Browse by Tags

Related Posts

Blog Post: How to manage “Bring your own device”

rhalbheer

A few years back a customer’s CSO left the room when I said that this customer should start thinking about a scenario, where selected users bring their own devices – he called me “nuts”. Well, I think the smartphone area proofed me right. Basically the smartphones were the first Bring Your Own Device...

on 10 Nov 2011
Blog Post: Six predictions for CIOs

rhalbheer

An interesting article by ISACA: Six predictions for CIOs . Here they are: Prediction 1: Cloud computing is here to stay and will become business as usual. Prediction 2: Virtualization will be a catalyst that drives IT modernization. Prediction 3: IT operations become service-centric and business value...

on 8 Apr 2011
Blog Post: Fraud via Phone on the Raise

rhalbheer

FTC released their Consumer Sentinel Network Data Book for January – December 2010 . The interesting and scary thing is that fraud via phone is on the raise. We get more and more complaints by customers as well, telling us that they got a call from “Microsoft” with the ask for getting access to the PC...

on 10 Mar 2011
Blog Post: US Cybersecurity Research!

rhalbheer

The Department of Homeland Security published a report on A Roadmap for Cybersecurity Research , I was definitely impressed! All the themes, which are important to me are in their list : Scalable trustworthy systems (including system architectures and requisite development methodology) Enterprise-level...

on 15 Jul 2010
Blog Post: We Need Solid and Strong Transparent Processes for the Cloud

rhalbheer

This morning I was reading an article called Google seeks to assure customers on cloud security practices on ComputerWeekly. I had to read this – obviously . It references a paper written by the Google Security Officer called Security Whitepaper: Google Apps Messaging and Collaboration Products...

on 8 Jun 2010
Blog Post: Microsoft Security Intelligence Report – What it means for EMEA

rhalbheer

“Unfortunately” I have been on vacation when we released the Security Intelligence Report last week. Nevertheless I would like to take the opportunity and look at it more from a EMEA perspective. One of the interesting data points we always publish is the Malware Infection Rate. Remember, there is a...

on 5 May 2010
Blog Post: Strong Authentication and Privacy – A Contradiction in Terms?

rhalbheer

You know that I am not a big fan of the requirement for having all Internet users authenticate strongly. There are people in the security arena who think that this is the only way to fight cybercrime – and in parallel accept that they would kill freedom of speech. I recently had a good discussion...

on 17 Mar 2010
Blog Post: Estonia’s Cyber Security Strategy

rhalbheer

Following the attacks on Estonia, they published a pretty interesting paper called Cyber Security Strategy by the Ministry of Defense in Estonia. One thing which I see again and again is that most of the people looking into such strategies conclude that strong collaboration is needed between the different...

on 8 Oct 2008
Blog Post: Some Thoughts on UAC

rhalbheer

I blogged several times already on UAC as this has been (and partly still is) a very disputed security feature in Windows Vista (which I still support!). I just found today a not really new blog post on UAC, which I think is worth reading. It is from April this year and is called UAC: Desert Topping...

on 6 Oct 2008
Blog Post: Renting a Botnet on eBay

rhalbheer

It is getting better over time: Now you can rent a Botnet on eBay to increase your hitrate on YouTube (By the way: Free shipping is included): http://cgi.ebay.com/Guaranteed-100-000-views-for-your-YouTube-video_W0QQitemZ220279609299QQcmdZViewItem?hash=item220279609299&_trkparms=72%3A1163|39%3A1...

on 11 Sep 2008
Blog Post: Announcing the Exploitability Index

rhalbheer

At Blackhat we announced an important change to our Security Bulletins becoming effective during the October release. One of the requests we often heard talking to our customers is, that they would like to get better information on how hard it is to exploit a vulnerability. We will introduce an Exploitability...

on 6 Aug 2008
Blog Post: On-Premise vs. On-Demand (or SaaS) – A Quocirca Report

rhalbheer

I was made aware of a pretty good report on Software as a Service Quocirca did in collaboration with Microsoft. It is not the kind of "new, what you never heard before"-thing but I personally think that it is a good investment of time to get an overview of Software as a Service and some additional views...

on 4 Jun 2008
Blog Post: Support for Law Enforcement and COFEE

rhalbheer

Over the last few weeks there has been a lot of chatter about a tool we provide in a Beta version to Law Enforcement called COFEE: Computer Online Forensic Evidence Extractor. Let me give you some information on COFEE and put it into the proper context. I am personally convinced that every company...

