My Blackberry Is Not Working!

That’s absolutely great and worth spending the few minutes – enjoy: Roger


I sold my soul to Google, can I get it back?

Well, this question was not asked by me but by a guy called Joe Wilcox on Betanews: I sold my soul to Google, can I get it back?. He raises a few points I never really though of: While the organizations all charge something, not one puts content behind a true paywall. To do so…


On the effectiveness of DEP and ASLR

Our Security Research and Defense team published a blog post, which is really interesting to read to understand how to protect Windows Vista and Windows 7: On the effectiveness of DEP and ASLR. There is a lot of information on how both raise the bar for attackers. These are the key take away: DEP and…


Mitigating the use of Local Admin

We recently had internal discussions on the use of local admin and how to mitigate it. During this, Richard Diver, a Premier Field Engineer in APAC, wrote a great article how to do it. I wanted to make sure, you can see this as well. So, this is a guest blog. General Goals of Strategic…


Behind the Curtain of Second Tuesdays: Challenges in Software Security Response

You might know about Bluehat, which is an internal security conference we run several times an year. Some of the presentations we record and make them publically available. There is a really good one on the Microsoft Security Response Center. Dustin (the presenter) blogged on it Behind the Curtain of Second Tuesdays: Challenges in Software…


Security Development Lifecycle: Quick References

A quick one: An interesting download location: With the SDL Quick Security References (QSR), the Security Development Lifecycle (SDL) team introduces a series of basic guidance papers designed to address common vulnerabilities from the perspective of multiple business roles – business decision maker, architect, developer, and tester/QA. These papers will help you address a critical…


Publishing Secret or Sensitive Information

With a lot of interest I followed the media on the latest Wikileaks’ publication of sensitive documents from the US Government. At least here in Europe, there is a huge debate whether this publication is really problematic for the United States. A discussion I do not want to comment here, as I am not able…


The Cloud is Also Green

Yes, not only gray Seriously, we commissioned a study to see what the impact of cloud computing is not only to efficiency but the the environment. Can you save CO2 by moving to the cloud? I think something, we do not look at often enough. As pictures say more than 1000 words, here you see…


Information Security Management System for Microsoft Cloud Infrastructure

Just a quick one. Our Global Foundation Services organization (the ones who run our datacenters) just published a new whitepaper: Information Security Management System for Microsoft Cloud Infrastructure This paper describes the Information Security Management System program for Microsoft’s Cloud Infrastructure, as well as some of the processes and benefits realized from operating this model….