Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

December, 2007

  • Update on our Piracy Strategy - Important Changes to WGA

    From time to time people ask me about piracy and security. Let's start with piracy first. If you look at the 2007 Global Piracy Study by BSA , the numbers are frightening. Looking at EMEA, it starts with Moldova on 94% pirated software to Denmark with...
  • How to Build a Bomb

    Well, only partly. I commented several times already about WabiSabiLabi. I especially like their statement "closer to zero risk". At the moment there is an SAP vulnerability at stake. It is initially priced on €4'000. If you read their blog, Focus on...
  • Lottery Scam – The voice of the victim

    We all know that there are scammers telling you that you won in the lottery. A lot of security people think that the victims are naïve and dumb. We just started to run a story on lottery scam and part of it was an interview with a victim. The victim...
  • Consumer Trust in e-Business

    If the light of the latest outreach we did around scam ( Lottery Scam – The voice of the victim ), Research firm Ipsos was retained to conduct research with consumers in Germany, Italy, Denmark, UK and The Netherlands. About 3'500 users were contacted...
  • Insight into IPSec

    I hope you enjoyed Christmas as much as I did (now working on losing weight again J ). Soon I will be in the mountains but before I leave, I found something pretty interesting to read: Tech Insight: Microsoft's IPSec Roger
  • Insights into our Security Vulnerability Research

    Secure Windows just started a blog which could be of interest for you as well. They will give some more insights into our vulnerability research and the outcome thereof. Definitely something worth keeping an eye on, especially if you have a technical...
  • I am gone – now :-)

    Well, not really but I will now leave for the mountains and go skiing for the next week. Therefore, have a good time and "talk" to you in 2008 Roger BTW: Happy new year as soon as is it started!!!
  • Common Criteria and answering the “real” questions

    It seems that I am not yet gone J . Eric Bidstrup, a colleague of mine, wrote a great blog post about Common Criteria, where it does a pretty good job and where it fails. Basically he claims – and I could not agree more – that the customer "only" wants...
  • How the security magic happens at Microsoft

    This is cool: Microsoft Security Elves Roger
  • The PICNIC Problem

    I hope you know the PICNIC problem ( P roblem i n C hair n ot i n C omputer) – it happened to me L . I get a significant amount of Spam-comments on my blog, which are filtered in the corresponding Spam-filter. From time to time I clean it up. Unfortunately...
  • Nigeria: I told you they are serious

    Remember my blog post where I told you not to forget countries like Nigeria ( I was visiting Nigeria – watch out! )? They really seem to be serious. In the last few weeks we had some troubles getting hold of the head of EFCC (I will tell you more in a...
  • Have a look at Server and Domain Isolation

    I am often talking about different zones in the network and how you can create them. There is no a demo kit available for you to download and "play" with it: Server and Domain Isolation Demo Roger
  • “Keep Everything Clear of the Doors”

    Ed Gibson, the Chief Security Advisor in the UK just wrote an interesting article, I would like to share with you: You've seen it, read it, heard it so many times you've blocked it out … routine, mundane. . . but instinctively you take the necessary...
  • HP confirms vulnerabilities on 82 Laptop models.

    Remember this post OEMs: Join in to "Secure by Default" ? I wrote it in June… Now, HP just confirmed a vulnerability in their software delivered on 82 laptop models on all the different Windows versions: HP Quick Launch Buttons Critical Security Update...
  • You are hacked – by your toaster :-)

    I just read this this morning Man Uses Toaster to Hack Computer . Is this now funny or scary? Roger
  • A Retrospect on my Trip to Kenya

    I asked for feedback from you and got quite some. Some privately and some publically – thank you all who took the time to answer. One of the feedbacks I heard more than once was, that you are interested in my view on the region and the security there...
  • Once More: Only the Easiest Way is the Secure Way

    Well, my credo is well known in the meantime: We have to make it easy for users to work in a secure way. Otherwise the business (say: the users) will find ways around all our security solutions. I customer of us recently said: "I rather accept a little...
  • Windows Vista is protecting the environment

    When we launched Windows Vista, one of the features which was pointed out to me was power management and how it will lower the costs in the enterprise environment. Well, I put my focus on the security technologies (obviously) and ignored the power management...