marklon
This is a blog about security, coding and malware in no particular order.
I write as a techie who handles security escalations from about 1/3 of the world. I spend a lot of time talking to customers with compromised networks.
Please, put me out of a job here!
Hello readers I am sorry that I haven’t updated my blog for a while. It has been a bit of a busy...
Date: 04/15/2008
Malware that wants to stay - Some passive protection tricks
Hello again I wanted to talk about some of the things that malware does to make itself hard to...
Date: 03/20/2008
Small glitch - MS08-017 for Office 2000 is not currently downloadable
Hi folks Just a quick heads up - we know that the link from the bulletin is broken. We had a problem...
Date: 03/12/2008
Firewalls and old school attacks
I saw a really old fashioned denial of service attack today. A customer was concerned that they were...
Date: 03/07/2008
I passed my CISSP exam
Well, nothing like getting all of my news out of the way in one go. Because of my self imposed rule...
Date: 03/05/2008
Testing times
Hello all I am sorry that I haven’t blogged for a while. It has been a bit of a busy time. After...
Date: 03/03/2008
Security Updates - Are they the answer?
Ah, another “update Tuesday” – known to the rest of the world as “patch Tuesday” but we are not...
Date: 02/12/2008
Antimalware tools and tricks
Ah, I am back in the office and settling into to my normal day to day work. I am fairly often asked...
Date: 01/21/2008
Don't you hate blogs which are updates with no technical content?
I know that I do - but I don't want you to think that I have dropped off the face of the planet. The...
Date: 01/11/2008
Silent but not dead
Hello all I am sorry that I haven’t updated this blog for a while. I haven’t forgotten, just been...
Date: 11/29/2007
Malware: mitigating maladies might matter
Well, another update Tuesday done and dusted. We are not supposed to use the word "Patch" So, the...
Date: 10/17/2007
Can you break Law #1 and get away with it?
To save you scrolling down, let me restate Law #1 of the immutable laws of security: "If a bad guy...
Date: 09/24/2007
Living in an unsafe world
Hello ladies, gentlemen and others I am sorry that I have not blogged for a little while. I have...
Date: 09/18/2007
Trust me if you dare...
Paranoia : baseless or excessive suspicion of the motives of others What percentage of computers are...
Date: 08/28/2007
Being held to account
Hi there Sorry that it has been a little while since my last post. I have been away at a customer’s...
Date: 08/17/2007
Slow news day
Hello again I haven’t blogged in a little while because things have been fairly uneventful here....
Date: 08/02/2007
Targeted attacks - a sniper rifle, not a scattergun
Malware is often thought of as an equal opportunity nasty. After all, real viruses affect the rich...
Date: 07/25/2007
Code reviews. Stay awake at the back there
Code reviews. What could be duller? It is very easy to put the brain in neutral and read the code in...
Date: 07/11/2007
How malware likes to hide
Well, technically, how malware writers like to hide malware. In my last post, I talked about...
Date: 07/05/2007
Malware over the years. It is only paranoia if they are not out to get you
In a slight change of pace, I would like to talk about malware and how things have evolved. I am not...
Date: 06/25/2007
Subtle holes let in the most dangerous people
Hello again As Will correctly pointed out, the signed/unsigned ‘conversion’ will break the code...
Date: 06/20/2007
Buffer overruns - keeping the inside in
Ah, another “Patch Tuesday” or “Update Tuesday” as we are supposed to call it. Patches have...
Date: 06/13/2007
Buffer overruns and old school exploits
I was asked to talk about Buffer overruns and I am happy to do that – although you will forgive me...
Date: 06/06/2007
Types of vulnerabilities - the missing scales on the dragon
Back after a busy time and a break. Sometimes we get pulled on to a critical issue where we burn a...
Date: 06/04/2007
What if they Escape from Area 51 and eat the network?
Hello all. I am going to interrupt myself here to relate a discussion that I had with my colleague...
Date: 05/17/2007
Protecting against SQL injection attacks
Ah, another “Updates Tuesday” done although it will be a busy time for a few days yet. We often get...
Date: 05/09/2007
Secure code - things to consider, part 1
Writing secure code is a very good thing. So is designing secure applications. Together, they make...
Date: 05/04/2007
All change - From debugging to security
I am back – and sorry to have been away for so long. It has been a bit of a busy time since I last...
Date: 05/01/2007
Handling emergencies - When worst case == current case
There is a much parodied line from Rudyard Kipling’s poem, "If". The parody runs "If you can keep...
Date: 03/22/2006
A fate worse than death – well, the death of your process
One question that we are sometimes asked is "Why couldn’t your runtime recover from condition X"....
Date: 03/10/2006
Old school debugging - VB6 middleware applications
VB6 has fallen off the supported list here at Microsoft. It had a good run since it was released in...
Date: 01/27/2006
Shooting yourself in the foot with threads
Hello gentle readers I only had one request for different content and that was for more SOS...
Date: 01/18/2006
Happy new year – where do you want to go today? (R)
Hello all. I hope that the holiday season went well be it Christmas, Chanukah or (as in my case)...
Date: 01/03/2006
We answer all requests. Some we answer "No"
It has been a while since my last blog because I have been busy on a case which proved a little...
Date: 12/14/2005
What sort of support cases are we seeing with Whidbey?
Customers are now starting to use the release version in earnest. Inevitably, support cases are...
Date: 11/24/2005
What makes a good programmer?
This subject was being debated on a newsgroup that I subscribe to. I have been the matter some...
Date: 11/04/2005
What is wrong with Whidbey?
The honest answer is “I don’t know”. I am fairly confident that the answer is “Not much” and smarter...
Date: 10/24/2005
Ways to make libraries that don't stink
Since the short list format seems popular, here are 20 things to consider when writing a component...
Date: 10/07/2005
Quick tips for fast applications
Just a short blog today We sometimes get requests to look at performance issues. These are 10 points...
Date: 10/05/2005
Silence and dreams
This will be the only update this week because I am on holiday - actually, I am taking a break from...
Date: 09/28/2005
Happy Birthday to us – for tomorrow.
Tomorrow, Microsoft will be 30 years old. Just for a change, I will post a blog that isn’t about...
Date: 09/22/2005
Exceptions should be exceptional
I spend a lot of time looking at systems that are not working very well. Sometimes they are...
Date: 09/21/2005