November 2007 - Posts

YOUR FEEDBACK REQUESTED
I am in the position of the Chief Security Advisor in Europe, Middle East and Africa since February 1 st . Since then I am blogging here (before that I ran together with Urs the Swiss Security Blog). The hits per post rose over the first 6-7 months but Read More...
Posted 30 November 07 08:10 by rhalbh | 4 Comments   
Filed under ,
IE and Firefox vulnerabilities
I am still convinced that there is limited value in comparing vulnerabilities between different products. However, there are a few products which seem extremely emotional: The Operating System, Office, and the browser. We already discussed pretty emotionally Read More...
Posted 30 November 07 07:59 by rhalbh | 1 Comments   
Hackers using Playstations to crack Passwords
A reader of my blog actually pointed me to that (thank you Shoaib) and asked me for a comment. Here is the article: PlayStation a hacker's dream . It is really an interesting thing: Gaming consoles today have quite some computing power, so why should Read More...
Posted 29 November 07 11:42 by rhalbh | 1 Comments   
Security Threats in 2008
Well, slowly the year is coming to an end – 10% to go J . This is the time where everybody is looking back and – additionally – tries to look into the Crystal Ball to understand how 2008 could be. Interestingly enough, I just had the discussion about Read More...
Posted 26 November 07 04:16 by rhalbh | 1 Comments   
Filed under ,
Teach a Man to Fish
I just read a pretty good article that goes definitely into the direction I am trying to work with the different communities we are in touch. Even though technology is a key part of any security solution, the user is key and explaining the user the "why" Read More...
Posted 26 November 07 11:37 by rhalbh | 0 Comments   
Filed under , ,
I was visiting Nigeria – watch out!
You know that I rarely did trip reports in the past. I am personally convinced that you do not want to read, what I had for breakfast in Barcelona. But this trip was different. When I told the people around me that I will be travelling to Nigeria I got Read More...
Posted 23 November 07 08:14 by rhalbh | 3 Comments   
Filed under , , , ,
Are you ready for your users of the (near) future?
Yankee Group Study Actually near future might be wrong: I am convinced that the future (with regards to the requirements) is already here. We sponsored a study with Yankee Group with the title Anywhere Access Technologies - Open Enterprise Networks . Read More...
Posted 20 November 07 09:53 by rhalbh | 2 Comments   
Filed under , ,
The Value of Operating System Comparisons
Since Blaster/Slammer, namely since the start of Trustworthy Computing I am working at Microsoft in a publically facing security role. I went through all the blaming and had to take all the heat of what we did wrong and how bad we are – and I admitted Read More...
Posted 16 November 07 10:05 by rhalbh | 10 Comments   
Filed under , ,
Want to check your Up- and Download-Speed
I just stumbled across a pretty cool website allowing you to measure your up- and download speed wherever you are. Additionally you can compare it with others: http://www.speedtest.net Roger Read More...
Posted 15 November 07 01:38 by rhalbh | 0 Comments   
Filed under ,
More than 490’000 Database Server unprotected on the Web
David Litchfield ran a scan on the Internet for the typical SQL Server and Oracle ports. It is unbelievable that he found approx. 490'000 servers on the Internet – unprotected and often un-patched. On unsupported version levels, on unsupported Service Read More...
Posted 14 November 07 09:01 by rhalbh | 5 Comments   
Filed under ,
Be Careful Whom You Trust
When I talk to customers I sometimes ask them, whether they do background checks on whom they hire as employees or contractors. If it comes to security, the whole theme gets pretty sensitive. Imaging that you hire an employee to deal with your security Read More...
Posted 13 November 07 08:50 by rhalbh | 0 Comments   
Filed under , ,
TechEd-IT Forum: The Keynote and Announcements
I told you that I will keep you posted. We had some pretty exciting announcement at the keynote at IT Forum. For me, the whole area of virtualization is probably the biggest step forward. We announced that we name the official product/feature "Hyper-V", Read More...
Posted 12 November 07 03:20 by rhalbh | 0 Comments   
