Steve Riley on Security

Formerly of Microsoft's Trustworthy Computing Group.

Browse by Tags

Related Posts
  • Blog Post: When you say goodbye to an employee

    ...what do you do with his or her account? Recently this question came up -- someone was asking for guidance on how to handle this very situation. And, as often happens, the question was more about process and policy than anything to do with the technical issues of account management. Those of you who...
  • Blog Post: August article: 802.1X on wired networks considered harmful

    Several months ago I learned from Svyatoslav Pidgorny, Microsoft MVP for security, about a problem in 802.1X that makes it essentially useless for protecting wired networks from rogue machines. Initially I was a bit skeptical, but the attack he described is in fact true -- I've seen it myself now. So...
  • Blog Post: Autorun: good for you?

    Yes, if you're a five-year-old and you're tired of always asking mom or dad how to start the game on the CD. No need to know how! Just pick up the disc (a little peanut butter on your fingers helps with the grip), slide it in the drive, and wait for the game to start. Groovy! No, if you're a security...
  • Blog Post: Throw away your digital picture frames

    Surely time itself has warped and it's suddenly April 1st. Come on, if you read the following, wouldn't you first think it was a hoax, as did I? Virus from China, the gift that keeps on giving An insidious computer virus recently discovered on digital photo frames has been identified as a powerful...
  • Blog Post: How to secure your wireless network

    I'm now a contributing editor for TechNet Magazine . Everyone with a TechNet subscription automatically receives it; if you don't have one, you can still get the magazine free . The magazine's published three issues so far: Winter 2005 , Spring 2005 , and November-December 2005 . You'll especially enjoy...
  • Blog Post: Blamestorming

    So, let's recap the sequence of events: The Sun-Sentinel newspaper in Fort Lauderdale accidentally republishes a six-year-old news story about the bankruptcy of UAL. It wasn't on the home page, but instead buried somewhere inside the web site. Google's news crawler (an automated thing, remember) finds...
  • Blog Post: New column -- The case of the stolen laptop

    Seems like once a week I hear from someone worried about stolen laptops -- or, worse, just joined the ranks of laptop theft victimhood. The best way to stay out of that club is to keep the thing with you at all times, or leave it in your hotel room when you don’t want to carry it around. Yes, everyone...
  • Blog Post: Configure your router to block DOS attempts

    Some time ago I had a discussion with a friend. He disagreed with my recommendations on how to configure a border router and the firewall behind it. I claimed that in the border router between you and your ISP, configure the six rules to block most denial of service traffic; in the firewall, configure...
  • Blog Post: More on Autorun

    Last month, in my post " Autorun: good for you? " I described why I believe you should disable Autorun on all computers in your organization. I also explained how you can do this for XP and Vista computers. Well, it turns out that Windows will override this setting if you insert a USB drive that your...
  • Blog Post: Yes, everyone knows you're a dog

    Amazing how long the legs are on the AOL search debacle. Of course, we in the online community often beat such storeis to death, if only because they deserve it! Recently Kim Cameron posted the search history of user 16006693, which flits "from politics, to retirement, to politics, to religion, to...