Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

July, 2007

  • This is a different blog post

    You know, normally I blog about all the different security challenges we are facing. This time it is different J (even though I have to care about physical security in the mountains) At the moment I am sitting at an altitude of about 1800m above sea...
  • Security not only a Microsoft problem – iPhone finally rooted

    It was to be expected – not because Apple built bad security in their iPhone, I am definitely not in the position to judge, but because it was going to happen. Any software product is going to have vulnerabilities as a matter of fact. The more attractive...
  • Buy Your Enigma

    It is probably the most important and known encryption device ever: The Enigma – the machine that had a strong influence on WWII. Now you can buy your Enigma on e-bay: http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=270146949978 Roger
  • Stepto becoming a Gamer :-)

    If you are working with Microsoft and security you definitely know him – Stephen Toulouse one of the long-term people you know from Microsoft's security units. He worked within the Microsoft Security Response Center as one of our key spokespersons and...
  • New Version of the Nigeria Scam

    I love that one: Somebody sends e-mails to Hotmail users that their account would expire and they should renew it – the attacker gets UserID/Password… Then a mail is sent on behalf of the user to their friends to tell them that they are stuck in Nigeria...
  • It’s All the User’s Fault

    Isn't it true? Don't we always say that there is a PICNIC problem (Problem in Chair, not in Computer)? When we talk about security we often talk about the user – and this is right so. But do we always give the user what he needs to protect their information...
  • Only the Easiest Way is the Secure Way

    We, being security professionals, are often "just" looking for the most secure way to implement a certain task. Often we tend to forget the user when we implement these measures. I once visited a customer showing me their ultimately secure solution to...
  • How to React on Malware Attacks

    Often the Small and Medium Businesses do not have IT resources available and it they have, the person is a IT Generalist. We try to help these kind of people to get structured and organized around the core security challenges. Therefore we published yesterday...
  • Windows Live OneCare 2.0 Beta available

    Looking at my father's PC I always faced the same problem: I wanted to give him a solution that actually took care of his PC without having me too often involved J . Some time ago, we had some particular solutions: Backup (use the backup in Windows...
  • Malware Portal Live

    I blogged about three important announcements we made a few months ago ( http://blogs.technet.com/rhalbheer/archive/2007/04/25/three-microsoft-announcements.aspx ). The different malware teams are ramping up heavily and I am looking forward to working...
  • Vulnerability Auction

    I wrote several times already about responsible disclosure and irresponsible disclosure. My point on that is clear: Every vendor has to have transparent and clear processes to handle vulnerabilities. These processes ensure that there will be a timely...