Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » Information Security   (RSS)
Wednesday, April 06, 2005 5:52 PM

Vulnerability analysis using search tools

Interesting article: Google Yourself to Identify Security Holes by Tony Bradley. His point is that security people should be using Google and the discussed tools as one facet of a vulnerability analysis program.
Posted by jeffnew | 1 Comments
Wednesday, April 06, 2005 3:54 PM

First open O/S, now open BIOS?

Sorry, I just can't get behind this: Battle brews over unlocking PC secrets . The PC industry has suffered for not having trusted mechanisms for identifying computers and locking down digital rights. I read the article and I still don't see Stallman's
Posted by jeffnew | 0 Comments
Monday, April 04, 2005 10:49 AM

How do we fight spyware when no one can agree what it is?

Ahh, the wonderful world of information security in the United States, where the threat of litigation can keep holes open and spyware active. eWeek has had a couple of articles this week on this topic. In The Chaotic World of Defining Spyware they discuss
Posted by jeffnew | 0 Comments
Tuesday, March 29, 2005 7:02 PM

7 computer security tips for students

My group didn't write this... that is, I don't think we did, although this may have come out of our Consumer team. But it is pretty good, basic advice for students that are heading off to school with their new laptops. School is in: 7 computer security
Posted by jeffnew | 39 Comments
Monday, March 28, 2005 9:43 AM

New! IPSec Guidance from Microsoft

My team just released a new security guide: Server & Domain Isolation Using IPSec and Group Policy . This soluton, aimed at enterprise IT Pros, is focused on how you can use IPSec and Group Policy to secure the data connections between systems. One
Posted by jeffnew | 0 Comments
Monday, March 28, 2005 9:31 AM

The Trustworthy Computing Security Development Lifecycle

If you're wondering how Microsoft bakes security into its software development practices, this paper (by one of the co-authors of "Writing Secure Code") takes you through the process. This is far more than a guide for individual developers; it goes through
Posted by jeffnew | 0 Comments
Monday, March 07, 2005 9:53 AM

Automagically isolating Internet worms

A paper from Microsoft Research (MSR), first published last summer, is getting new interest after MSR's internal TechFest last week. The idea is that hosts would analyze traffic hitting them and automatically broadcast alerts. While false negatives can
Posted by jeffnew | 2 Comments
Wednesday, February 16, 2005 10:04 AM

Is finding security holes a good idea?

Some interesting papers came out of the third annual Workshop on Economics and Information Security. If you're an IEE Computer Society member you can read the full text. Eric Rescorla's article, "Is Finding Security Holes a Good Idea?", provides a statistical
Posted by jeffnew | 35 Comments
Monday, February 07, 2005 8:57 PM

Hey, Mom finally gets security!

Interesting -- According to a UK study, demograpghics are skewing for home users, with older people buying a larger percentage of home infosec products (AV, etc.) and younger people being the ones that naively assume they're OK. Without the data it's
Posted by jeffnew | 0 Comments
Monday, February 07, 2005 9:00 AM

Former AOL employee pleads guilty in spam case

Ouch -- 92 million screen names and email addresses stolen from AOL. The guy netted $28k, and will have to pay $200-400k in restitution. Not exactly a lucrative business, was it? Once again we see privacy compromised from the inside -- nothing that the
Posted by jeffnew | 0 Comments
Wednesday, February 02, 2005 9:15 AM

Microsoft's Security Cooperation Program

I love how news reporting can subtly (or not so subtly) slant interpretations while professing to still be reporting facts. CNet's reporting of the Microsoft Security Cooperation Program is a great example. When I heard about this program I thought it
Posted by jeffnew | 0 Comments
 
Page view tracker