TechNet
Products
IT Resources
Downloads
Training
Support
Products
Windows
Windows Server
System Center
Internet Explorer
Office
Office 365
Exchange Server
SQL Server
SharePoint Products
Lync
See all products »
Resources
Curah! curation service
Evaluation Center
Learning Resources
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Script Center
Server and Tools Blogs
TechNet Blogs
TechNet Flash Newsletter
TechNet Gallery
TechNet Library
TechNet Magazine
TechNet Subscriptions
TechNet Video
TechNet Wiki
Windows Sysinternals
Virtual Labs
Solutions
Networking
Cloud and Datacenter
Security
Virtualization
Updates
Service Packs
Security Bulletins
Microsoft Update
Trials
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Related Sites
Microsoft Download Center
TechNet Evaluation Center
Drivers
Compatability & Converters
Windows Sysinternals
TechNet Gallery
Training
Training Catalog
Class Locator
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
e-Learning overview
Certifications
Certification overview
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Other resources
TechNet Events
Second shot for certification
Born To Learn blog
Find technical communities in your area
Support by product
Exchange Server
Forefront Server
Forefront Edge Security
Forefront Server Security
Internet Explorer
Office
SharePoint
SQL Server
System Center
Windows Server
Windows XP
Windows Vista
Windows 7
Windows 8
Other support links
Microsoft Premier Online
Microsoft Fix It Center
TechNet Forums
MSDN Forums
Security Bulletins & Advisories
International support solutions
Log a support ticket
Look up event IDs and error codes
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Sign in
Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Options
About
Email Blog Author
RSS for posts
Atom
RSS for comments
OK
Search Blogs
Tags
Cloud
Cloud Computing
Competition
Consumer
Crime
Critical Infrastructure Protection
cybercrime
Events/Training
Fun
Incident Response
Incidents
Industry Associations
Law Enforcement
Microsoft
Microsoft products
patch management
Policies
Policy
politics
Privacy
Processes
Security
Technology
Terrorism
trends
Archive
Archives
August 2013
(3)
June 2013
(4)
May 2013
(3)
April 2013
(2)
March 2013
(1)
February 2013
(2)
January 2013
(5)
December 2012
(1)
November 2012
(1)
October 2012
(4)
September 2012
(4)
August 2012
(4)
July 2012
(1)
June 2012
(3)
May 2012
(2)
April 2012
(9)
March 2012
(2)
February 2012
(2)
January 2012
(1)
December 2011
(3)
November 2011
(6)
October 2011
(11)
September 2011
(8)
August 2011
(3)
July 2011
(4)
June 2011
(8)
May 2011
(7)
April 2011
(7)
March 2011
(13)
February 2011
(18)
January 2011
(15)
December 2010
(6)
November 2010
(15)
October 2010
(15)
September 2010
(32)
August 2010
(10)
July 2010
(14)
June 2010
(18)
May 2010
(8)
April 2010
(6)
March 2010
(22)
February 2010
(5)
January 2010
(12)
December 2009
(8)
November 2009
(7)
October 2009
(11)
September 2009
(17)
August 2009
(12)
July 2009
(12)
June 2009
(13)
May 2009
(14)
April 2009
(16)
March 2009
(11)
February 2009
(12)
January 2009
(14)
December 2008
(22)
November 2008
(13)
October 2008
(22)
September 2008
(8)
August 2008
(14)
July 2008
(4)
June 2008
(16)
May 2008
(30)
April 2008
(29)
March 2008
(19)
February 2008
(16)
January 2008
(26)
December 2007
(18)
November 2007
(23)
October 2007
(11)
September 2007
(10)
August 2007
(7)
July 2007
(11)
June 2007
(11)
May 2007
(4)
April 2007
(9)
March 2007
(8)
February 2007
(8)
January 2007
(6)
November, 2007
TechNet Blogs
»
Roger's Security Blog
»
November, 2007
Sort by:
Most Recent
|
Most Views
|
Most Comments
Excerpt View
|
Full Post View
YOUR FEEDBACK REQUESTED
Posted
over 6 years ago
by
rhalbheer
4
Comments
I am in the position of the Chief Security Advisor in Europe, Middle East and Africa since February 1 st . Since then I am blogging here (before that I ran together with Urs the Swiss Security Blog). The hits per post rose over the first 6-7 months but...
IE and Firefox vulnerabilities
Posted
over 6 years ago
by
rhalbheer
1
Comment
I am still convinced that there is limited value in comparing vulnerabilities between different products. However, there are a few products which seem extremely emotional: The Operating System, Office, and the browser. We already discussed pretty emotionally...
Hackers using Playstations to crack Passwords
Posted
over 6 years ago
by
rhalbheer
1
Comment
A reader of my blog actually pointed me to that (thank you Shoaib) and asked me for a comment. Here is the article: PlayStation a hacker's dream . It is really an interesting thing: Gaming consoles today have quite some computing power, so why should...
Security Threats in 2008
Posted
over 6 years ago
by
rhalbheer
1
Comment
Well, slowly the year is coming to an end – 10% to go J . This is the time where everybody is looking back and – additionally – tries to look into the Crystal Ball to understand how 2008 could be. Interestingly enough, I just had the discussion about...
Teach a Man to Fish
Posted
over 6 years ago
by
rhalbheer
I just read a pretty good article that goes definitely into the direction I am trying to work with the different communities we are in touch. Even though technology is a key part of any security solution, the user is key and explaining the user the "why...
