When I tweeted last week that I am on my way to Algeria, I got quite some reactions and questions that I shall report how it was. So, let me try to briefly summarize my impressions.

I was invited to speak at a conference on certification in Algiers. Well, initially I pushed back as I did not understand how you can have a good conference during two days on certifications like Common Criteria etc – and it is not my core competence anyway. After discussions with our Country Manager, I realized that we were talking about certificates and eID – which made me change my mind.

The government of Algeria decided to invest in eID technology to help them to move one step towards a digital economy. So, there is definitely a lot of great intention, motivation and energy behind this idea and behind this project. To help them to learn from the breadth of industry experts and from other countries, the government decided, together with ITU, to invite for this conference. The importance of the initiative can be seen by the presence of the senior government elites as well: Out of 35 ministers Algeria three were present to open the conference – this showed commitment. And all of them stressed the importance of such an initiative.

Looking at the different presentations I have seen (I was not present during the whole conference, so this might not completely reflect everything), there were two main streams: Speakers (mainly vendors and consultants) explaining the technology and how good it is and that you are then able to link an identity “securely” to a person. Others (and all the Microsoft speakers were in this category) laid out that it is at least as important to understand what you are going to do with the eID to make it successful. So, the applications which consume the identity are very important to make an eID-project successful – this is pretty obvious but often forgotten in these projects. We have seen very good examples from developed countries being successful as the government as a whole moved to eGovernment and – in certain areas– only to eGovernment. This is probably the most common denominator amongst the speakers who did not “just push technology”.

So, there was this warning but then there were presentations as well, like the one from Kim Cameron (one of our identity gurus) actually showing how you can make this happen.

Overall, this was a very good conference. To close here, I would like to give you an anecdote which happened to me: After my presentation I left the podium and then one of the organizers from the government approached me and said “you scared us”. Well I immediately mapped that to my statements on the threat landscape. So, I answered like “well, this was not my intention but I thought that the threats are important to understand as well”. She looked at me and then said “no, I did not mean the threats but you raised so many valid questions we do not have an answer to yet. This scared us”.

Looking at this, it means to me that I probably accomplished my goal. Not to scare the Algerian government but to make them ask the right questions and start to look for an answer to them. To help there – I am looking forward to going back to Algeria (hoping that the Visa process and immigration is faster next time ;-) )

Roger

Today we were adding 17 additional markets to our Microsoft Security Essentials offering. I am really excited about that as all these markets are in EMEA: Algeria, Bahrain, Egypt, India, Jordan, Kuwait, Lebanon, Morocco, Oman, Pakistan, Qatar, Romania, Russia, Saudi Arabia, South Africa, Tunisia, and the United Arab Emirates. Additionally we added Russian an Romanian as languages. This is really exciting stuff – and the tool is a anti-malware solution for free!

If you want to see all the countries we make it available, look here: http://www.bing.com/maps/explore/#/f5n3nlg6vryj0282

As you know, this is a professional, free anti-malware solution and I guess that requirement that you need a genuine copy of Windows is not a limitation for you as you do not run a pirated copy anyway – right?

Get it and download it and run it – it got great feedback!

Roger

This is a pretty interesting approach: During the Copenhagen conference now, United Nations Environment Programme, esa and the European Environment Agency launched a website called the Environmental Atlas of Europe. The goal of this atlas is to give examples where people, organizations or communities are already working on the climate change challenge and what they are doing.

It is definitely worth looking at.

Roger

Last week there was quite some discussion about “successful attacks” on Bitlocker. Those discussions are often quite interesting for me as they show sometimes that people are looking for one technical solution for all the problems.

Bitlocker has a clear threat model it wants to protect you from. This is mainly the loss of your computer. If it is running and the attacker is admin – well Bitlocker cannot protect you. To quote a blog post of our Windows Security Team: Our discussions of Windows BitLocker have always been to communicate that it is intended to help protect data at rest (e.g. when the machine is powered off).

So, if you want to read the whole post, it is definitely worth it: Windows BitLocker Claims

Roger

You know, there are people who blog late, there are people who blog very late and then there is me…

I actually missed that one even though I was triggered: Mid November there was the Get Safe Online Week 2009 in the UK. Usually they do really good stuff and this is the reason I usually blog on it.

As I said, this time I missed it. However, there is an awful lot of good content on their website, especially about Money Mules. I think that it is worth spending some time and looking at the video on Money Mules and their webpage on the same subject or directly:

Roger