Browse by Tags
All Tags »
Scott (RSS)
I've seen people internally and externally ask for help copying files out of \Windows on the device, usually EXEs and DLL files. I'm not sure what their end goal - sometimes it's to try those binaries on a different device but there are probably other
Read More...
I read Joel Spolsky's blog from time to time. I am a little embarrassed to admit that I took the following entry a bit personally. Apparently—and this is all based on blog rumors and innuendo—Microsoft has had a long term policy of eliminating
Read More...
I have been working on this post slowly for several days, but Reed and Steve are seriously kicking my butt on posting solid developer-focused technical security content. Read their blog - they covered a lot of this material sooner and better than I did.
Read More...
Protect your question with an impenetrable cloak of vagueness. 1) Choose a subject line that conveys no information. This means that the subject matter expert needs to choose between spending more time on your message to figure out what it's about, or
Read More...
There are a few different things that people might mean when they say their phone is "locked". I wanted to provide this post to help define the different types of lock. SIM Locked This typically means that the phone will only work on the network of one
Read More...
My colleague Jason Langridge wrote a post about the storage card encryption feature in WM6. This is one of the features I worked on, so I'd like to host some FAQs about it here. What scenario is the feature designed to mitigate? It's fairly easy to remove
Read More...
Everybody who has worked at Microsoft for long enough has their war stories. I'll share one of my first, from Windows Mobile 6 development. It Sounded Simple Enough My first full feature at Microsoft was the storage card encryption feature in WM6. My
Read More...
As faithful blog readers already know, there were several limitations related to certificates that caused tons of customer pain on WM5. Now that WM6 is public, it gives me great pleasure to announce the following changes that we made in WM6: Certificate
Read More...
I’ve seen this question a few times on the newsgroup so I thought I’d take a stab at it. We’re having another freak winter storm in Redmond so it’s not like I can leave work anyway… What is GWES? Gwes is the Graphical Windowing and Event Subsystem. It’s
Read More...
At install time, we crack open the cab file and check for a signature on every executable (exe and dll) inside the cab. If any of the binaries are unsigned (or signed with a cert that doesn't chain to the code execution stores) then we'll display the
Read More...
Why do you care? This might be interesting to you if - you've ever wondered why people change security policy 4119 - you've ever developed a CeRapiInvoke DLL - you've ever wondered why DMProcessConfigXML behaves differently for an untrusted process vs.
Read More...
A few weeks ago I asked how you'd spend 100 feature dollars on Windows Mobile. When we do this exercise, we typically brainstorm a list of features that we'd like to do or that have been requested in the past. We cost the features ourselves, and then
Read More...
Say hello to the SslChainSaver tool. This is a tool that I wrote internally to troubleshoot SSL connections and I'm finally able to offer it publically. Use this tool when you want to to add new root or intermediate certificates to a device for an SSL
Read More...
We go through this exercise during the planning stages with customers sometimes. I like it because "to ship is to choose" - it's easy to describe things you want, but we have to ship the product eventually and some things don't make it. Deciding what
Read More...
I'm trying to gather some additional data to help address this problem. If you've had trouble syncing to the exchange server because you couldn't add root certs, can you please give me this information: - Was this a self-signed certificate or was it purchased
Read More...