Browse by Tags

All Tags » Things I Learned At Microsoft (RSS)
Tue, Mar 3 2009 15:45

Microsoft TechFest

Last week, I went to Microsoft’s TechFest as part of their “Public Day”. This is the first time MVPs as a group have been invited to this event, and although it’s clear we missed some of the demonstrations that are not public-ready, this is something...
Posted by Alun Jones | 1 comment(s)
Filed under: , ,
Mon, Mar 2 2009 10:44

MVP Summit 2009 is here!

I snapped this picture last week at Microsoft' Research’s Tech-Fest event. Microsoft always makes the visiting MVPs feel welcome at Global Summit time, when all MVP awardees are invited to visit Microsoft’s campus, and engage in face-to-face conversations...
Posted by Alun Jones | with no comments
Filed under: ,
Thu, Apr 24 2008 16:47

UAC - The Emperor's New Clothes

I heard a complaint the other day about UAC - User Account Control - that was new to me. Let's face it, as a Security MVP, I hear a lot of complaints about UAC - not least from my wife, who isn't happy with the idea that she can be logged on as...
Posted by Alun Jones | 6 comment(s)
Filed under: , , , ,
Tue, Apr 22 2008 15:06

Silently fixing security bugs - how dare they!

Over in " Random Things from Dark Places ", Hellnbak posts about reducing vulnerability counts by applying the SDL (Security Development Lifecycle), and makes the very reasonable point that vulnerabilities found prior to release by a scan that...
Posted by Alun Jones | 3 comment(s)
Filed under: ,
Mon, Feb 4 2008 12:21

Google on Microsoft / Yahoo! Deal: "Wah!"

In case you've been under a rock, Microsoft appears to be trying to take advantage of Yahoo! Inc's recent poor performance to make an unsolicited offer (as far as I can tell, it's not a hostile bid until and unless Yahoo! officers declare...
Posted by Alun Jones | with no comments
Filed under: ,
Thu, Jan 17 2008 21:24

Waiting for Vista SP1?

In a previous article, I wrote about how to sound stupid by saying " let's wait for Service Pack 1 before we deploy Windows Vista ". Now here are a few ways to sound clever, by pointing to specific issues that will be fixed by Windows Vista...
Posted by Alun Jones | 5 comment(s)
Filed under: , ,
Fri, Jan 11 2008 21:03

Why you don't run as root

[... or administrator, or whatever] I like Roger Grimes, he's a nice guy, and he generally makes me think about what he has to say. That's a good thing, because otherwise he'd either be part of the same choir as me, or he'd be the sort...
Posted by Alun Jones | 4 comment(s)
Filed under: , , , , ,
Thu, Nov 22 2007 22:44

How many people do you represent?

In my earlier discussion on why 100% utilisation is not maximum efficiency , I alluded to the fact that a rejected customer, or a customer with a bad experience, will tell other potential customers that you never get to see. This reminded me that there...
Posted by Alun Jones | with no comments
Filed under: , ,
Thu, Aug 30 2007 6:08

Let's just wait for Service Pack 1

Every so often, I'll hear it said, and frequently not in jest, "let's wait until Service Pack 1 before we deploy Vista", or sometimes "Server 2008". While it's true that Microsoft has indeed announced plans to test, and...
Posted by Alun Jones | 10 comment(s)
Filed under: , ,
Wed, Aug 29 2007 21:08

Are you a 'dual'?

Last month at Tech-Ed, I was discussing with someone from the Solution Accelerators team about how I wished that Microsoft would produce some administration documentation for developers, and/or developer documentation for administrators, so that the two...
Posted by Alun Jones | 1 comment(s)
Filed under: , ,
Wed, Aug 22 2007 21:53

Larry Osterman isn't that into you, either.

In previous articles, I've pointed out: Programmer Hubris - He's just not that into you Programmer Hubris - I don't run your software all the time Programmer Hubris Part 3 - Microsoft Knows I'm Not That Into Them I'm still not that...
Posted by Alun Jones | with no comments
Filed under: , ,
Thu, Jul 26 2007 21:05

firefoxURL:%03

Part 3 - and I promise that's the lot for now, because it's starting to look like I'm obsessed or something. Over the past week or so, you've read me talking about vulnerabilities in Fire fox's protocol handlers, and how my perception...
Posted by Alun Jones | 4 comment(s)
Filed under: , ,
Sun, Jul 22 2007 13:57

firefoxurl: URL vulnerability

Heard about the firefoxurl vulnerability? It turns out that you can exploit Firefox by having Internet Explorer visit a link to a URL that starts with "firefoxurl:" (and a bunch of other code). [Assuming you have Firefox on your computer along...
Posted by Alun Jones | 5 comment(s)
Filed under: , ,
Tue, Jun 19 2007 11:52

Security Expert Chat - Thursday 6/21/2007, 4pm PDT

Technet's brief description for a chat this Thursday (June 21st) at 4pm PDT: Q&A with the Security MVP Experts We invite you to attend an Q&A with the Microsoft Security MVPs. In this chat the MVP experts will answer your questions regarding...
Posted by Alun Jones | with no comments
Filed under: ,
Thu, Mar 22 2007 6:45

Couldn't have done that at Microsoft

Today, another reminder of things I couldn't have done at Microsoft. Last night, I rushed home from work in time to take my kid to his Webelos den meeting. There, we worked on his Pinewood Derby car. He's been sick most of last week and weekend, so he...
Posted by Alun Jones | 1 comment(s)
Filed under: , ,
Wed, Mar 21 2007 17:19

WIP: Principles of Secure Software Development

This is a work-in-progress, but I'd like your opinions on it: Principles of Secure Software Development You're not that good - someone will find a hole in your software. Find as many as you can, first. You're still not that good - you didn't find all...
Posted by Alun Jones | 5 comment(s)
Filed under: , , ,
Sun, Feb 18 2007 16:52

Security Bulletins are easier to read in Japanese

It's "Patch Tuesday" again - and you're going to be spending a busy Valentine's day installing all of them. I'm not the first person to cover this - Steve Riley did it way back when, and Susan Bradley reminded us of it , but it's time to raise the point...
Posted by Alun Jones | 1 comment(s)
Filed under: , ,
Fri, Jan 26 2007 10:38

ScreenSaverGracePeriod - how fast can you cross a training room?

We're faced with an issue where presenters are losing their train of thought mid presentation because their slides are covered up by the screensaver - this would not be a significant problem, except that by the time they get back to wiggle the mouse,...
Posted by Alun Jones | 1 comment(s)
Filed under: , ,
Tue, Jan 23 2007 22:36

Trying to deploy an Outlook add-in

Even us grizzled security professionals occasionally have to give up when faced with a pile of security so incomprehensibly bizarre as to make life seem impossible. Recently, a member of our Security Council asked the simple question "instead of having...
Posted by Alun Jones | 1 comment(s)
Filed under: , ,
Thu, Jan 11 2007 13:13

Developers still don't get it.

I'm perplexed by a statement made by one of the commentors on a recent Michael Howard blog posting . Why would you NOT run [Visual Studio] as an administrator at all times? As a developer, I spend enough time on my own work. I don't need to be spending...
Posted by Alun Jones | 2 comment(s)
Filed under: , ,
More Posts Next page »