June 2006 - Posts

Interview with the Open Source Software Lab
30 June 06 11:26 AM
Last week Sam Ramji, Directory of the Open Source Software Lab here at Microsoft, swung by my office to chat about security stuff… here is the result . Read More...
Postedby michael_HOWARD | 0 Comments    
Adam Shostack Joins The Team!
26 June 06 12:22 PM
Following close on the heels of James Whittaker joining our group , I am delighted to announce that Adam Shostack has joined us too. His main focus, at least in the short-term is focusing on our threat modeling work. You can read his announcement here Read More...
Postedby michael_HOWARD | 0 Comments    
Matasano Interviews IE Lead PM Christopher Vaughan
20 June 06 04:29 PM
Chris is a top guy, this is a good read. http://www.matasano.com/log/332/matasano-interviews-ie-lead-pm-christopher-vaughan/ Read More...
Postedby michael_HOWARD | 1 Comments    
Filed under:
Windows Vista Security – A Bigger Picture
12 June 06 07:38 AM
A couple of people have asked about the relationship between /GS , SAL and ASLR in Windows Vista. Here’s my perspective, and it’s much bigger than just /GS, SAL and ASLR alone. There are two overarching goals at work – the first is to reduce the number Read More...
Postedby michael_HOWARD | 17 Comments    
Filed under: ,
Windows Vista Address Space Layout Randomization – What is Randomized?
06 June 06 09:30 AM
A couple of people asked what “on by default” means with regards to ASLR in Windows Vista. The ‘default’ for ASLR in Windows Vista is: • Stacks and Heap are randomized (stack-randomization is on post-Beta 2) • EXEs and DLLs shipping as part of the operating Read More...
Postedby michael_HOWARD | 7 Comments    
Filed under: ,
Microsoft under attack - and it's not what you think
02 June 06 10:58 AM
I really never thought I would see this day! But this is a very interesting read. "..open source developers and security professionals accusing them [Microsoft] of being obsessed by security." http://www.artima.com/weblogs/viewpost.jsp?thread=162577 You Read More...
Postedby michael_HOWARD | 10 Comments    
Filed under:
SDL book is shipping!
02 June 06 10:28 AM
I have in my paws a copy of the Security Development Lifecycle book... :) And I am told boxes of books are on the way to warehouses right now! It's always great to see the physical bits! Read More...
Postedby michael_HOWARD | 7 Comments    
Filed under: ,
Page view tracker