Blog relocated again

Just a quick update, to make sure everyone knows. I’ve moved my blog from MSInfluentials to Please update your aggregators/bookmarks/favorites to I’ve posted the reasoning for my move, as well as a description of my personal foray into the cloud, over there.

Good bye, and good luck

Friends, as a part of Microsoft’s second round of restructuring, my position was eliminated yesterday and my employment with Microsoft has ended. While there were many rewards that came from my job, the most satisfying element was knowing that our time spent together helped improve everyone—whether at conferences or through this blog, I’ve learned as…


If you know the Conficker dude, we’ve got a prize for you

Yesterday (12 February 2009) Microsoft announced a partnership with technology industry leaders and academia to implement a coordinated, global response to the Conficker (aka Downadup) worm. Together with security researchers, Internet Corporation for Assigned Names and Numbers (ICANN) and operators within the Domain Name System, Microsoft coordinated a response designed to disable domains targeted by Conficker….


Today’s spam

Here’s what’s in my junk mail folder today: What is up with all that? Apparently I sent a payment to myself, I initiated another payment to myself, I am a user of myself who’s received exclusive offers for January, and I received a payment from myself. Wow! Furthermore, an internal discussion group (IPv6) is apparently…


Attacks against integrity

I’ve been mentioning this frequently during my talks in the last 12 months: that accidental or malicious data modification is yet something else we need to defend against. Richard Bejtlich wrote last year about attack progressions, and this year summarized an accidental integrity error that created minor havoc at Veteran’s Affairs health centers. Richard’s progression…


I want a Model 22 HDD Hard Drive Disintegrator

Here at Microsoft we have an active internal discussion group where most security-minded folk hang out. The topic of data destruction came up recently, it’s actually a lot more difficult than most people think. CIPHER /W and SDELETE do a reasonable job, but they aren’t perfect: the paper One big file is not enough: a…


Questions about virtualization and security?

Yesterday, Donnie Hamlett, a Microsoft core infrastructure optimization specialist, gave a webcast and played a video of my TechEd presentation on virtualization and security. Some of the viewers had questions, and I offered to Donnie that they could come to my blog to post them. I’ll extend that offer to all of my readers—if you’ve…


Poll: do you use scheduled scans for malware?

An  interesting comment recently appeared on my older post about whether or not to use antimalware software. Peter van Dam wondered whether scheduled scans are really necessary, given that anti-malware products scan files as they enter (and sometimes exit) a computer. He raises a good point, and I’m curious what all of you think? Do…


Updated Microsoft Security Assessment Tool

Greetings. In case you haven’t already read about it, we recently updated the Microsoft Security Assessment Tool (MSAT). Version 4.0 hit the web on 31 October. It’s been four years since the initial release, and two years since the prior version. Between then and now your security world has evolved a lot, and the tool…


Reading list from “How IT will change in the next 10 years”

At Windows Connections two weeks ago, during my keynote speech “How IT will change in the next 10 years and why you should care,” I mentioned several books worth reading. Many of you have asked for the list; here it is: The Cathedral and the Bazaar by Eric S. Raymond The Wisdom of Crowds by…