on 14 May 2008
Blog Post: More of a third of software is stolen

rhalbheer

BSA just released today a new piracy study and there are some remarkable facts in there: The worldwide weighted average of piracy rate is 38% The median piracy rate in 2007 is 61% Think about the second point for a second: This means that in half of the countries they studied, the piracy rate is...

on 14 May 2008
Blog Post: “The Security Business has no Future” (Quote by IBM)

rhalbheer

This is actually an interesting statement. If you had ever to deal with the press you know how these headlines are composed. It might be that the person actually made the sentence in this way – the question is whether he meant it so absolute. Nevertheless, if you read the corresponding article on darkReading...

on 14 Apr 2008
Blog Post: “Creative Capitalism” by Bill Gates

rhalbheer

In Wall Street Journal there is a preview on Bill's speech today at World Economic Forum (they are actually flying over my house going to Davos – I hear them all the time J ). It is a pretty interesting reading on new ways how capitalism could work not only for the rich but also for the poor. What I...

on 25 Jan 2008
Blog Post: Common Criteria and answering the “real” questions

rhalbheer

It seems that I am not yet gone J . Eric Bidstrup, a colleague of mine, wrote a great blog post about Common Criteria, where it does a pretty good job and where it fails. Basically he claims – and I could not agree more – that the customer "only" wants to know whether the operating system "is safe"....

on 28 Dec 2007
Blog Post: HP confirms vulnerabilities on 82 Laptop models.

rhalbheer

Remember this post OEMs: Join in to "Secure by Default" ? I wrote it in June… Now, HP just confirmed a vulnerability in their software delivered on 82 laptop models on all the different Windows versions: HP Quick Launch Buttons Critical Security Update What about the Security Development Lifecycle...

on 15 Dec 2007
Blog Post: Microsoft has the shortest Security Update Development cycle

rhalbheer

Have you had a look at Symantec's latest Threat Report? It can be found here: http://www.symantec.com/content/de/de/about/downloads/PressCenter/ISTRXII_Main.pdf I briefly read through it and one statement caught my eye: Page 54: Of the five operating systems tracked in the first six months of 2007...

on 26 Oct 2007
Blog Post: RSA Europe: Are you ready for security and privacy?

rhalbheer

Do you remember? In January 2002, Bill Gates sent a famous mail to all the Microsoft employees and announced Trustworthy Computing . Since then it became part of our DNA. The interesting thing to me is, that the four pillars of TwC remained the same (except for pillar four, which we had to re-name)....

on 23 Oct 2007
Blog Post: Are you ready for Unified Communications?

rhalbheer

Today, Bill Gates sent out a mail to roughly 300'000 subscribers of the Executive Mail . This time he does a recap of his Unified Messaging mail which he sent out in 2006 and gives an overview of the advances we had since then. To name just a few: Office Communicator 2007 and Office Communication Server...

on 17 Oct 2007
Blog Post: Bill Gates and the Gates Foundation

rhalbheer

There is an interview on MSNBC with Bill where the readers could actually send the questions. It is all about their foundation and pretty impressive to read: http://www.msnbc.msn.com/id/21212128/site/newsweek/ Roger

on 11 Oct 2007
Blog Post: CSI Report 2007 published

rhalbheer

You surely know the CSI-FBI Security report. FBI now pulled off and CSI did the study themselves. If you are interested in it – it is free but you have to register: http://gocsi.com/forms/csi_survey.jhtml Roger

on 27 Sep 2007
Blog Post: Symantec clears Vista on malware

rhalbheer

There is a nice article, where Symantec talks about Windows Vista: http://www.vnunet.com/vnunet/news/2184521/symantec-clears-vista-malware They quote the Symantec report and then talk to a person from Sophos. Let's look at a few quotes: Graham Cluley, senior technology consultant at Sophos ...

on 2 Mar 2007
Blog Post: Selling Vulnerabilities?

rhalbheer

Think about it: You found a way of breaking into my house (would not be too hard though but let's just use this as an example) and you are selling this knowledge to intruders. Is this legal? Is this ethical? I mean, my home has vulnerabilities and if you discover a easy way to get in. Are you really...

on 6 Feb 2007