Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

August, 2008

  • „Scareware“ on the Raise

    We have regular ConfCalls with our security support to exchange trends and issues we see. During the last one we had an interesting discussion I would like to share with you: We seem to get a hell lot of calls mainly from the consumer segment with Virus...
  • Why I do not like e-Voting

    As you know, I am Swiss. Switzerland is known as being one of the most direct democracies in the world. It is not uncommon for us having (or being allowed) to vote every other month as there are a lot of ways to influence what our politicians and/or our...
  • Security through Collaboration

    If you ever heard me keynote an event you know that one of the key messages I have is, that partnerships are necessary in order to be able to protect against today's threats. At Black Hat USA we just announced a new program called Microsoft Active...
  • Secure Development: More than „just“ code!

    I just read an interesting post by Michael Howard ( Security is bigger than finding and fixing bugs ). He refers to a statement Google seem to have made on its development practices ( Google shares its security secrets ): In order to keep its products...
  • How to react on the DNS attacks

    Yes, I am back. I was on vacation and therefore did not take the time to blog. Just briefly: IBM published a pretty good article on the latest DNS attacks. You can read it here: Responding to the DNS vulnerability and attacks Roger
  • Servers still not patched

    I just read an article this morning on Linux servers under the Phalanx gun: A problem with people, not code . There were quite some things which made me think when I read it: There was a statement in there, which I – obviously – did not like at all...
  • Announcing the Exploitability Index

    At Blackhat we announced an important change to our Security Bulletins becoming effective during the October release. One of the requests we often heard talking to our customers is, that they would like to get better information on how hard it is to...
  • IE8 – a new Set of Privacy Features

    As you (hopefully) know, the release of Internet Explorer 8 is coming closer. One thing we always look at is how to make surfing more secure and more private. The IE team just launched a blog post on the InPrivate features of IE 8 which is definitely...
  • The Global Network of Crime

    We all know that crime is global and that they are doing their best to leverage the legal shortcomings and the limitations of the cooperation between Law Enforcement agencies. There is a good article about one case in the New York Times which is definitely...
  • Insights into Windows 7 Engineering

    Are you interested to learn how Windows 7 (next version of Windows) is engineered? Are you willing to get in touch with the engineering team? Then read their blog: Engineering Windows 7 Roger
  • Your PIN on the Internet

    Yes, it is true: There is somebody who publically put known PINs on the Internet. I bet yours is there too: http://www.positiveatheism.org/crt/pin.htm Roger
  • How to circumvent Privacy Laws

    As you all know, most jurisdictions allow individuals to ask for data collected by an organization (being it a company or a governmental organization). A lot of countries have Data Protection Commissioners that look into what companies and more often...
  • Announcement of the MSRC Ecosystem Strategy Team Blog

    Our teams around the Microsoft Security Response Center recently launched a new blog called MSRC Ecosystem Strategy Team Blog. The blog is thought to give more insights into the work we do with the security ecosystem knowing that vulnerabilities and attacks...
  • Microsoft sponsors Privacy Enhancing Technology Awards

    It is not really news anymore as it broke during my vacation. However, it is important from my point of view: We are a proud sponsor (and not for the first time) of the Privacy Enhancing Technology Awards, which recognizes the work of researchers in...