Delen via


marklon

This is a blog about security, coding and malware in no particular order.

I write as a techie who handles security escalations from about 1/3 of the world. I spend a lot of time talking to customers with compromised networks.

Please, put me out of a job here!

Hello readers I am sorry that I haven’t updated my blog for a while. It has been a bit of a busy...

Date: 04/15/2008

Malware that wants to stay - Some passive protection tricks

Hello again I wanted to talk about some of the things that malware does to make itself hard to...

Date: 03/20/2008

Small glitch - MS08-017 for Office 2000 is not currently downloadable

Hi folks Just a quick heads up - we know that the link from the bulletin is broken. We had a problem...

Date: 03/12/2008

Firewalls and old school attacks

I saw a really old fashioned denial of service attack today. A customer was concerned that they were...

Date: 03/07/2008

I passed my CISSP exam

Well, nothing like getting all of my news out of the way in one go. Because of my self imposed rule...

Date: 03/05/2008

Testing times

Hello all I am sorry that I haven’t blogged for a while. It has been a bit of a busy time. After...

Date: 03/03/2008

Security Updates - Are they the answer?

Ah, another “update Tuesday” – known to the rest of the world as “patch Tuesday” but we are not...

Date: 02/12/2008

Antimalware tools and tricks

Ah, I am back in the office and settling into to my normal day to day work. I am fairly often asked...

Date: 01/21/2008

Don't you hate blogs which are updates with no technical content?

I know that I do - but I don't want you to think that I have dropped off the face of the planet. The...

Date: 01/11/2008

Silent but not dead

Hello all I am sorry that I haven’t updated this blog for a while. I haven’t forgotten, just been...

Date: 11/29/2007

Malware: mitigating maladies might matter

Well, another update Tuesday done and dusted. We are not supposed to use the word "Patch" So, the...

Date: 10/17/2007

Can you break Law #1 and get away with it?

To save you scrolling down, let me restate Law #1 of the immutable laws of security: "If a bad guy...

Date: 09/24/2007

Living in an unsafe world

Hello ladies, gentlemen and others I am sorry that I have not blogged for a little while. I have...

Date: 09/18/2007

Trust me if you dare...

Paranoia : baseless or excessive suspicion of the motives of others What percentage of computers are...

Date: 08/28/2007

Being held to account

Hi there Sorry that it has been a little while since my last post. I have been away at a customer’s...

Date: 08/17/2007

Slow news day

Hello again I haven’t blogged in a little while because things have been fairly uneventful here....

Date: 08/02/2007

Targeted attacks - a sniper rifle, not a scattergun

Malware is often thought of as an equal opportunity nasty. After all, real viruses affect the rich...

Date: 07/25/2007

Code reviews. Stay awake at the back there

Code reviews. What could be duller? It is very easy to put the brain in neutral and read the code in...

Date: 07/11/2007

How malware likes to hide

Well, technically, how malware writers like to hide malware. In my last post, I talked about...

Date: 07/05/2007

Malware over the years. It is only paranoia if they are not out to get you

In a slight change of pace, I would like to talk about malware and how things have evolved. I am not...

Date: 06/25/2007

Subtle holes let in the most dangerous people

Hello again As Will correctly pointed out, the signed/unsigned ‘conversion’ will break the code...

Date: 06/20/2007

Buffer overruns - keeping the inside in

Ah, another “Patch Tuesday” or “Update Tuesday” as we are supposed to call it. Patches have...

Date: 06/13/2007

Buffer overruns and old school exploits

I was asked to talk about Buffer overruns and I am happy to do that – although you will forgive me...

Date: 06/06/2007

Types of vulnerabilities - the missing scales on the dragon

Back after a busy time and a break. Sometimes we get pulled on to a critical issue where we burn a...

Date: 06/04/2007

What if they Escape from Area 51 and eat the network?

Hello all. I am going to interrupt myself here to relate a discussion that I had with my colleague...

Date: 05/17/2007

Protecting against SQL injection attacks

Ah, another “Updates Tuesday” done although it will be a busy time for a few days yet. We often get...

Date: 05/09/2007

Secure code - things to consider, part 1

Writing secure code is a very good thing. So is designing secure applications. Together, they make...

Date: 05/04/2007

All change - From debugging to security

I am back – and sorry to have been away for so long. It has been a bit of a busy time since I last...

Date: 05/01/2007

Handling emergencies - When worst case == current case

There is a much parodied line from Rudyard Kipling’s poem, "If". The parody runs "If you can keep...

Date: 03/22/2006

A fate worse than death – well, the death of your process

One question that we are sometimes asked is "Why couldn’t your runtime recover from condition X"....

Date: 03/10/2006

Old school debugging - VB6 middleware applications

VB6 has fallen off the supported list here at Microsoft. It had a good run since it was released in...

Date: 01/27/2006

Shooting yourself in the foot with threads

Hello gentle readers I only had one request for different content and that was for more SOS...

Date: 01/18/2006

Happy new year – where do you want to go today? (R)

Hello all. I hope that the holiday season went well be it Christmas, Chanukah or (as in my case)...

Date: 01/03/2006

We answer all requests. Some we answer "No"

It has been a while since my last blog because I have been busy on a case which proved a little...

Date: 12/14/2005

What sort of support cases are we seeing with Whidbey?

Customers are now starting to use the release version in earnest. Inevitably, support cases are...

Date: 11/24/2005

What makes a good programmer?

This subject was being debated on a newsgroup that I subscribe to. I have been the matter some...

Date: 11/04/2005

What is wrong with Whidbey?

The honest answer is “I don’t know”. I am fairly confident that the answer is “Not much” and smarter...

Date: 10/24/2005

Ways to make libraries that don't stink

Since the short list format seems popular, here are 20 things to consider when writing a component...

Date: 10/07/2005

Quick tips for fast applications

Just a short blog today We sometimes get requests to look at performance issues. These are 10 points...

Date: 10/05/2005

Silence and dreams

This will be the only update this week because I am on holiday - actually, I am taking a break from...

Date: 09/28/2005

Happy Birthday to us – for tomorrow.

Tomorrow, Microsoft will be 30 years old. Just for a change, I will post a blog that isn’t about...

Date: 09/22/2005

Exceptions should be exceptional

I spend a lot of time looking at systems that are not working very well. Sometimes they are...

Date: 09/21/2005

Next>