• Analysis of ANI vulnerability

    Michael Howard did a very good analysis of the ANI vulnerability and showed what we learned and where we will improve SDL (the Security Development Lifecycle). He posted that on our new SDL bog: http://blogs.msdn.com/sdl/archive/2007/04/26/lessons-learned...
  • Three Microsoft Announcements

    Last night Vinny Gullotto made some significant announcements at RSA Japan. At least for us they are significant: We published the second Security Intelligence Report. Now, you might ask, we this is significant. Think about the data sources, we...
  • Risks in Online Calendar Sharing

    Do you know that scenario: My wife would like to fix a meeting and should have access to my calendar. I am not available, therefore she cannot just call me but - again - she should see my availability. Not uncommon, isn't it? A typical solution for...
  • Yet another UAC discussion

    If I would have to nominate the number one feature of Windows Vista, it would be UAC. Not because I think that it is the most important feature (it is one important feature among a lot of others) but because UAC caused an unbelievable amount of press...
  • Protecting your disk with biometric devices?

    As you (hopefully) know, Windows Vista ships with a component we call Bitlocker - at least some of the Windows Vista versions do. Now, Bitlocker can be run with different way of protecting your keys: a TPM chip (basically a smartcard on your motherboard...