Steve Riley on Security

Formerly of Microsoft's Trustworthy Computing Group.

Browse by Tags

Related Posts
  • Blog Post: Bugged Canadian coin story is...wait for it...BOGUS!

    Surely you've heard, too many times by now, about the radio transmitters "discovered" in some Canadian coins. From the moment I first read about it, the steamy stench of pasture patties loomed large in the air. I watched in amazement as the story grew and the apparent credibility so many "journalists...
  • Blog Post: The Internet routes around outages -- and censorship, too

    Have you seen this yet? " Grokster ruling begins the good fight " If you haven't, it's worth your time to read -- it's a terrible shibboleth for a U.S. "national firewall." Coursey is promoting the idea that all U.S. Internet access should pass through a firewall that will block file-sharing and gambling...
  • Blog Post: Security myths and passwords

    I like this a lot. http://www.cerias.purdue.edu/weblogs/spaf/general/post-30/ In the practice of security we have accumulated a number of “rules of thumb” that many people accept without careful consideration. Some of these get included in policies, and thus may get propagated to environments...
  • Blog Post: Myth vs. reality: Wireless SSIDs

    Do you ever wonder sometimes how it is that some ideas just won't die? Like the thought that not broadcasting your wireless network's SSID will somehow make you more secure? This is a myth that needs to be forcibly dragged out behind the woodshed, strangled until it wheezes its last labored breath, then...
  • Blog Post: New site at the top of my favorites list

    You know, stupid security abounds. I just discovered this site today, and I plan to become a regular visitor -- and probably a contributor, too! I encourage you to explore it and enjoy. Oh, some advice: it probably would be unwise to read an offline archived version of this site on an airplane. :) ...
  • Blog Post: Airport security silliness

    So today (Thursday 21 July 2005) I flew from Seattle to Dallas for a customer meeting. Since it's a short one-day affair, I packed my small carry-on size suitcase. In it was a pair of shoes, one pants, one shorts, two shirts, a toiletry bag, and my collection of wall warts (AC adpaters). Seems normal...
  • Blog Post: I want a Model 22 HDD Hard Drive Disintegrator

    Here at Microsoft we have an active internal discussion group where most security-minded folk hang out. The topic of data destruction came up recently, it’s actually a lot more difficult than most people think. CIPHER /W and SDELETE do a reasonable job, but they aren’t perfect: the paper One big file...
  • Blog Post: New column - debunking security myths

    There is a lot at stake in security configuration guidance. First, it is easy to understand why people are clamoring for it. Everyone can see the benefit in turning on some setting and blocking an attack. In some environments, doing so is not even an option. A system must be configured in accordance...