Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Tags

Browse by Tags

TechNet Blogs » Roger's Security Blog » All Tags » policy
Related Posts

  • Blog Post: The Importance of International Collaboration–Even in Exercises

    rhalbheer
    One of the biggest challenges in Critical Infrastructure Protection or Incident Response is collaboration. Collaboration between the public and the private sector as the private sector is most often running the critical infrastructure; collaboration between different governments as well as incidents...
    on 16 Jun 2010

  • Blog Post: We Need Solid and Strong Transparent Processes for the Cloud

    rhalbheer
    This morning I was reading an article called Google seeks to assure customers on cloud security practices on ComputerWeekly. I had to read this – obviously . It references a paper written by the Google Security Officer called Security Whitepaper: Google Apps Messaging and Collaboration Products...
    on 8 Jun 2010

  • Blog Post: Hacking Incidents 2009 – Interesting Data

    rhalbheer
    There is a project called the web hacking incident database (WHID), which collects data and statistics on web-application related security incidents. I was just looking into their report called The Web Hacking Incident Database 2009 which has some pretty interesting statistics in. In order to judge...
    on 12 Mar 2010

  • Blog Post: Windows 7 XP Mode - Sophos error: facts not found

    rhalbheer
    Well, the title is not completely from me – I just quoted another blog post. I wrote recently on Why Windows 7 XP Mode makes sense from a security perspective and was even quoted on the register. The “funny” thing was the history of that blog: I was readying some Tweets and blogs where XP Mode was just...
    on 27 Aug 2009

  • Blog Post: Why it pays to be secure - Introduction

    rhalbheer
    Henk van Roest, our EMEA Security Program Manager is running a pretty successful internal blog. Before summer vacation he started a series called “Why it pays to be secure” which I think has some great information in it. I asked him then to go public with it but he told me that he is not doing this kind...
    on 22 Aug 2009

  • Blog Post: Google Chrome and Silent Patching

    rhalbheer
    This morning I opened one of the Swiss Sunday newspapers and Google Chrome made it to the front-page with a “best practice approach” for deploying security updates. In the article itself it was claimed that Chrome is one of the best browsers with regards to security as the deploy patches silently, without...
    on 11 May 2009

  • Blog Post: The Windows 7 UAC “Vulnerability”

    rhalbheer
    It is always interesting how some things spin off. The claimed UAC vulnerability in Windows 7 in one of those events. There are numerous blogs which claim that they found a huge vulnerability in Windows 7. The reason for that is that you can change the settings for UAC without getting a UAC prompt. ...
    on 3 Feb 2009

  • Blog Post: Stealing the Empire State Building in 90 Minutes

    rhalbheer
    You do not trust e-Business? Why do you trust “normal” business then? Read this: Newspaper 'Steals' Empire State Building in Just 90 Minutes Roger
    on 18 Dec 2008

  • Blog Post: Article was Bogus: Do Mac Users not need Anti-Virus Protection?

    rhalbheer
    Today I was having a discussion with a religious Mac fan claiming that the only problem with security on the Internet is Windows and then I read this article on ZDNet: Despite what blogs (and Apple) say, Macs will eventually have malware In there it is referenced that the article I was quoting yesterday...
    on 4 Dec 2008

  • Blog Post: Apple Recommends Running Multiple AV Engines

    rhalbheer
    This is an interesting thing: I just read this post on ZDNet . The blamed us for being the key target for viruses and they always told me that they do not have a security problem. I am convinced that there is no software product having no security vulnerabilities and Apple proved over time that they...
    on 3 Dec 2008

  • Blog Post: Risk of Outsourcing (and Security Outsourcing)

    rhalbheer
    I am often asked about the risks of outsourcing (we often talk about processes, legal risks (e.g. Data Protection), etc.) – the list is very long. Today I read an article which touches a completely different issue: It is all about the security processes and the turnover within the outsourcing company...
    on 30 Oct 2008

  • Blog Post: Estonia’s Cyber Security Strategy

    rhalbheer
    Following the attacks on Estonia, they published a pretty interesting paper called Cyber Security Strategy by the Ministry of Defense in Estonia. One thing which I see again and again is that most of the people looking into such strategies conclude that strong collaboration is needed between the different...
    on 8 Oct 2008

