case in point: Windows Firewall is one of the best firewalls out there, and yet much of the talk about it are...