Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

  • Terry Zink: Security Talk

    Once again, I'm proven right about false positive lag time

    • 2 Comments
    I hate to brag (no, wait, I love to brag), but once again I have been proven right. One the problems with getting accurate statistics about false positives is that users quite regularly submit them late.  So, assume for the week of Dec 3 - Dec 10...
  • Terry Zink: Security Talk

    A rarity - I'm proven wrong!

    • 1 Comments
    The other day, I posted that the Christmas season is upon us and that there has not been a major correlation between an expected rise in Christmas spam and the actual spam that we are seeing on our networks. However, I believe that I have now seen such...
  • Terry Zink: Security Talk

    The 12 days of Christmas spam song

    • 0 Comments
    Kudos to Symantec for coming up with this 12 Days of Christmas Spam song.  Very clever. It's going to be very tough to top this.
  • Terry Zink: Security Talk

    Numbers don't lie, but they can confuse (part 3)

    • 1 Comments
    As I was saying in my previous post, one of the interesting relationships I have discovered is that the better our virus filters perform, the more spam our end-users see in their inbox (and the less total mail we see on our network). Another very interesting...
  • Terry Zink: Security Talk

    Numbers don't lie, but they can confuse (part 2)

    • 4 Comments
    As I was saying in my previous post, statistics, and correlation and scatter plots in particular, are excellent ways of verifying whether or not relationships within components of the spam filter are valid or if the theory is spurious. Now that I have...
  • Terry Zink: Security Talk

    Numbers don't lie, but they can confuse (part 1)

    • 1 Comments
    One of things I do here at Microsoft is look at numbers.  I have a table of statistics that I look at, not every day, but certainly a few times per week.  It's a table of the daily number of messages we block, how many are blocked by content...
  • Terry Zink: Security Talk

    Security risks in a powerful corporation

    • 1 Comments
    Last week, I was watching the season finale of the second season of Heroes.  It's not technically the season finale, but with the Hollywood writer's strike, they finished off the first part of the season until new episodes could be written. Anyhow...
  • Terry Zink: Security Talk

    It's December! Time for the spam season, right?

    • 5 Comments
    Ah, the holidays are upon us.  And, as we all know, 'tis the season for piles of spam! Or is it?  Last year, we saw a very large run up of spam heading into December, but in the month of December itself I saw nothing out of the ordinary. ...
  • Terry Zink: Security Talk

    Behind the scenes (part 2) - Now I know how Homer felt

    • 5 Comments
    Following on from my previous post about who shot Mr. Burns, don't worry, I'm building to something.  Mr. Burns begins to do a lot of evil things, including blocking out the sun.  The Simpson family is in their house discussing this turn of...
  • Terry Zink: Security Talk

    Behind the scenes (part 1) - now I know how Homer felt

    • 1 Comments
    Here at Microsoft, I am a Program Manager.  One of the projects that we are currently working on is slipping behind schedule (and it has barely even gotten started).  There are various components that have to be re-engineered and it's forcing...
  • Terry Zink: Security Talk

    Futurama is great

    • 2 Comments
    I had to comment about this post from the Spam Wars blog.  It's called the Futurama of Spam.  The blogger is a lot like me - he enjoys Futurama and he blogs about spam stuff.  The post ties together an episode of Futurama and how it relates...
  • Terry Zink: Security Talk

    Security risks at a big box retailer

    • 6 Comments
    Even though things like phishing and spoofing and hacking are what we normally think of when we consider electronic security risks, sometimes the simple things are what cause the biggest problems. I was recently in a big box retailer picking up some stuff...
  • Terry Zink: Security Talk

    A couple of types of spam analysts

    • 2 Comments
    Back in the early to late 1990's, when Winnipeg still had an NHL hockey team, I used to watch and listen to a lot of hockey.  I was a really avid sports fan.  After they left town and I started university I didn't follow the game as closely...
  • Terry Zink: Security Talk

    Review Part 2: Spam Kings

    • 6 Comments
    I'd like to continue on in my review of the book Spam Kings and make some more comments, particularly regarding the antispammers. One thing that I really liked about the book is learning the history of some of the spam tools.  I was never a participant...
  • Terry Zink: Security Talk

    Review: Spam Kings

    • 3 Comments
    A few months ago, I purchased the book Spam Kings , but only recently managed to get around to reading and finishing it.  In case you've never read it, it chronicles the stories of some spammers and the anti-spammers who fought them.  These...
  • Terry Zink: Security Talk

    Why change the FP metrics?

    • 6 Comments
    In the comments in my other post on the other side of accurate metrics, a fellow blogger writes the following: In my experience every vendor who quotes a FP figure bases it on the total number of inbound messages (including those that get 5xx-rejected...
  • Terry Zink: Security Talk

    Zune making up some ground in advertising

    • 1 Comments
    I'm currently watching a TV show when I saw an advertisement for a digital music player.  At first I thought it was an iPod commercial, and I was thinking "Hey, this is kind of a neat commercial... in terms of creativity in advertising." ...
  • Terry Zink: Security Talk

    The other half of accurate metrics

    • 5 Comments
    Referring back to my previous post on accurate metrics referring to spam-in-the-inbox, spam is one side while false positives are the other. Whereas we measure spam as a proportion of what the user sees, we can measure false positives as a proportion...
  • Terry Zink: Security Talk

    Accurate metrics

    • 8 Comments
    This past week, I started coming up with some new metrics on how to measure our effectiveness, specifically, our spam effectiveness. The way Hotmail does it is use a metric called Spam-in-the-inbox, or SITI for short.  It is a measure of the proportion...
  • Terry Zink: Security Talk

    The disadvantages of being a Program Manager

    • 1 Comments
    As a Program Manager in spam filtering in Exchange Hosted Services, there are plusses and minuses.  The advantages are described here .  But it's not all fun and games.  There are some drawbacks. Program managing means following up on the...
  • Terry Zink: Security Talk

    Watch your mistakes, limit their effects

    • 3 Comments
    As a stock trader, my trading style has evolved over time.  However, the one thing that I have always been good at is limiting my mistakes.  Book after book I read tells me that I should always cut my losses short and never let a small loss...
  • Terry Zink: Security Talk

    Missed my shot again!

    • 3 Comments
    In my other post, I mentioned that I missed my chance to see a famous American politician visit the Microsoft campus. Well, it turns out that it happened again! This morning, I came to work and was meeting some people in the hallway around 10 am and...
  • Terry Zink: Security Talk

    The advantages of being a PM

    • 6 Comments
    Here at Microsoft, we quite regularly see people rotating in and out of various divisions.  A new person will join and another person will leave.  Recently we had another anti-spam manager join the group.  Since I've been in the antispam...
  • Terry Zink: Security Talk

    Guest blogging on Forefront

    • 23 Comments
    So I am now a guest blogger on Forefront's Security blog (link in my links section).  Forefront is another division within Microsoft that provides security solutions for Enterprise. This afternoon, they came around and took some video footage of...
  • Terry Zink: Security Talk

    Sender authentication part 32: TMA Explained

    • 4 Comments
    As I said earlier, I needed to come up with an authentication mechanism that protected the From: or Sender: address in the message headers. But, I did not want to replace SPF with SenderID. So, I came up with another solution which I call TMA. I would...
Page 38 of 47 (1,162 items) «3637383940»