June 2006 - Posts
Last week Sam Ramji, Directory of the Open Source Software Lab here at Microsoft, swung by my office to chat about security stuff… here is the result .
Read More...
Following close on the heels of James Whittaker joining our group , I am delighted to announce that Adam Shostack has joined us too. His main focus, at least in the short-term is focusing on our threat modeling work. You can read his announcement here
Read More...
Chris is a top guy, this is a good read. http://www.matasano.com/log/332/matasano-interviews-ie-lead-pm-christopher-vaughan/
Read More...
A couple of people have asked about the relationship between /GS , SAL and ASLR in Windows Vista. Here’s my perspective, and it’s much bigger than just /GS, SAL and ASLR alone. There are two overarching goals at work – the first is to reduce the number
Read More...
A couple of people asked what “on by default” means with regards to ASLR in Windows Vista. The ‘default’ for ASLR in Windows Vista is: • Stacks and Heap are randomized (stack-randomization is on post-Beta 2) • EXEs and DLLs shipping as part of the operating
Read More...
I really never thought I would see this day! But this is a very interesting read. "..open source developers and security professionals accusing them [Microsoft] of being obsessed by security." http://www.artima.com/weblogs/viewpost.jsp?thread=162577 You
Read More...
I have in my paws a copy of the Security Development Lifecycle book... :) And I am told boxes of books are on the way to warehouses right now! It's always great to see the physical bits!
Read More...