Michael Howard's Web Log
A Simple Software Security Guy at Microsoft!
August 2004 - Posts
More people warming up to Threat Modeling
31 August 04 05:47 PM
A nice article on the subject, focused firmly on infrastructure, written by Pete Lindstrom at Information Security Magazine: http://infosecuritymag.techtarget.com/ss/0,295796,sid6_iss446_art927,00.html The two opening para's sum it up nicely: The time
Read More...
Random Threat Modeling Thoughts
31 August 04 05:45 PM
I talk to many people about threat modeling. All the time! Invariably, an idea pops into my head about about ways to streamline things, or make them more concrete or usable. Just recently, I scribbled down some notes about threat modeling. I assume you
Read More...
IIS Auth Diagnostic tool now available
31 August 04 09:49 AM
Ages ago, I wrote a little DHTML tool to help people determine the appropriate authentication settings to use with different browsers, servers and Web servers. It helped a good many people, but it was simple. Today, the IIS team has released a much more
Read More...
Ya Gotta Larf
30 August 04 04:24 PM
http://www.jinx.com/scripts/details.asp?affid=-1&s=1&productID=143 :-)
Read More...
Windows XP SP2 Application Compat Guide Available
25 August 04 12:40 PM
"Application Compatibility Testing and Mitigation Guide for Windows XP Service Pack 2" is now available here . From the abstract: Windows® XP Service Pack 2 introduces a number of security features and technologies to help protect against attacks on computers
Read More...
Windows XP SP2 and Nikon Software
20 August 04 10:24 AM
Last night I bought a shiny new PC for home; it's based on an AMD Athlon 64 FX, with 2x160Gb SATA RAID-0 drives, 1Gig of RAM and an nVidia GeForce 6800 Ultra. It's pretty quick :) I got the AMD Athlon CPU primarily for the Data Execution Protection support.
Read More...
Updated MBSA now available
17 August 04 11:25 AM
Blurb from http://www.microsoft.com/mbsa : New version, MBSA 1.2.1, needed for Windows XP SP2 compatibility: Users of Windows XP Service Pack 2 will need to update their MBSA to version 1.2.1 for compatibility with SP2 security improvements. Windows XP
Read More...
Windows XP SP2 Privacy Statements Released
16 August 04 01:01 PM
The Windows Privacy Statement highlights 27 components that have historically been of interest to privacy advocates and customers, and the 6 page IE Privacy Statement highlights some of the new IE features including “Pop up Blocker”, “Untrusted Publishers”,
Read More...
Writing Secure Code 2nd Ed Errata
16 August 04 12:57 PM
I'm just gonna give a diff this time Chapter 16, Page 515 The URL for SiteLock is now incorrect – the new link is http://msdn.microsoft.com/archive/default.asp?url=/archive/en-us/samples/internet/components/sitelock .
Read More...
A little more info on raw sockets and Windows XP SP2
12 August 04 10:10 AM
There's been a little confusion about raw sockets and Windows XP SP2. Hopefully, this little entry from the "Changes in functionality..." doc (see my last blog entry for an URL to the doc) should explain things a little better: A very small number of
Read More...
"Changes in Functionality in Microsoft Windows XP SP2" now available
11 August 04 09:34 AM
I would highly recommend you read this! http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2chngs.mspx
Read More...
My Daily list o' Links
04 August 04 08:51 PM
I was asked by a TechEd attendee which web sites often visit. I scan the following every morning, just to see if there's any little tidbits of useful stuff: http://security-protocols.com/ http://www.csoonline.com/ http://www.governmentsecurity.org/ http://johnny.ihackstuff.com/
Read More...
A list of Code Secure columns
02 August 04 06:02 PM
I'm in New Zealand right now, talking at TechEd. A customer asked me where he could find list of all my old “Code Secure” columns on MSDN. I wasn't aware but things have moved around a little on msdn.microsoft.com, making it a little hard
Read More...
Go
This Blog
Home
Links
Email
Tags
General
Personal
Privacy
Rant
Security
Vista
Archives
April 2008 (5)
March 2008 (5)
February 2008 (4)
January 2008 (9)
December 2007 (4)
November 2007 (4)
October 2007 (6)
September 2007 (1)
August 2007 (2)
July 2007 (4)
June 2007 (13)
May 2007 (6)
April 2007 (8)
March 2007 (11)
February 2007 (4)
January 2007 (8)
December 2006 (4)
November 2006 (14)
October 2006 (5)
September 2006 (6)
August 2006 (6)
July 2006 (2)
June 2006 (7)
May 2006 (8)
April 2006 (2)
March 2006 (5)
February 2006 (6)
January 2006 (10)
December 2005 (2)
November 2005 (2)
October 2005 (1)
September 2005 (4)
August 2005 (5)
July 2005 (5)
June 2005 (3)
May 2005 (9)
April 2005 (8)
March 2005 (5)
February 2005 (9)
January 2005 (7)
December 2004 (7)
November 2004 (9)
October 2004 (11)
August 2004 (13)
July 2004 (4)
June 2004 (12)
May 2004 (17)
April 2004 (2)
March 2004 (2)
February 2004 (3)
January 2004 (2)
Syndication
RSS 2.0
Atom 1.0