I was visiting Nigeria – watch out!
Posted
over 6 years ago
by
rhalbheer
5
Comments
You know that I rarely did trip reports in the past. I am personally convinced that you do not want to read, what I had for breakfast in Barcelona. But this trip was different. When I told the people around me that I will be travelling to Nigeria I got...
Are you ready for your users of the (near) future?
Posted
over 6 years ago
by
rhalbheer
2
Comments
Yankee Group Study Actually near future might be wrong: I am convinced that the future (with regards to the requirements) is already here. We sponsored a study with Yankee Group with the title Anywhere Access Technologies - Open Enterprise Networks...
The Value of Operating System Comparisons
Posted
over 6 years ago
by
rhalbheer
10
Comments
Since Blaster/Slammer, namely since the start of Trustworthy Computing I am working at Microsoft in a publically facing security role. I went through all the blaming and had to take all the heat of what we did wrong and how bad we are – and I admitted...
Want to check your Up- and Download-Speed
Posted
over 6 years ago
by
rhalbheer
I just stumbled across a pretty cool website allowing you to measure your up- and download speed wherever you are. Additionally you can compare it with others: http://www.speedtest.net Roger
More than 490’000 Database Server unprotected on the Web
Posted
over 6 years ago
by
rhalbheer
5
Comments
David Litchfield ran a scan on the Internet for the typical SQL Server and Oracle ports. It is unbelievable that he found approx. 490'000 servers on the Internet – unprotected and often un-patched. On unsupported version levels, on unsupported Service...
Be Careful Whom You Trust
Posted
over 6 years ago
by
rhalbheer
When I talk to customers I sometimes ask them, whether they do background checks on whom they hire as employees or contractors. If it comes to security, the whole theme gets pretty sensitive. Imaging that you hire an employee to deal with your security...
TechEd-IT Forum: The Keynote and Announcements
Posted
over 6 years ago
by
rhalbheer
I told you that I will keep you posted. We had some pretty exciting announcement at the keynote at IT Forum. For me, the whole area of virtualization is probably the biggest step forward. We announced that we name the official product/feature "Hyper...
IT Forum is about to begin
Posted
over 6 years ago
by
rhalbheer
It is always fascinating to see an event of this size! I actually arrived in Barcelona yesterday night and yes, you might be jealous if you see the weather. But actually I will probably not have a lot of time to enjoy it - PR filled my schedule all over...
A fun reading on social engineering
Posted
over 6 years ago
by
rhalbheer
I recently talked at different events on social engineering or at least touched the theme. You might know the layer 8 problem J When I had some discussions after my speech I realized that close to nobody (I talked with) knew about the "The Art of Deception...
WabiSabiLabi and their view on ethics
Posted
over 6 years ago
by
rhalbheer
1
Comment
I commented on that already twice and I stated that WabiSabiLabi seems to have a different view on ethics than me. For those of you who do not know WabiSabiLabi, it is an online auction for vulnerabilities . We met the founder of this platform during...
Mary Jo Foley: It’s payback time: If the Vista team could write ad copy …
Posted
over 6 years ago
by
rhalbheer
Well, well: You know that I never ever would bash a competitor and I will not do so now. However, I have to give you the link to the above mentioned article – not because of the article but because of the comments the article got. It seems that our efforts...
Fight against Terror and how it can be abused
Posted
over 6 years ago
by
rhalbheer
I am not completely clear how much a lot of the measures we see (like the fluid restrictions on planes, the forced violation of privacy laws by airlines by having to transmit PII to the US, ...) really bring. On the other hand we definitely see some...
The next step at home: Windows Home Server
Posted
over 6 years ago
by
rhalbheer
1
Comment
One of the big challenges we face all the time is how to control one of these growing networks at home. How shall I help my neighbors to actually manage their growing environment with different PCs (one per parent and one per kid and a mediacenter and...
Social Engineering - Live
Posted
over 6 years ago
by
rhalbheer
1
Comment
I just found a pretty interesting article on "social engineering". It is one of these articles showing an anecdote on how to use social engineering to enter a building and get access to everything: The Spy in Your Server Room Roger
Pricelist for Cybercriminals
Posted
over 6 years ago
by
rhalbheer
Remember Economy of Cybercrime ? I hope so! There I made the statement that Cybercrime has to pay off. On Zone-h today they summarized a research from G DATA with the title How much can cyberterrorist get ? In there you see how much you have to pay...
SAFECode: Writing Secure Code – learning from each other
Posted
over 6 years ago
by
rhalbheer
3
Comments
During RSA Europe an industry forum called SAFECode ( S oftware A ssurance F orum for E xcellence in C ode) was announced " to identify and share software assurance best practices, promote broader adoption of such practices into the cyber ecosystem, and...
Rumors about Cyber-Terror Attack, November 11th
Posted
over 6 years ago
by
rhalbheer
This is an interesting phenomenon on the Internet: There is one source publishing the statement that they picked up an Internet announcement by Al Qaeda that they will start a cyber attack on November 11 th : DEBKAfile Exclusive: Al Qaeda declares Cyber...
Spotlight – The coolest online event platform
Posted
over 6 years ago
by
rhalbheer
You know about Silverlight, don't you? We built a new Online Event platform on it. Sorry? You did NOT hear of Silverlight yet? Come on, don't tell me you missed this announcement? It is absolutely cool and if you really missed it, there you go: Sliverlight...