Mah Bluehat blogz – let me show you them!

My somewhat random thoughts on the battle for your PC and how it may play out in the coming year . . . (and by your PC I really mean your Mom’s since you’re of course running IE7 on Vista with UAC enabled and DEP forced on etc. right?):http://blogs.technet.com/bluehat/archive/2008/04/28/the-battle-for-the-browser-your-pc.aspx EDIT:  I’d like to give out…


Mac vs. PC – can’t we all just get along?

So I’m on the road with my boss . . . he brought his Mac . . . I brought my Vista x64 Dell.  They only offered wired internet so I decided to try out Vista’s connection sharing stuff . . . I figured I would plug in the cable and share the connection out…

1

PayPal throws down . . .

This is VERY interesting and I wonder what sort of time frame they plan on doing this in – because right now AFAIK their list of supported browsers would be IE7 and IE8 (based on the EVSSL statements). 🙂 http://www.eweek.com/index2.php?option=content&task=view&id=47667&pop=1&page=0&hide_js=1 Also found this to be very interesting:EV Certificates Unproven, but Best Solution Yet The jury…


Flash NULL pointer + offset code execution . . .

I tend to agree – Mark Dowd is clearly not human: http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-flash-exploit/ This kind of thing makes me want to like . . . go work on cars or something. 🙂 So here’s what’s sort of scary about Mark’s paper and mentioned in the Matasano post – but worth reiterating here . . . this paper could…

2

Hyper-V

So Brandon Baker is a senior guy on the Hyper-V team.  I just came across this blog post of his: http://blogs.msdn.com/rsa2008/archive/2008/04/07/isolation-of-virtual-machines.aspxIf you read my blog – you may have seen my blog from CanSec where Oded did a presentation on VMWare’s new VMSafe initiative / APIs and how shocked myself and many other attendees were…


Espionage using Office documents in the news

First a Wired article: http://www.wired.com/politics/security/news/2008/04/chinese_hackers Next a Businessweek article: http://www.businessweek.com/magazine/content/08_16/b4080032218430.htm We live in ‘interesting’ times.


IE8 – DEP enabled by default?

W00t!!!  So I guess this is public now: http://www.eweek.com/c/a/Security/Microsoft-Details-IE-8-Security-Default-Change/ This is huge . . . DEP is a fairly complex process on Windows today . . . far less trivial than I would like.  By default on our client operating systems your program has to somehow opt-in to DEP protection and if it doesn’t -…

1

I feel dirty . . .

So I’ve been running WS2008 for a while now.  I’ve got a nice beefy machine that I do all my repro work on.  It’s an Intel quad proc box with 4GB of RAM and an ATI Radeon x1950Pro.  I’ve got some nice LCDs and run multi-mon.  And I absolutely hate what we’ve done to the shell on…


Get Kraken!

So much ado is being made about Kraken in the press with people speculating this bot is bigger than storm – which was already terribly over-hyped in terms of numbers by the press.If you’re curious – here’s our AV team’s write-up on it here: http://www.microsoft.com/security/portal/Entry.aspx?ThreatId=-2147369263 and here: http://www.microsoft.com/security/portal/Entry.aspx?ThreatId=-2147368536 Our next Security Intelligence Report summarizing the last…