Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

  • Terry Zink: Security Talk

    Response to Trust-based messages

    • 1 Comments
    In my other post in a Q&A excerpt with Dave Crocker by Investor's Business Daily, I'd like to now respond to some of my selected quotes. Crocker: You have to create what I call a trust overlay to the existing e-mail system. Existing senders and receivers...
  • Terry Zink: Security Talk

    Some early stats on TMA

    • 1 Comments
    We finally got around to deploying all of our new features from our latest release.  As I explained a couple of months ago, I created a hybrid of SPF and SenderID in response to customer demand.  I called it TMA, or Terry's Message Authentication...
  • Terry Zink: Security Talk

    Spam's new nemesis: Trust-based messages

    • 3 Comments
    The other day I was reading Investors Business Daily and came across an article whose title you see in the subject line of this blog post.  The article is a Q&A Dave Crocker of BrandenBurg InternetWorking.  If you're like me and too lazy...
  • Terry Zink: Security Talk

    Classic Viagra spam

    • 0 Comments
    It's been a while since I processed the spam abuse inbox, but I came across the following spam message today. Usee \/ i a g r /\ Proo and all wmoen wiill be yorus. Etxend the qualtiy of yoour sxeual perfromance with Ge |\| eerik \/ i a g r /\. ...
  • Terry Zink: Security Talk

    If perception is everything, then Gmail needs better filtering

    • 5 Comments
    Every now and again, I get spam delivered to my inbox from one of the leading webmail services.  AFAIK, there are the big 4: Gmail, Yahoo, Hotmail and AOL. The thing is that to my work email account where I get some of my mail (ie, I eat our own...
  • Terry Zink: Security Talk

    Once again, I'm proven right about false positive lag time

    • 2 Comments
    I hate to brag (no, wait, I love to brag), but once again I have been proven right. One the problems with getting accurate statistics about false positives is that users quite regularly submit them late.  So, assume for the week of Dec 3 - Dec 10...
  • Terry Zink: Security Talk

    A rarity - I'm proven wrong!

    • 1 Comments
    The other day, I posted that the Christmas season is upon us and that there has not been a major correlation between an expected rise in Christmas spam and the actual spam that we are seeing on our networks. However, I believe that I have now seen such...
  • Terry Zink: Security Talk

    The 12 days of Christmas spam song

    • 0 Comments
    Kudos to Symantec for coming up with this 12 Days of Christmas Spam song.  Very clever. It's going to be very tough to top this.
  • Terry Zink: Security Talk

    Numbers don't lie, but they can confuse (part 3)

    • 1 Comments
    As I was saying in my previous post, one of the interesting relationships I have discovered is that the better our virus filters perform, the more spam our end-users see in their inbox (and the less total mail we see on our network). Another very interesting...
  • Terry Zink: Security Talk

    Numbers don't lie, but they can confuse (part 2)

    • 4 Comments
    As I was saying in my previous post, statistics, and correlation and scatter plots in particular, are excellent ways of verifying whether or not relationships within components of the spam filter are valid or if the theory is spurious. Now that I have...
  • Terry Zink: Security Talk

    Numbers don't lie, but they can confuse (part 1)

    • 1 Comments
    One of things I do here at Microsoft is look at numbers.  I have a table of statistics that I look at, not every day, but certainly a few times per week.  It's a table of the daily number of messages we block, how many are blocked by content...
  • Terry Zink: Security Talk

    Security risks in a powerful corporation

    • 1 Comments
    Last week, I was watching the season finale of the second season of Heroes.  It's not technically the season finale, but with the Hollywood writer's strike, they finished off the first part of the season until new episodes could be written. Anyhow...
  • Terry Zink: Security Talk

    It's December! Time for the spam season, right?

    • 5 Comments
    Ah, the holidays are upon us.  And, as we all know, 'tis the season for piles of spam! Or is it?  Last year, we saw a very large run up of spam heading into December, but in the month of December itself I saw nothing out of the ordinary. ...
  • Terry Zink: Security Talk

    Behind the scenes (part 2) - Now I know how Homer felt

    • 5 Comments
    Following on from my previous post about who shot Mr. Burns, don't worry, I'm building to something.  Mr. Burns begins to do a lot of evil things, including blocking out the sun.  The Simpson family is in their house discussing this turn of...
  • Terry Zink: Security Talk

    Behind the scenes (part 1) - now I know how Homer felt

    • 1 Comments
    Here at Microsoft, I am a Program Manager.  One of the projects that we are currently working on is slipping behind schedule (and it has barely even gotten started).  There are various components that have to be re-engineered and it's forcing...
  • Terry Zink: Security Talk

    Futurama is great

    • 2 Comments
    I had to comment about this post from the Spam Wars blog.  It's called the Futurama of Spam.  The blogger is a lot like me - he enjoys Futurama and he blogs about spam stuff.  The post ties together an episode of Futurama and how it relates...
  • Terry Zink: Security Talk

    Security risks at a big box retailer

    • 6 Comments
    Even though things like phishing and spoofing and hacking are what we normally think of when we consider electronic security risks, sometimes the simple things are what cause the biggest problems. I was recently in a big box retailer picking up some stuff...
  • Terry Zink: Security Talk

    A couple of types of spam analysts

    • 2 Comments
    Back in the early to late 1990's, when Winnipeg still had an NHL hockey team, I used to watch and listen to a lot of hockey.  I was a really avid sports fan.  After they left town and I started university I didn't follow the game as closely...
  • Terry Zink: Security Talk

    Review Part 2: Spam Kings

    • 6 Comments
    I'd like to continue on in my review of the book Spam Kings and make some more comments, particularly regarding the antispammers. One thing that I really liked about the book is learning the history of some of the spam tools.  I was never a participant...
  • Terry Zink: Security Talk

    Review: Spam Kings

    • 3 Comments
    A few months ago, I purchased the book Spam Kings , but only recently managed to get around to reading and finishing it.  In case you've never read it, it chronicles the stories of some spammers and the anti-spammers who fought them.  These...
  • Terry Zink: Security Talk

    Why change the FP metrics?

    • 6 Comments
    In the comments in my other post on the other side of accurate metrics, a fellow blogger writes the following: In my experience every vendor who quotes a FP figure bases it on the total number of inbound messages (including those that get 5xx-rejected...
  • Terry Zink: Security Talk

    Zune making up some ground in advertising

    • 1 Comments
    I'm currently watching a TV show when I saw an advertisement for a digital music player.  At first I thought it was an iPod commercial, and I was thinking "Hey, this is kind of a neat commercial... in terms of creativity in advertising." ...
  • Terry Zink: Security Talk

    The other half of accurate metrics

    • 5 Comments
    Referring back to my previous post on accurate metrics referring to spam-in-the-inbox, spam is one side while false positives are the other. Whereas we measure spam as a proportion of what the user sees, we can measure false positives as a proportion...
  • Terry Zink: Security Talk

    Accurate metrics

    • 8 Comments
    This past week, I started coming up with some new metrics on how to measure our effectiveness, specifically, our spam effectiveness. The way Hotmail does it is use a metric called Spam-in-the-inbox, or SITI for short.  It is a measure of the proportion...
  • Terry Zink: Security Talk

    The disadvantages of being a Program Manager

    • 1 Comments
    As a Program Manager in spam filtering in Exchange Hosted Services, there are plusses and minuses.  The advantages are described here .  But it's not all fun and games.  There are some drawbacks. Program managing means following up on the...
Page 37 of 46 (1,142 items) «3536373839»