Well, I've had a busy couple of weeks, including selling a house, buying a house and moving - which didn't leave much free time for blogging, so I am a bit behind on current events. So, let me start the catch-up with a human interest post. Window Snyder, a former colleague and all around great security professional has joined the Mozilla team. According to my LinkedIn connection, she is the Chief Security Something-or-Other at Mozilla. I've seen that title referred to a couple of times, so it...

Mostly, I stick to security topics here, but I want to take a moment and say "go get Windows Live Writer." If, like me, you've ever lost a blog entry or had to retype due to any sort of network or web problem, you'll appreciate this simple tool that helps you draft up your blog entry, automatically saving drafts, then posts it up for you. Microsoft launched Windows Live Writer on August 13th, I've just been busy and only tried it late last week. It is downloadable as a Beta, so give it a try, I highly...

In my recent exploration of Windows Vista x64 security features and Patchguard (see pt1 and pt2 ), one of the issues sent my thoughts in the direction of how "perfect" security feature are (or are not) and how that affected security value to customers. So, here is the scenario. You read about a new security feature in JeffOS that has been reported to improve security. Let's say the feature helps stop exploits of heap overflows. Is this feature perfect? No, it does not stop many, many exploit scenarios...

Here I am doing my thing, looking at some of the security improvements in Windows Vista x64 (see pt1 and pt2 ), when all of a sudden, Patchguard seems to be hot news . [NOTE: Readers, if you need more details on Patchguard, start with my previous post Windows Vista x64 Security – Pt 2 – Patchguard .] So, leveraging my coveted super power of “walking down the hall”, I tracked down the Windows Architect for Kernel Patch Protection, Forrest Foltz, to get his perspective...

NOTE: I know this is a long post. If you don’t want to read all the details I discuss here, I still encourage you to go read What Were They Thinking? Anti-Virus Software Gone Wrong , by Skywing, to give you a perspective on “known good” extensions to kernels. Also, as always, this blog post represents my own personal analysis and opinion (based upon my own experience) and not that of Microsoft – and represents my best efforts to figure out what’s really happening. Last week, I posted Windows...

I recently took home a build of Windows Vista for my home machine, which happens to be a dual processor 64-bit Dell machine, and it made me curious about the differences between the x86 and x64 version of Vista – specifically security differences. After doing a brief bit of research, I found three unique security benefits in Vista x64: · Hardware NX protection on globally by default. · Kernel Patch Protection aka Patchguard. · Mandatory Kernel Module and Driver Signing. No eXecute...

Since my original post on last week's Symantec paper, they've released another one as noted by Joris Evers in Symantec continues Vista bug hunt . Now that I've read both of the first two papers, I note two perspectives from Symantec on this: 1) the perspective of the researchers in their paper, and 2) the uses that the Symantec marketing team may be attempting with the content. On the first perspective, the papers read like an analysis I would expect from a test team performed on a pre-release...

Ben Fathi, the Corporate VP of the Security Technology Unit has kicked off a new blog focused on Windows Vista Security. I've added a link on the side and you can read it here: http://blogs.msdn.com/windowsvistasecurity/ . Also, while I'm on the topic of Ben, let me remind you that he also hosts a Technet Chat that allows you to connect and ask him and his extended team any question you want each month directly. You can add the next one (August 10th) to your calendar, or pick from the list of...

UPDATE: Several readers sent me a link to the paper , so I have it now. Thanks! I didn't use "FUD" in my title, because it frankly gets used so often, and sometimes even applied to me . FUD (or Fear, uncertainty, and doubt ) is a sales or marketing strategy of disseminating negative (and vague) information on a competitor. Now, why I don't think this applies to my recent vulnerability metrics posts is: 1) I was very specific in the data and analysis, 2) the data was factual, 3) the analysis...

NOTE: I am not asserting that my vulnerability analysis demonstrates that Windows is more secure. Rather, I frequently hear and read Linux advocates making unsupported assertions to the opposite that Linux is inherently more secure than Windows. The "unsupported" part of that bothers me, so I check for myself. What I keep finding is that Linux distributions have more vulnerabilities, more serious vulnerabilities and the data does not support the assertions of security superiority for Linux and Open...