YOUR FEEDBACK REQUESTED

I am in the position of the Chief Security Advisor in Europe, Middle East and Africa since February 1st. Since then I am blogging here (before that I ran together with Urs the Swiss Security Blog). The hits per post rose over the first 6-7 months but now started to slowly drop. However, looking at…

4

IE and Firefox vulnerabilities

I am still convinced that there is limited value in comparing vulnerabilities between different products. However, there are a few products which seem extremely emotional: The Operating System, Office, and the browser. We already discussed pretty emotionally (I liked that actually) the Operating System part. Office came into the spotlight in the last few days…

1

Hackers using Playstations to crack Passwords

A reader of my blog actually pointed me to that (thank you Shoaib) and asked me for a comment. Here is the article: PlayStation a hacker’s dream. It is really an interesting thing: Gaming consoles today have quite some computing power, so why should the bad guys not use them to do some brute force?…

1

Security Threats in 2008

Well, slowly the year is coming to an end – 10% to go J. This is the time where everybody is looking back and – additionally – tries to look into the Crystal Ball to understand how 2008 could be. Interestingly enough, I just had the discussion about the trends for 2008 this morning with…

1

Teach a Man to Fish

I just read a pretty good article that goes definitely into the direction I am trying to work with the different communities we are in touch. Even though technology is a key part of any security solution, the user is key and explaining the user the “why” is even more important. Read yourself: Teach a…

0

I was visiting Nigeria – watch out!

You know that I rarely did trip reports in the past. I am personally convinced that you do not want to read, what I had for breakfast in Barcelona. But this trip was different. When I told the people around me that I will be travelling to Nigeria I got a lot of different reactions…

5

Are you ready for your users of the (near) future?

Yankee Group Study Actually near future might be wrong: I am convinced that the future (with regards to the requirements) is already here. We sponsored a study with Yankee Group with the title Anywhere Access Technologies – Open Enterprise Networks. I read through it and tried to analyze the key findings in there: more than…

3

The Value of Operating System Comparisons

Since Blaster/Slammer, namely since the start of Trustworthy Computing I am working at Microsoft in a publically facing security role. I went through all the blaming and had to take all the heat of what we did wrong and how bad we are – and I admitted there and still do today that security was…

10

Want to check your Up- and Download-Speed

I just stumbled across a pretty cool website allowing you to measure your up- and download speed wherever you are. Additionally you can compare it with others: http://www.speedtest.net Roger

0

More than 490’000 Database Server unprotected on the Web

David Litchfield ran a scan on the Internet for the typical SQL Server and Oracle ports. It is unbelievable that he found approx. 490’000 servers on the Internet – unprotected and often un-patched. On unsupported version levels, on unsupported Service Packs. What is going on there? Are these test servers nobody cares of (they are…

5