  • Blog Post: Open Government Data Principles

    rhalbheer
    In December about 30 government advocates assembled to decide on - what they called - Open Government Data Principles. Even though the group was very US focused (if you look at the list of participants ), the outcome is very interesting. I quote the main page of the working group : By embracing the eight...
    on 27 Mar 2008

  • Blog Post: Sun and Apple Updates – A Sheer Nuisance!!

    rhalbheer
    As you all know: I rarely blog on competitors and – even rarer – blog about them negatively. But this time I definitely had to: As most of us I have QuickTime on my PC as well as a Java VM. I know that there are alternatives for this software and the same is true for RealPlayer, which is – for me ...
    on 20 Mar 2008

  • Blog Post: EISAS – European InformationSharing and Alert System – an ENISA Feasibility Study

    rhalbheer
    ENISA just recently published a pretty interesting study with the title EISAS – European Information Sharing and Alert System . I think that it is definitely worth looking into Roger
    on 8 Feb 2008

  • Blog Post: “Creative Capitalism” by Bill Gates

    rhalbheer
    In Wall Street Journal there is a preview on Bill's speech today at World Economic Forum (they are actually flying over my house going to Davos – I hear them all the time J ). It is a pretty interesting reading on new ways how capitalism could work not only for the rich but also for the poor. What I...
    on 25 Jan 2008

  • Blog Post: What can you do if you are a victim of e-crime?

    rhalbheer
    I think that there is a very good example of how a platform could be offered for victims of cyber crime. There are often questions around: What are my rights? What can I do if something bad happens? Who is here to help?... www.e-victims-org offers answers to a lot of questions like those and offers...
    on 21 Jan 2008

  • Blog Post: What is more important: Security or Privacy?

    rhalbheer
    This is basically a very interesting and pretty fundamental question for the society. After 9/11 the US changed the way they work significantly. Just as an example: Airlines had to give the US government information about passengers flying to the US that actually violate the privacy laws in Europe. So...
    on 17 Jan 2008

  • Blog Post: Teach a Man to Fish

    rhalbheer
    I just read a pretty good article that goes definitely into the direction I am trying to work with the different communities we are in touch. Even though technology is a key part of any security solution, the user is key and explaining the user the "why" is even more important. Read yourself: Teach...
    on 26 Nov 2007

  • Blog Post: I was visiting Nigeria – watch out!

    rhalbheer
    You know that I rarely did trip reports in the past. I am personally convinced that you do not want to read, what I had for breakfast in Barcelona. But this trip was different. When I told the people around me that I will be travelling to Nigeria I got a lot of different reactions J . I guess that...
    on 23 Nov 2007

  • Blog Post: WabiSabiLabi and their view on ethics

    rhalbheer
    I commented on that already twice and I stated that WabiSabiLabi seems to have a different view on ethics than me. For those of you who do not know WabiSabiLabi, it is an online auction for vulnerabilities . We met the founder of this platform during Blue Hat in Redmond and had some discussions on ethics...
    on 8 Nov 2007

  • Blog Post: Fight against Terror and how it can be abused

    rhalbheer
    I am not completely clear how much a lot of the measures we see (like the fluid restrictions on planes, the forced violation of privacy laws by airlines by having to transmit PII to the US, ...) really bring. On the other hand we definitely see some pretty weird things happening as any suspicion seems...
    on 6 Nov 2007

  • Blog Post: SAFECode: Writing Secure Code – learning from each other

    rhalbheer
    During RSA Europe an industry forum called SAFECode ( S oftware A ssurance F orum for E xcellence in C ode) was announced " to identify and share software assurance best practices, promote broader adoption of such practices into the cyber ecosystem, and work with governments and critical infrastructure...
    on 2 Nov 2007

  • Blog Post: Bill Gates and the Gates Foundation

    rhalbheer
    There is an interview on MSNBC with Bill where the readers could actually send the questions. It is all about their foundation and pretty impressive to read: http://www.msnbc.msn.com/id/21212128/site/newsweek/ Roger
    on 11 Oct 2007

  • Blog Post: Protecting your disk with biometric devices?

    rhalbheer
    As you (hopefully) know, Windows Vista ships with a component we call Bitlocker - at least some of the Windows Vista versions do. Now, Bitlocker can be run with different way of protecting your keys: a TPM chip (basically a smartcard on your motherboard), a normal USB-stick, the TPM chip with a password...
    on 23 Apr 2007
© 2013 Microsoft
|