Steve Riley on Security

Formerly of Microsoft's Trustworthy Computing Group.

Browse by Tags

Related Posts
  • Blog Post: When you say goodbye to an employee

    ...what do you do with his or her account? Recently this question came up -- someone was asking for guidance on how to handle this very situation. And, as often happens, the question was more about process and policy than anything to do with the technical issues of account management. Those of you who...
  • Blog Post: The bad guys will use BitLocker, too

    Got an email today from a customer asking about how BitLocker will affect the ability of law enforcement to conduct forensic analysis of a protected hard drive. Specifically, the person was asking about any back doors that law enforcement could use to bypass the encryption. The answer is very simple...
  • Blog Post: Myth vs. reality: Wireless SSIDs

    Do you ever wonder sometimes how it is that some ideas just won't die? Like the thought that not broadcasting your wireless network's SSID will somehow make you more secure? This is a myth that needs to be forcibly dragged out behind the woodshed, strangled until it wheezes its last labored breath, then...
  • Blog Post: Changing the SSL cipher order in Internet Explorer 7 on Windows Vista

    Recently, the question of using AES for SSL has come up in the newsgroups and at some conferences. When IE makes an HTTPS connection to a web server, it offers a list of cipher supported cipher suites. The server then selects the first one from the list that it can match. The default order that IE follows...
  • Blog Post: Directly connect to your corpnet with IPsec and IPv6

    Contrary to popular belief, the rumors of my demise have been greatly exaggerated. Well, ok, no actual rumors, but hey, one can dream, huh? My spring calendar was full of events in Asia and Australia, then TechEd US seemed to suddenly appear out of nowhere! So I've been kinda swamped. I've missed writing...
  • Blog Post: BitLocker command line interface

    Last week at TechEd Europe I showed the BitLocker command-line interface. At other TechEds I've mentioned it but didn't show it. The CLI provides full control over BitLocker, including enabling it on any NTFS volume on the system (the Control Panel UI displays only the volume containing the operating...
  • Blog Post: Protect your data: everything else is just plumbing

    Take a few moments and indulge in a thought exercise with me. Consider your company’s complete collection of information processing assets—all the computers, the networks they’re connected to, the applications you use, and the data and information you manipulate. Which of those is the most valuable?...
  • Blog Post: Do you need RMS/IRM in Office for Macintosh?

    Please let me know if this is a feature you'd be interested in. We're looking to build the business case to develop it, and the best way to do that is for you, our customers, to let us know. Also, if any of you want to deploy RMS now but can't because there's currently no Mac support, I especially need...
  • Blog Post: Microsoft IPsec diagnostic tool

    IPsec is a wonderful technology for identifying computers and securing the exchange of data between them. I've written and spoken extensively about in the past. It is, however, a bit of a challenge to configure, especially if you're newly learning about it. Microsoft recently released a diagnostic tool...