June 2007 - Posts

My Last Day in Redmond
29 June 07 03:33 PM
Well, today is my last day in Redmond. It's pretty sad, but I'm really looking forward to being in Austin. It's been a long stretch selling the house, buying a house, dealing with builders (if you're considering building, let me know, and I'll give you Read More...
Postedby michael_HOWARD | 15 Comments    
Filed under:
Lessons Learned from MS07-029: The DNS RPC Interface Buffer Overrun
28 June 07 02:20 PM
I just posted the root cause analysis for the DNS RPC buffer overrun over on the SDL blog. Read More...
Postedby michael_HOWARD | 0 Comments    
Filed under: ,
"How Software is Built" Interview
25 June 07 02:34 PM
Some months back I was interviewed by howsoftwareisbuilt.com, we talked about everything you could imagine that relates to security. After reading it, it looks like they minimal editing too. I like that. http://howsoftwareisbuilt.com/2007/06/24/michael-howard-microsoft-interview Read More...
Postedby michael_HOWARD | 0 Comments    
Filed under:
SDL Crypto Code Review Macro
14 June 07 04:30 PM
Over the last few weeks I've been experimenting with the Visual Studio 2005 macro and extensibility framework to build security-related tools. I'm a big believer in "learning by doing" so I thought I would create a macro to help me do some code reviews. Read More...
Postedby michael_HOWARD | 8 Comments    
Filed under:
Attachment(s):SDLCrypto.zip
SDL Training at the Microsoft Security Response and Safety Summit
14 June 07 03:55 PM
Dave Ladd has just made a post over on the SDL blog about some SDL training we gave for partners at the Microsoft Security Response and Safety Summit. It's an interesting read, but more importantly, I have no doubt we'll be doing more of this as start Read More...
Postedby michael_HOWARD | 0 Comments    
Filed under:
Give me strength: My kids have discovered Pokemon
12 June 07 10:43 AM
It's official. I'm old. I have no freakin' clue what my kids are talking about. They love Pokemon, and they spend ages together (which is cool) talking about this stuff. My son can recite the relationship between each and every Pokeman; what they do, Read More...
Postedby michael_HOWARD | 3 Comments    
Filed under:
The Bluetooth Keyboard Mystery: Solved.
05 June 07 06:50 AM
My wife's got a pretty spec'd out box at home with a 30inch widescreen LCD flat panel and a Microsoft Bluetooth keyboard and mouse . She loves it. But every now and then the keyboard simply stops working. To make matters worse, I can't find my wired keyboard. Read More...
Postedby michael_HOWARD | 10 Comments    
Filed under:
Well, I never expected this. Take 2
05 June 07 06:36 AM
Yesterday, based on some negative feedback, I made a post stating I would keep my blog a tech blog rather than adding anything personal. Oh-my-God did the floodgates open! Basically, I got twenty times more email and comments saying, "No, post the personal Read More...
Postedby michael_HOWARD | 1 Comments    
Filed under:
Well, I wasn't expecting that!
04 June 07 06:59 AM
Yesterday, I decided to add a more personal angle to my blog by posting about my kids. Well, I got a ton of email saying, "keep it technical." OK! I listened. It's tech from now on :) Read More...
Postedby michael_HOWARD | 19 Comments    
Filed under:
The Most Complex SAL annotation
03 June 07 06:49 AM
While working on " Writing Secure Code for Windows Vista " I spent a good deal of time spelunking the new crypto stuff, CNG . One of the APIs is BCryptResolveProviders , and the last argument is pretty complex: If you pass NULL, it fails and tells you Read More...
Postedby michael_HOWARD | 5 Comments    
Filed under: ,
From the Mouths of Babes
03 June 07 06:27 AM
A few weeks ago someone in my group suggested I blog about more than security. I asked, "Why?" He said, "So people will realize you're not a droid!" So here is my first post that has nothing to do with security, it's about parenting. More to the point, Read More...
Postedby michael_HOWARD | 5 Comments    
Filed under:
Recent CRN Article comparing Windows XP SP2 and Windows Vista
03 June 07 06:04 AM
Jeff has a post about the recent CRN and Ars Technica articles comparing XPSP2 and Vista security. One thing I love about Jeff is he's blunt. Damned blunt. Read More...
Postedby michael_HOWARD | 1 Comments    
Filed under: , ,
At TechEd this Week
03 June 07 05:46 AM
Hi from Orlando I'm presenting at TechEd this week - I have two sessions, one is a "chalktalk" tomorrow (Monday 4th) from 10:30 - 11:45 entitled "Everything-Developer-Security." I have no agenda! I'll do what I did last year: open notepad, enter a few Read More...
Postedby michael_HOWARD | 0 Comments    
Filed under: ,
Page view tracker