See all products »
Curah! curation service
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Microsoft Fix It Center
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Steve Lamb's Blog
Development / coding
High Performance Computing
How to Articles
Integration / LINUX
JourneyThrough: Network Access Protection
Microsoft Office Sharepoint Server (MOSS) 2007
Nothing to do with Security whatsoever
SQL Server Business Intelligence
SQL Server Reporting Services
System Center & Management in general
TechNet Conversations podcasts
Viral Content Delivery
Windows 7 / Win7
Windows Phone 7
Windows Server 2008
Browse by Tags
Steve Lamb's Blog
Join us tomorrow (Tues 18th Oct) to find out all about Privacy and Dispell some Myths
I'm presentating two sessions from TechEd (written by Steve Riley, Jesper Johansson and Byron Hynes) tomorrow night (Tuesday 18th October) in our office on Thames Valley Park near Reading - the event's free to attend. If you'd like to join us then browse here to book your place . The details are listed...
17 Oct 2005
Free money from Microsoft - I don't think so - Ignore emails claiming to be from the Microsoft Award team
Several people have forwarded me email messages like the following which is bogus - if you receive something similar then disregard it. We don't have a "Ken Gate", nor do we send emails from "yahoo.co.uk" addresses either. From: "KEN GATE" < email@example.com >...
7 Nov 2007
Teaching Security to Developers
Thanks to everyone @ VBUG Birmingham last night for making me so welcome. I was greated with lots of Halloooween pumpkins - one of which was carved with a semi-colon in it rather than a face - a C# joke apparently! I delved into how Malware gets onto machines, how it works and how to avoid it....
1 Nov 2005
I'm looking forward to debating LINUX and OpenSource Security with the community at LUGRadio this weekend
If you're into Open Source and or LINUX and plan to be in the UK this weekend perhaps you'd enjoy LURadio Live 2006 . There's sure to be plenty of lively debate and if last year's event is anything to go by there are likely to be in excess of six hundred delegates. It's a "no suits" tough talking techie...
18 Jul 2006
Have you ever sent a txt that you've later regretted? Be careful if your brand new phone can post pictures to your blog
A friend of mine has just purchased a brand new mobile phone which includes the facility to post images to his blog. In principle this seems like a really useful feature for those who what are into blogging. As blogging becomes mainstream then removing the technical barriers through such developments...
18 Sep 2006
Information is NOT Power. Effective Security enables Powerful decisions
Information is NOT Power. Timely access to accurate information can give the holder the ability to make powerful decisions. Effective Information Technology can enable the required flow of information. Inappropriate Information Security Policues, Processes, application of controls and lack of awareness...
29 Apr 2006
Tweaking the file level security of the operating system is a bad idea!
Over the last week I've two people who are suffering pain due to corporate laptop builds that have been "secured" - meaning that an untold number of access controls have been changed and parts of the operating system have been removed to "enhance the security" of the system. A complete nightmare. The...
7 Apr 2008
A very convincing phishing scam: You Have Paid firstname.lastname@example.org $699.99 USD
I received the following phishing scam as depicted by the images below. The reason I found it convincing is that my emotive reaction was "I haven't bought a new laptop from Dell - this must be a fraudulent transaction" and towards the bottom of the email there was a "CANCEL TRANSACTION" link. Of course...
3 Feb 2007
Blog safely - advice for parents and children alike
There's some guidance on the Microsoft website targetted at helping both parents and children to blog safely - click here to view it. I'm sure we've all been amazed at how much personal information the average teenager gives out on their blog. The naive idea that posting to their blog is just like talking...
3 Oct 2005
Where to start with Effective Security - why do we need it?
The purpose of Information Technology is to make the right information available to the right people at the right time. The traditional approach to information security is the “no you can’t” syndrome. It's much more effective to define what the business actually needs and implement controls / raise...
17 Dec 2007
Announcing Internet Explorer 7+ for Windows Vista
The IE Team blog have announced that Internet Explorer running on Windows Vista will be known as Internet Explorer 7+ (IE 7+) to distinguish it from IE 7 on Windows XP. This makes sense to me as the prime additional feature of Internet Explorer on Windows Vista is "protected mode" - this means that...
