Browse by Tags

Blog relocated again
Just a quick update, to make sure everyone knows. I've moved my blog from MSInfluentials to WordPress.com. Please update your aggregators/bookmarks/favorites to http://stvrly.wordpress.com . I've posted the reasoning for my move, as well as a description Read More...
Posted 19 August 09 03:02 by Steve Riley | 0 Comments   
Filed under
Good bye, and good luck
Friends, as a part of Microsoft’s second round of restructuring, my position was eliminated yesterday and my employment with Microsoft has ended. While there were many rewards that came from my job, the most satisfying element was knowing that our time Read More...
Posted 06 May 09 01:11 by Steve Riley | 131 Comments   
Filed under ,
If you know the Conficker dude, we've got a prize for you
Yesterday (12 February 2009) Microsoft announced a partnership with technology industry leaders and academia to implement a coordinated, global response to the Conficker (aka Downadup) worm. Together with security researchers, Internet Corporation for Read More...
Posted 13 February 09 09:39 by Steve Riley | 5 Comments   
Filed under , , ,
Today’s spam
Here’s what’s in my junk mail folder today: What is up with all that? Apparently I sent a payment to myself, I initiated another payment to myself, I am a user of myself who’s received exclusive offers for January, and I received a payment from myself. Read More...
Posted 21 January 09 10:13 by Steve Riley | 12 Comments   
Filed under , ,
Attacks against integrity
I’ve been mentioning this frequently during my talks in the last 12 months: that accidental or malicious data modification is yet something else we need to defend against. Richard Bejtlich wrote last year about attack progressions , and this year summarized Read More...
Posted 20 January 09 08:28 by Steve Riley | 3 Comments   
Filed under , ,
I want a Model 22 HDD Hard Drive Disintegrator
Here at Microsoft we have an active internal discussion group where most security-minded folk hang out. The topic of data destruction came up recently, it’s actually a lot more difficult than most people think. CIPHER /W and SDELETE do a reasonable job, Read More...
Posted 20 January 09 01:43 by Steve Riley | 10 Comments   
Filed under , ,
Questions about virtualization and security?
Yesterday, Donnie Hamlett, a Microsoft core infrastructure optimization specialist, gave a webcast and played a video of my TechEd presentation on virtualization and security. Some of the viewers had questions, and I offered to Donnie that they could Read More...
Posted 09 January 09 09:46 by Steve Riley | 4 Comments   
Filed under ,
Poll: do you use scheduled scans for malware?
An  interesting comment recently appeared on my older post about whether or not to use antimalware software. Peter van Dam wondered whether scheduled scans are really necessary, given that anti-malware products scan files as they enter (and sometimes Read More...
Posted 05 January 09 12:03 by Steve Riley | 18 Comments   
Filed under , ,
Updated Microsoft Security Assessment Tool
Greetings. In case you haven’t already read about it, we recently updated the Microsoft Security Assessment Tool (MSAT). Version 4.0 hit the web on 31 October. It’s been four years since the initial release, and two years since the prior version. Between Read More...
Posted 01 December 08 08:13 by Steve Riley | 6 Comments   
Filed under , ,
Reading list from “How IT will change in the next 10 years”
At Windows Connections two weeks ago, during my keynote speech “How IT will change in the next 10 years and why you should care,” I mentioned several books worth reading. Many of you have asked for the list; here it is: The Cathedral and the Bazaar by Read More...
Posted 24 November 08 11:39 by Steve Riley | 4 Comments   
Filed under , ,
Comments, administrivia, and the future of the “infosec professional”
Back when the spam was spiraling out of control, I configured my blog to close comments after 90 days. I’ve removed the limitation now, for two reasons: the spam is under control, and I wanted to reply to a comment made to my post on IPsec/IPv6 direct Read More...
Posted 15 October 08 03:29 by Steve Riley | 14 Comments   
Filed under ,
Ethernet and WiFi and Bluetooth, oh my!
Customers have long requested a way to configure a computer to automatically disable its wireless NIC when its Ethernet is in use. Many third-party utilities can do this for you, but neither XP nor Vista have a built-in way to accomplish this, nor will Read More...
Posted 15 October 08 02:16 by Steve Riley | 19 Comments   
Filed under , , , ,
Passgen tool from my book
Way back in 2005, Jesper Johannson and I wrote Protect Your Windows Network . It’s still available , and although its product set is now somewhat dated (Windows XP and Server 2003), much of the practical advice about security policies, social engineering, Read More...
Posted 29 September 08 01:42 by Steve Riley | 14 Comments   
Filed under ,
Sao Paulo, here I come
I have a new TechEd destination this year: Brazil. It’ll be my first time to speak at our event there; indeed, even my first time to travel to South America. I’m looking forward to it. The event runs during 14-16 October 2008 . I’m delivering the same Read More...
Posted 29 September 08 10:31 by Steve Riley | 14 Comments   
Filed under
Internet Explorer security levels compared
A pretty good question came across the newsgroups the other day. Someone was asking what are the differences between IE's "medium" and "medium-high" security settings. I did some digging, and found only this on MSDN: About URL security Read More...
Posted 16 September 08 05:19 by Steve Riley | 9 Comments   
Filed under ,
More Posts Next page »

Search

This Blog

Resources for you

Locations of visitors to this page
View blog authority Add to Technorati Favorites

 Subscribe with FeedBurner

Subscribe, translate, or sort with BlastCasta
Homeland stupidity threat:
Homeland Stupidity Threat Level

Syndication

Page view tracker