Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

September, 2010

  • Is There Any Value in Twitter? Yes? Think Again…

    I know that this is a very provocative question but it is one I looked into since a few months. If you follow my Twitter account , you will have realized that I dramatically reduced the number of Tweets. I currently only tweet, once I posted on my blog...
  • Data Governance in the Cloud

    If you look at current discussions between cloud providers and customers, I see it too often that the customer leaves with the impression that the Cloud fixes all their problems. In fact – it does not. Too often I see the Cloud provider telling the customer...
  • The Community is Growing

    In Off to See the World I told you that we are growing the Chief Security Advisor Community and then I updated you on the UK and Sweden . Now it is time to update you again. Just before the summer vacation, we could hire the Chief Security Advisor in...
  • The Eleven Rules of Life

    I know that they are very old but I did not know them. The oldest post I found was from 2004. People are saying that they are from Bill Gates but it seems that he used them during a speech in front of high-school students. I love them: RULE 1: Life...
  • Using Facebook to Promote an Event – Lecture in Johannesburg Next Week

    I am just preparing my trip to South Africa next week. Our Chief Security Advisor in South Africa, Khomotso Kganyago does an outstanding job keeping my busy. He put together a great agenda – I just hope I can cope with everything he is expecting from...
  • Dilbert on Piracy

    Just before I leave to Johannesburg: Dilbert on Piracy… he is soooo right Roger
  • What is More Important to You? Privacy or Safety?

    I want to start upfront: I do not want to take a position here. I have an opinion as a person in my cultural context but I understand that this opinion is by far not the only one which is right or wrong. This morning I read this article: FBI Drive for...
  • What it takes to shut down a botnet

    It hits the press from time to time that somebody was successful taking down a botnet. We had some success as well with the Waledac Botnet Takedown . There is actually a good article on What it takes to shut down a botnet . When I was doing some bing...
  • How to Detect a Hacker Attack

    This title immediately caught my attention and probably yours as well: How to detect a hacker attack – something I definitely want to know. And then I realized that the article a) is written from a techie and b) does not really cover the attacks I am...
  • Windows Live Essentials 2011 available for download now

    I am using it since the Beta and it is really cool. I am using Messenger (with the integration to Facebook etc.) as well as the Windows Live Writer to blog. It rocks: Windows Live Essentials 2011 available for download now Download and install! Roger
  • Just Installed Internet Explorer 9 Beta

    I know – Beta versions are not for production but as I just run production, I installed it on my work machine – just now! The first good news is: My blog still works: What’s new? Well, the best is you download it from here and explore yourself. There...
  • Kinect Opening a Whole New Way to Live?

    You hopefully know of the coolest thing we will launch this year: Kinect – our controller-less gaming experience for the XBox. I hope that I get the family budget approved for it, so that we can move from a Wii to an XBox. What I personally started to...
  • Advisory for the ASP.NET Vulnerability

    We are basically asking the industry to follow a Coordinated Vulnerability Disclosure and are therefore not in favor of public vulnerability disclosure as it puts the industry unnecessarily at risk. Recently there was a vulnerability in ASP.NET publically...
  • Is a “Zero-Trust” Model the Silver Bullet?

    I was reading an interesting article: Forrester Pushes 'Zero Trust' Model For Security , where they mainly claim that you should not trust your internal network – something I am asking for since a long time. However, the conclusions Forrester and me are...
  • Interpol’s Chief’s Facebook Identity Stolen

    This is one of the risks, not a lot of people look into: It is fairly easy for me to setup a Facebook account in another person’s name. This is what happened to Ronald K. Noble, head of Interpol: Interpol Chief Ronald K. Noble Has Facebook Identity Stolen...
  • Infosecurity Virtual Conference

    The cloud – and now I mean the volcano cloud – showed that there is not always a real need to travel far in to get the right information at an event of conference. I delivered a keynote via LiveMeeting ( Virtual Keynotes – Do we always...
  • The Risks of Pirated Software

    Obviously I do not like people to steal software. Additionally, from at least two perspectives it adds security risks: People are less likely to patch and pirated software often comes wit pre-installed malware, which is then hard to detect. There is just...
  • Microsoft Security Essentials free for small businesses

    I know that this is “old news” but I wanted to make sure that everybody has seen that: We will make Microsoft Security Essentials available for small business for free. Small businesses are up to 10 PCs. This is great news as a lot of small businesses...
  • Real Men Don’t Buy Girls

    I want to make you aware of the “Real Men” campaign to raise awareness about the problem of child sex slavery. If you can cope with it, listen to the press conference here: Watch live streaming video from cgi_press at livestream.com This is a unique partnership...
  • The Value of Twitter–Revisited

    Actually I had a few very interesting discussions lately as a reaction on my post Is There Any Value in Twitter? Yes? Think Again… and I think Thibaud brought it to the point: Mass-follow is the “problem” – in other words me . I had thought about getting...
  • Stuxnet: Future of warfare? Or just lax security?

    What is your view?: Stuxnet: Future of warfare? Or just lax security? Roger
  • Support and OpenSource

    I know that I am not an OpenSource expert and to be completely clear: I do not want to complain at all but I would definitely think whether I would bet my company’s business processes on it… Let me give you my story: March this year I migrated my blog...
  • Customer Experience Study: Security Improves in the Cloud

    Last week, when I was in South Africa, a partner of us pointed me to a very interesting paper by KPMG called Cloud computing: Australian lessons and experiences . What I like is, that a lot of the items I was recently raising, where actually reflected...
  • The Risks of Unofficial Patches

    This is quite a normal scenario: A zero-day pops up on the Internet by a security researcher. Immediately afterwards we see the first exploits appearing and being integrated into the different attack tools. Now, the race started: The vendor has to develop...
  • Interesting Discussion on Social Media

    Recently, we had an interesting discussion on Social Media. It actually all started with somebody sending a link around called http://pleaserobme.com/ to see who actually just said that they are not at home – information which can easily be gained...