14 Jun 2006
Spoof hacker message circulating on Facebook
I received the following message from a friend on Facebook earlier: "Not sure this is true but.....If somebody called email@example.com adds you DON'T accept it because it's a hacker. Tell everyone on your list because if somebody on your list adds them you get them on your list he'll figure out...
10 Aug 2007
Interesting video interviews with the FBI discussing security
Kai Axford has posted a series of short video interviews with representatives of the FBI – they are well worth a look – particularly if you are based in the United States as they include advice regarding whom to report breaches to. Check out The Security Show – the link is to a tag hence future episodes...
26 Aug 2008
The little apple logo will protect us all!
There's a little story on the ever entertaining Stupid Security blog that explains how the mere presence an Apple Mac logo is (or rather is not) enough to ward off all nasty malware. It made me smile. If only information was a simple as changing brands. Actually forget that as if it was that simple then...
9 Nov 2006
Here are some great free webcasts covering security and many other topics including Threat Modelling
There's a wealth of webcasts available from TechEd Orlando - I know it's a while since the event but the shear breadth of content makes this a handy source of knowledge. Many of the topics remain highly relavent including the following: Michael Howard's "Advances in Threat Modelling" How Microsoft...
29 Nov 2005
When will we stop using pen and paper? The lunacy of Legacy Writing Implements!
We have a lovely new building with a Gym in the basement - why on Earth do such places require me to find a legacy writing implement to sign up for a trial! I know that the question kind of answers itself in some respects as it's typically the requirement to "sign" the agreement that takes us back...
8 Oct 2007
Secure I.T. or lose IT - an interesting securty blog
Browse here to read a new interesting security blog written by Paul Vincent - he's titled it "Secure I.T or lose IT" which I particularly like. Paul blogs about "Microsoft security and how we can stop the bad guys from stealing our stuff" - it's well worth a look Paul is a friend of mine who contributed...
27 Mar 2006
GetSafeOnline: providing advice for consumers to help them stay safe on the Internet without blinding them with science
It's the fourth annual GetSafeOnline campaign week whereby the team will raise the profile of consumer internet safety through a revamped GetSafeOnline website (containing a wealth of commonsense "how to" information) and a range of media activity. It's a great cause as the campaign is not trying to...
17 Nov 2008
The InfoSec slides ARE NOW available - broken links are now fixed
Browse here to access the slides yourself. This follows yesterday's post which indicated that the links were broken - thanks to Craig et al who verified the problem.
5 May 2006
The GetSafeOnline tour is coming to a City near you very if you're in the UK
Tony Blair kicked off the Get Safe Online campaign at a press launch in London this morning. Microsoft in partnership with the UK Government and a many large companies are evangelising the importance of information security to the entire UK population - at least those who watch TV, read the major newspapers...
27 Oct 2005
What would you like to know about PKI?
Like many of you I've heard all the stories about how PKI (Public Key Infrastructure) "will save the day" for all our security concerns - this message was pushed particularly hard four to five years ago. PKI is a component of infrastructure which makes things like secure email (S/MIME), secure browsing...
26 Oct 2005
Are you allowed to set up an out-of-office message at your company?
Mark posted an interesting comment on my post regarding " Outlook 2007's Out of Office " feature stating that "several companies and government departments that prevent such messages from passing the corporate firewall". Does your organisation allow the use of Out-of-Office messages and if not why...
6 Jul 2007
How to become a Security Guru - do you seek perfection or good enough?
Errata Security includes an interesting post titled " How to become a security guru " which discusses the the tendancy for "guru's" to seek perfect rather than "good enough" solutions to problems thereby alienating themselves from those they seek to influence.I've included an extract below: Technical...
25 Jun 2007
How will Vista stop malicious code from compromising the Administrator account?
There are a range of new features and architectual changes in Windows Vista (and Server 2008) that help reduce the risk of using excessive privilege though you're still better off logging in as a non-privileged user where possible. If you log in as an adminstrator privileged account then you run the...
31 Jul 2007
How to solve the CreateFile() error encountered when applying SCW policy via the command line (scwcmd configure)
Security Configuration Wizard has a really handy command line as I'll demonstrate in an upcoming BlogCast. To apply an SCW policy you can issue the "scwcmd configure" command. Unlike the other scwcmd commands "configure" does not default to applying to the local machine. If you issue the following...
31 Jan 2006
© 2014 Microsoft Corporation.
Privacy & Cookies