This is an excerpt from a mail I sent out internally today: The sands of time seem finally to have run their course. On September 1 I will not only celebrate the 5-year anniversary of my time here at Microsoft but also my departure from the company...

A while ago I once again got frustrated by LMCompatibilityLevel and the amount of confusion that is out there about it. There was also an intriguing thing in the SAMBA documentation that they (incorrectly) called "NTLM2 Session Response" that needed figured...

I've been trying to come up with a list of attributes that a security solution needs to have to be complete and sufficient. The idea is to develop a set of attributes that can be used when analyzing security to see if it fulfills the needs of the situation...

In a very interesting twist Microsoft today announced the acquisition of Winternals and Sysinternals . This is really interesting news and I am glad to see Mark Russinovich and Bryce Cogswell getting to have more of an impact on the Windows product.

Just in case your are of the vulnerability counting type, you may be interested in an analysis posted by my friend Jeff Jones in his blog. Jeff has done some pretty amazingly detailed analysis of the number of vulnerabilities in each of several products...