Dana Epp - Mirror of his SilverStr Blog
Time to party! Windows 7 is here!
Tue, Oct 20 2009 23:57
It's only a few days away. The official launch of Windows 7 is here! And of course, that means its time to party!!! You may have heard about the Windows 7 House Parties that are being thrown all around the world. Basically thousands of small groups...
RunAs Radio podcasts you might want to listen to
Tue, Oct 13 2009 15:11
Hey guys. I noticed Twitter is a buzz with a few podcast interviews I did on RunAs Radio lately. I thought I will post the links for those of you who don't follow such tweets. There were two interviews I did last month: RunAs Radio Show 127 - Dana...
Coding Tip: Why you should always use well known SIDs over usernames for security groups
Thu, Oct 8 2009 16:52
So have you ever tried to restrict access to your applications in a way so that you can maintain least privilege? I do. All the time. And recently it blew up in my face, and I want to share my experience so others can learn from my failure. Let me show...
Major Windows 7 gotcha you should know about that may block you from upgrading
Mon, Aug 3 2009 19:04
OK, so anyone who knows me expects that I stay up on the bleeding edge when it comes to dev tools and operating systems. Yes, I have been using Windows 7 for almost a year now and have been loving it. However, I never ran it on my production dev environment...
Microsoft SDL bans mempcy()... next it will be zeros!!!!
Fri, May 15 2009 15:53
So recently Microsoft banned memcpy() from their SDL process, which got several of us talking about perf hits and the likes when using the replacement memcpy_s, especially since it has SAL mapped to it. For those that don't know, SAL is the "Standard...
Using TS RemoteApp as an attack vector
Sat, May 2 2009 13:37
So in today's session at SMBNation that I spoke at, I showed how to use TS RemoteApp with TS Gateway on SBS2008 to deliver remote applications through Remote Web Workplace. It is one of the most cool features in the Windows Server 2008 operating system...
Is Twittering safe?
Mon, Apr 20 2009 1:58
So Susan has been on my case about Twitter for some time now. In a recent round table we were recording she "beat me up" about it, and tonight on IM we had a good discussion about the REAL vs PERCEIVED risks in Twitter. Susan's biggest complaint...
Come have Coffee and Code in Vancouver with me and Microsoft tomorrow
Tue, Apr 7 2009 12:25
So John Bristowe, Developer Evangelist for Microsoft Canada will be hosting a Coffee and Code event in Vancouver tomorrow from 9 to 2 at Wicked Cafe. Come join him and fellow Microsoft peers Rodney Buike and Damir Bersinic as they sit and share their...
Choosing the right offset backup provider
Mon, Mar 16 2009 13:53
Recently I had an interesting experience that I think is noteworthy. Something worth sharing with my peers and circle of influence. Last month I had the experience of accidentally backing up 7GB of MP3 data to our offsite data backup provider, i365 (formally...
Using Information Cards when using Microsoft services
Mon, Mar 2 2009 11:01
I am down on the Microsoft campus for the week hanging with other security professionals. As I was coming to the building to listen to Steve Riley a few Security MVPs and I were talking about identity and I was surprised to hear that they didn't realize...
HP proves they can design disaster-proof environments
Fri, Feb 20 2009 11:02
This had me chuckling today... Read More...
Crack that encryption! (or his head)
Mon, Feb 2 2009 9:40
My buddy Alan sent me an awesome link to a comic which I found really funny. Check this out: Ain't that the truth? Read More...
Is UAC really broken in Windows 7? More importantly, does it make us less secure?
Sat, Jan 31 2009 16:35
OK, so everywhere I turn I am hearing people ridicule the changes in how UAC behaves in Windows 7. There is even proof of concept code that can turn off UAC without even being prompted. For those with their heads in the sand, the story goes that in Windows...
History of the Internet
Thu, Jan 29 2009 19:14
Now here is a kewl video on YouTube about the history of the Internet.... and they didn't use Al Gores's name once! Read More...
MVP for another year
Mon, Jan 5 2009 16:19
Well, since everyone else is announcing it, I may as well follow the lemmings. With many thanks to Microsoft. I have been awarded the distinction as an Enterprise Security MVP with developer focus for a 4th year. Much appreciated. It is truly an honour...
The TCO of Cloud Computing vs In House IT
Tue, Dec 23 2008 16:46
OK, an interesting thread is starting up in a blog post from Susan on " Do the Math folks " where she talks about the costs on In House vs Cloud based services. I have to say that in my own opinion, she is missing a CRITICAL costing factor....
"Experiences" Threat Modeling at Microsoft
Thu, Nov 20 2008 11:31
If there is one thing we can learn from the past, it is that we are doomed to repeat our failures if we ignore it. The reciprocal is also true. If we reflect on our experiences properly, there is a lot we can learn from it. In the world of designing secure...
Introduction to Microsoft's SDL Threat Modeling Tool
Tue, Nov 11 2008 12:45
If you design and/or write code, building trustworthy software may or may not be a driver in your team. If you care to build secure code (which I would assume since you read my blog) threat modeling may be a very important part of your development lifecycle...
Developing applications to work as a Standard User in Vista
Sat, Nov 8 2008 10:06
Have you ever felt that the UAC prompts in Vista are annoying? Well, did you know a LOT of them could be avoided if developers would just design their code in a way where they don't pass a privilege boundary and require elevation? Simple examples...
LiveID becomes an OpenID provider
Sat, Nov 1 2008 13:23
So here is something interesting for the OpenID world. Microsoft has commited to supporting OpenID for Live services. Not only are they commiting to it... they already have a working IdP!!! You can check it out here . Right now it is a beta, and shouldn't...
More Posts
Next page »
Search
Go
This Blog
Home
Community
Home
Blogs
Media
Groups
Archives
October 2009 (3)
August 2009 (1)
May 2009 (2)
April 2009 (2)
March 2009 (2)
February 2009 (2)
January 2009 (3)
December 2008 (1)
November 2008 (4)
October 2008 (3)
September 2008 (1)
August 2008 (9)
July 2008 (3)
June 2008 (1)
April 2008 (2)
January 2008 (7)
December 2007 (5)
November 2007 (2)
October 2007 (1)
September 2007 (1)
August 2007 (3)
July 2007 (7)
June 2007 (3)
May 2007 (3)
April 2007 (2)
March 2007 (3)
February 2007 (2)
January 2007 (9)
December 2006 (8)
November 2006 (2)
October 2006 (2)
September 2006 (23)
Syndication
RSS for Posts
Atom
RSS for Comments
Email Notifications
Go