That’s absolutely great and worth spending the few minutes – enjoy: Roger

Well, this question was not asked by me but by a guy called Joe Wilcox on Betanews: I sold my soul to Google, can I get it back? . He raises a few points I never really though of: While the organizations all charge something, not one puts content behind...

Our Security Research and Defense team published a blog post, which is really interesting to read to understand how to protect Windows Vista and Windows 7: On the effectiveness of DEP and ASLR . There is a lot of information on how both raise the bar...

We recently had internal discussions on the use of local admin and how to mitigate it. During this, Richard Diver, a Premier Field Engineer in APAC, wrote a great article how to do it. I wanted to make sure, you can see this as well. So, this is a guest...

You might know about Bluehat, which is an internal security conference we run several times an year. Some of the presentations we record and make them publically available. There is a really good one on the Microsoft Security Response Center. Dustin ...

A quick one: An interesting download location: With the SDL Quick Security References (QSR), the Security Development Lifecycle (SDL) team introduces a series of basic guidance papers designed to address common vulnerabilities from the perspective of...

With a lot of interest I followed the media on the latest Wikileaks’ publication of sensitive documents from the US Government. At least here in Europe, there is a huge debate whether this publication is really problematic for the United States. A discussion...

Yes, not only gray Seriously, we commissioned a study to see what the impact of cloud computing is not only to efficiency but the the environment. Can you save CO2 by moving to the cloud? I think something, we do not look at often enough. As pictures...

Just a quick one. Our Global Foundation Services organization (the ones who run our datacenters) just published a new whitepaper: Information Security Management System for Microsoft Cloud Infrastructure This paper describes the Information Security Management...

There were just new resources released for the Security Compliance Manager: the Windows Server 2008 R2 Security Baseline and the Office 2010 Security Baseline, and setting packs for Windows 7 and Internet Explorer 8. This packs help you to manage your...

It is kind of strange, whenever I talk to governments and customers, everybody seems to agree that basic malware protection should be for free or even integrated into the OS. I am talking about malware, which is “installed” by the user as well… However...

Since quite a while I am not satisfied with the way we (in the industry) are doing risk management. In my early days, before I was actually entering the security space, I was doing project management and as part of it risk management. The way we did it...

We recently released a paper called The Economics of Cloud Computing for the EU Public Sector , which is actually valid for every other European country as well as it is not too narrowly focused on the EU only. Additionally there is a US-version of the...

We are huge supporter of the Convention on Cybercrime by the Council of Europe . The reason for this is that we are convinced that there is a need of a certain level of harmonization across the Globe regarding cybercrime laws. Today I learned, that Turkey...

If you use Hotmail, you should enable full session SSL in my opinion. Additionally we use SSL for additional services like Skydrive etc. However, there are some caveats. Read the blog post on that: Hotmail security improves with full-session HTTPS encryption...

I will be at the ISF Congress in Monte Carlo from tomorrow on. If you are there as well and want to meet, drop me a mail It is actually the first event since a long time I am just going to participate, not to hold any speeches Roger

You know that I am propagating the adoption of cybercrime legislation, which is aligned across the Globe. Something, which is absolutely necessary if we want to fight Cybercrime. Basically we are asking governments to consider the Cybercrime Convention...

We all know that Windows XP is rock-solid but not capable anymore to defend against today’s attacks and the same is true for IE6. Having been great products, when they were launched, the threat landscape changed significantly since then. Windows...

I guess you do not know the problem: My kids come home from school and want an iPod – I want them to use a Zune as I am convinced that iTunes is one of the worst software I have ever seen (besides RealPlayer), I hate the lock-in into the store and the...

I know that I have been very, very quiet over the last two weeks. The reason was, that the worldwide Chief Security Advisors met at our HQ in Redmond for four days to discuss community related questions as well as the future of certain selected products...

I already have a problem the way tourism develops on Mount Everest (definitely understanding that some people in the region can make money and a living of it) but now you can even get fast Internet on the base camp: Peak signal: 3G cell service comes...

An interesting analysis by the Malware Protection Center: The Botnet Superhighway Roger

I just got a mail that my Windows Phone 7 is ready for pick-up. Unfortunately I am in Redmond at the moment and my Windows Phone 7 is in Switzerland. The poor device will have to wait for me for another week (or is it the other way around – poor Roger...

As I am still oof, another short one: Ray Ozzie’s blog is back: http://ozzie.net/ Ray is definitely one of the driving persons behind our overall vision and architecture. So, it is worth keeping him on your RSS feed. Roger

It is always bad, if comics have a significant portion of truth: and then and finally hmm…. too much truth for me to cope with Roger