Filed under ,
IT Forum is about to begin
It is always fascinating to see an event of this size! I actually arrived in Barcelona yesterday night and yes, you might be jealous if you see the weather. But actually I will probably not have a lot of time to enjoy it - PR filled my schedule all over Read More...
Posted 12 November 07 10:35 by rhalbh | 0 Comments   
Filed under , ,
A fun reading on social engineering
I recently talked at different events on social engineering or at least touched the theme. You might know the layer 8 problem J When I had some discussions after my speech I realized that close to nobody (I talked with) knew about the "The Art of Deception: Read More...
Posted 09 November 07 04:36 by rhalbh | 0 Comments   
WabiSabiLabi and their view on ethics
I commented on that already twice and I stated that WabiSabiLabi seems to have a different view on ethics than me. For those of you who do not know WabiSabiLabi, it is an online auction for vulnerabilities . We met the founder of this platform during Read More...
Posted 08 November 07 08:27 by rhalbh | 1 Comments   
Filed under , ,
Mary Jo Foley: It’s payback time: If the Vista team could write ad copy …
Well, well: You know that I never ever would bash a competitor and I will not do so now. However, I have to give you the link to the above mentioned article – not because of the article but because of the comments the article got. It seems that our efforts Read More...
Posted 06 November 07 10:20 by rhalbh | 0 Comments   
Filed under ,
Fight against Terror and how it can be abused
I am not completely clear how much a lot of the measures we see (like the fluid restrictions on planes, the forced violation of privacy laws by airlines by having to transmit PII to the US, ...) really bring. On the other hand we definitely see some pretty Read More...
Posted 06 November 07 08:14 by rhalbh | 0 Comments   
Filed under ,
The next step at home: Windows Home Server
One of the big challenges we face all the time is how to control one of these growing networks at home. How shall I help my neighbors to actually manage their growing environment with different PCs (one per parent and one per kid and a mediacenter and, Read More...
Posted 06 November 07 05:03 by rhalbh | 1 Comments   
Filed under
Social Engineering - Live
I just found a pretty interesting article on "social engineering". It is one of these articles showing an anecdote on how to use social engineering to enter a building and get access to everything: The Spy in Your Server Room Roger Read More...
Posted 06 November 07 05:12 by rhalbh | 1 Comments   
Filed under
Pricelist for Cybercriminals
Remember Economy of Cybercrime ? I hope so! There I made the statement that Cybercrime has to pay off. On Zone-h today they summarized a research from G DATA with the title How much can cyberterrorist get ? In there you see how much you have to pay for Read More...
Posted 02 November 07 06:05 by rhalbh | 0 Comments   
Filed under , ,
SAFECode: Writing Secure Code – learning from each other
During RSA Europe an industry forum called SAFECode ( S oftware A ssurance F orum for E xcellence in C ode) was announced " to identify and share software assurance best practices, promote broader adoption of such practices into the cyber ecosystem, and Read More...
Posted 02 November 07 12:30 by rhalbh | 3 Comments   
Filed under , , , ,
Rumors about Cyber-Terror Attack, November 11th
This is an interesting phenomenon on the Internet: There is one source publishing the statement that they picked up an Internet announcement by Al Qaeda that they will start a cyber attack on November 11 th : DEBKAfile Exclusive: Al Qaeda declares Cyber Read More...
Posted 01 November 07 11:50 by rhalbh | 0 Comments   
Filed under
Spotlight – The coolest online event platform
You know about Silverlight, don't you? We built a new Online Event platform on it. Sorry? You did NOT hear of Silverlight yet? Come on, don't tell me you missed this announcement? It is absolutely cool and if you really missed it, there you go: Sliverlight Read More...
Posted 01 November 07 08:31 by rhalbh | 0 Comments   
Filed under , ,

Search

This Blog

Chat directly with me if you want. Go to my About page to find a web messenger!

Visit ourPhoto Gallery

Locations of visitors to this page

Rogers Security Blog at Blogged Add to Technorati Favorites

Syndication

Page view tracker