MSE – Microsoft Security Essentials schlagen sich tapfer

Hi… wenn man diesen Bericht so liest http://arstechnica.com/security/news/2009/10/av-comparatives-picks-six-malware-removal-winners.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss wird einem doch etwas warm ums Herz 😉 Der Bericht klassifiziert die Security Essentials doch in sehr akzeptable Regionen kommt, sowohl was Erkennung als auch das Entfernen von Malware betrifft. Es gab keinen der “Very Good” hatte – wir haben noch Luft nach oben – aber auch…

0

Überprüfung auf Korrektheit: Wie eine Problemstellung aus der theoretischen Informatik die Welt verändern kann

Hi… ich habe vor Jahren in einem Projekt mitgearbeitet bei dem es um eine Überprüfung der Funktion von Software ging. In meinem Falle ging es um die Genehmigung Kernkraftwerke steuern zu dürfen. Klingt erstmal dramatisch, ist aber technisch nicht so kompliziert wie zum Beispiel ein Flugzeug. Wenn die Steuerung bei dieser Art von Kernkraftwerk versagt,…

0

Two years of broken crypto

Hi… you all are still aware of the bug that had been introduced into Debian random key generation two years before it has been discovered. The whole IT world was victim since not only the code was used in different systems all over the place, the week keys generated spread also. In an issue of…

0

360° Security Roadshow – Videos online

Hi… you can find the content of the 360° Security Roadshow here http://www.microsoft.com/germany/msdn/events/archiv/securitydays2008/default.mspx (German only!!)   It was an interesting experience. I did the keynote and really tried to deliver some insights and backgrounds. At least the direct feedback showed I reached my personal goal 😉 CU 0xff

1

Startseite – Sonntag 2.0 @ mixxt

Hi… yes, we will try… our first mini-micro-nano-Barcamp. The real story behind it is interesting enough: We are in the process of doing a security roadshow. Since we had problems getting the locations filled (Developers and security is always the same…) we asked ourselves why not doing something completely different (just as Monty Python said)…

1

Secure Development Lifecycle and Web 2.0

Hi…   I found this nice blog entry http://blogs.msdn.com/sdl/archive/2008/02/28/sdl-and-web-2-0.aspx Every single word is true. My impression is that most people in this vibrant web 2.0 space still think they live in happy land where no bad people exist. Even worse: This might be true… in a awkward sense. As long as a hack simply add…

0

Is Developing too easy??

Hi… we have an interesting discussion internally on this article: http://www.informationweek.com/windows/showArticle.jhtml?articleID=205918671&cid=RSSfeed_TechWeb In short: The guy who cost the french bank you all know about 7 billion US$ just used VBScript and Office to do this. Hu, how bad is VBScript and Office?? Well… It is very obvious that he used the tools he had and…

1

Good Security Content….

Hi… to be very open, honest, and respectful: it is too much of a game but in the end it contains good security content… so bare with the game 😉 I really enjoyed the videos. One started with Yet another SQL injection… uha… how boring. But it turned out to be very amusing and interesting….

1

Forget about Security – We have a tool…

HI…   ok this is actually misleading: We (e.g. Microsoft or any other group I belong to) do not have a tool. But there are some people out there who claim to have one… I found this blog article by Michael Howard (see http://blogs.msdn.com/michael_howard/archive/2008/01/10/open-source-projects-certified-as-secure-huh.aspx) talking about this. While I don’t know Michael that personally (I…

1

Security Blog – The Techie Way

Hi… this is really the way I like it: We have always been asked if we could provide more insight in the what and the why behind security faults. The official answer 😉 was this is not necessary to cure the fault nor to understand its importance. This is just to satisfy some kind of…

1