Archives

• April 2008
• October 2007
• September 2007
• August 2007
• July 2007
• June 2007
• May 2007
• April 2007
• March 2007
• February 2007
• January 2007
• December 2006
• November 2006
• October 2006
• September 2006
• August 2006
• July 2006
• June 2006
• May 2006
• April 2006
• March 2006
• February 2006
• January 2006
• December 2005
• November 2005

Categories

• AI (1)
• authentication (4)
• Blogging (38)
• Culture (27)
• DDK (89)
• General nonsense (29)
• Intellectual Property (9)
• Microsoft (52)
• Networking (23)
• PhoneFactor (5)
• Positive Networks (8)
• Programming (115)
• Security (46)
• two-factor (4)
• Uncategorized (37)
• Vista (34)
• WDK (23)
• Windows (55)

Links

• A Hole In My Head
• Alex Ionescu's Blog
• Antimail
• Buggin' My Life Away
• craigrow: blogging about developing, testing and getting a logo for your drivers using the Windows Driver Kit and the Driver Test Manager
• Dana Epp's ramblings at the Sanctuary
• DebugInfo.com - Oleg Starodumov
• Fabulous Adventures In Coding
• Joel on Software
• Larry Osterman's WebLog
• Lori Pearce's WebLog
• Mark's Sysinternals Blog
• Metasploit
• Michael Howard's Web Log
• Nynaeve
• Pointless Blathering
• Positive Networks
• Positive Networks Blog
• Q & Stuff
• Schneier on Security
• Schwieb
• Sorting It All Out
• The Old New Thing
• Under The Hood - Matt Pietrek

Meta

• Register
• Login
• Valid XHTML
• XFN
• WordPress
• Domain
• Website Design
• Web Hosting

More security libraries

Michael Howard posts about security libraries that can be used as drop-in replacements for the older, less-secure stuff. I’ve covered StrSafe and IntSafe before; looks like there are a couple of others too that I didn’t know about.
Update: Doron just posted saying that ntstrsafe has also been recently revised to handle UNICODE_STRINGs more elegantly, too.

Security, Programming No Comments February 27th, 2006

Peter Wieland blogging

When it rains, it pours! First Doron Holan starts blogging, and now it seems that Peter Wieland, another Microsoft kernel-type guy, has started a driver-related blog as well. Go check it out. The number of Windows driver development blogs just tripled!
It’s really high time for me to update the blogroll. Soon, I promise.

Blogging, DDK 1 Comment February 27th, 2006

5308 WDK initial testing

I downloaded and installed the 2 gigabyte 5308 WDK this evening. I continue to be impressed with the improvements Microsoft is making in the kit; it’s nice to see what happens when the company really prioritizes something.
This is a pretty complete kit - PreFAST, SDV, WDF (both KMDF and UMDF, according to the install screen), […]

Vista, DDK 3 Comments February 25th, 2006

Randomness and personal security

It’s funny how synchronized the world can be at times. Last night I was having a conversation with someone about the random part of social security numbers, and today Bruce Schneier points me at this interesting phishing attack, which was successful in part because of exactly the same problem.
The security issue is this: people are […]

Security 4 Comments February 22nd, 2006

New CTPs available

The February CTP builds of Vista and WinFX are available at http://msdn.microsoft.com/windowsvista/getthebeta/default.aspx. Enjoy!
Here is a great blog post showing some of the new features and changes in this build. Screenshots!

Vista No Comments February 22nd, 2006

Shakespeare and Dies Irae and Berlioz

This is completely nontechnical, but it’s been on my mind all morning. Feel free to fast-forward.
So, one of my favorite plays of Shakespeare is Macbeth, and one of my favorite scenes is Act IV, Scene 1, in which the three witches make some very equivocal prophesies to Macbeth. These lines pop into […]

Culture 2 Comments February 22nd, 2006

Compiler lab RSVP extended

I just got a comment from Kathy at Microsoft that the compiler lab RSVP has been extended to March 3. More details are available on her blog.

Programming No Comments February 22nd, 2006

Don Quixote of Kansas City

I’m listening to Jorge Luis Borges’s excellent Harvard lecture series This Craft of Verse this week. It’s really fantastic; his was a great intelligence, and he was extremely well read.
One thing he said really struck me. About midway through his first lecture, he commented on the title of Cervantes’s Don Quixote de La Manca, saying […]

Culture 1 Comment February 21st, 2006

dangriff wonders about trusting the compiler

A friend of mine always builds everything from source. I don’t know why, but I vaguely remember hearing something about security. Over at Microsoft, dangriff has a post about the assumption that the compiler is safe.
It’s an interesting question; I’ve often wondered about hiding rogue code in plain sight in large code bases (and GCC, […]

Security 2 Comments February 19th, 2006

Hotpatching beta

I covered hot patching before. Now it looks like Microsoft is opening up a beta to see how well it works in the field. Beta enrollment instructions are provided.
via Outside The Cube

Programming, DDK, Windows No Comments February 19th, 2006

Recent Posts

• PhoneFactor video
• Interesting peek at Win7
• No more single-core chips
• I guess it depends on what you’re hex editing
• Metasploit as the security Mendoza line
• The return of err.exe
• Security lessons from MULTICS
• BlueHat
• Opera, anyone?
• New Niagra debuts

Recent Comments

• Manny
• dispensa
• doug
• dispensa
• Yossi