marklon
This is a blog about security, coding and malware in no particular order.
I write as a techie who handles security escalations from about 1/3 of the world. I spend a lot of time talking to customers with compromised networks.
Hello readers I am sorry that I haven’t updated my blog for a while. It has been a bit of a busy...
Date: 04/15/2008
Hello again I wanted to talk about some of the things that malware does to make itself hard to...
Date: 03/20/2008
Hi folks Just a quick heads up - we know that the link from the bulletin is broken. We had a problem...
Date: 03/12/2008
I saw a really old fashioned denial of service attack today. A customer was concerned that they were...
Date: 03/07/2008
Well, nothing like getting all of my news out of the way in one go. Because of my self imposed rule...
Date: 03/05/2008
Hello all I am sorry that I haven’t blogged for a while. It has been a bit of a busy time. After...
Date: 03/03/2008
Ah, another “update Tuesday” – known to the rest of the world as “patch Tuesday” but we are not...
Date: 02/12/2008
Ah, I am back in the office and settling into to my normal day to day work. I am fairly often asked...
Date: 01/21/2008
I know that I do - but I don't want you to think that I have dropped off the face of the planet. The...
Date: 01/11/2008
Hello all I am sorry that I haven’t updated this blog for a while. I haven’t forgotten, just been...
Date: 11/29/2007
Well, another update Tuesday done and dusted. We are not supposed to use the word "Patch" So, the...
Date: 10/17/2007
To save you scrolling down, let me restate Law #1 of the immutable laws of security: "If a bad guy...
Date: 09/24/2007
Hello ladies, gentlemen and others I am sorry that I have not blogged for a little while. I have...
Date: 09/18/2007
Paranoia : baseless or excessive suspicion of the motives of others What percentage of computers are...
Date: 08/28/2007
Hi there Sorry that it has been a little while since my last post. I have been away at a customer’s...
Date: 08/17/2007
Hello again I haven’t blogged in a little while because things have been fairly uneventful here....
Date: 08/02/2007
Malware is often thought of as an equal opportunity nasty. After all, real viruses affect the rich...
Date: 07/25/2007
Code reviews. What could be duller? It is very easy to put the brain in neutral and read the code in...
Date: 07/11/2007
Well, technically, how malware writers like to hide malware. In my last post, I talked about...
Date: 07/05/2007
In a slight change of pace, I would like to talk about malware and how things have evolved. I am not...
Date: 06/25/2007
Hello again As Will correctly pointed out, the signed/unsigned ‘conversion’ will break the code...
Date: 06/20/2007
Ah, another “Patch Tuesday” or “Update Tuesday” as we are supposed to call it. Patches have...
Date: 06/13/2007
I was asked to talk about Buffer overruns and I am happy to do that – although you will forgive me...
Date: 06/06/2007
Back after a busy time and a break. Sometimes we get pulled on to a critical issue where we burn a...
Date: 06/04/2007
Hello all. I am going to interrupt myself here to relate a discussion that I had with my colleague...
Date: 05/17/2007
Ah, another “Updates Tuesday” done although it will be a busy time for a few days yet. We often get...
Date: 05/09/2007
Writing secure code is a very good thing. So is designing secure applications. Together, they make...
Date: 05/04/2007
I am back – and sorry to have been away for so long. It has been a bit of a busy time since I last...
Date: 05/01/2007
There is a much parodied line from Rudyard Kipling’s poem, "If". The parody runs "If you can keep...
Date: 03/22/2006
One question that we are sometimes asked is "Why couldn’t your runtime recover from condition X"....
Date: 03/10/2006
VB6 has fallen off the supported list here at Microsoft. It had a good run since it was released in...
Date: 01/27/2006
Hello gentle readers I only had one request for different content and that was for more SOS...
Date: 01/18/2006
Hello all. I hope that the holiday season went well be it Christmas, Chanukah or (as in my case)...
Date: 01/03/2006
It has been a while since my last blog because I have been busy on a case which proved a little...
Date: 12/14/2005
Customers are now starting to use the release version in earnest. Inevitably, support cases are...
Date: 11/24/2005
This subject was being debated on a newsgroup that I subscribe to. I have been the matter some...
Date: 11/04/2005
The honest answer is “I don’t know”. I am fairly confident that the answer is “Not much” and smarter...
Date: 10/24/2005
Since the short list format seems popular, here are 20 things to consider when writing a component...
Date: 10/07/2005
Just a short blog today We sometimes get requests to look at performance issues. These are 10 points...
Date: 10/05/2005
This will be the only update this week because I am on holiday - actually, I am taking a break from...
Date: 09/28/2005
Tomorrow, Microsoft will be 30 years old. Just for a change, I will post a blog that isn’t about...
Date: 09/22/2005
I spend a lot of time looking at systems that are not working very well. Sometimes they are...
Date: 09/21/2005