Start of MVP Summit Blog 
Before I start one of the things that I hate about blogging is its a lot of work. I had this written, went to upload an image and lost what I had written, thin client interfaces suck.

OK with that off my chest, look out Seattle I'm in town again attending the Microsoft MVP 2007 Summit. In case you don't know what a MPV is visit Microsoft MVP). Lots of fun, work, and meeting people rolled up into 4 days, and after which you feel exhausted.

OK so it is overcast and raining in Seattle, surprise surprise. The flight in was rough only during the take off and especially the landing as there was lots of turbulence. Otherwise I'm lucky have no problem sleeping when I fly, so it worked out to a nice hour long nap for me. The flight crew I'm sure wanted to kill me as they have had a very long day, as they started in Dallas this morning, flew to Seattle, then flew to Calgary and then back to Seattle so they are beat but were still very pleasant. I've never had a back experience flying with Alaska Airlines or Horizon.

One thing that struck me as funny was at Boeing field there was a F-18 parked beside a Cessna. I wish I could have gotten a picture of that but I forgot my camera and only have my phone camera and we all know those suck.

Much more to follow over the next 5 days.


[ view entry ] ( 1375 views )   |  permalink  |  $star_image$star_image$star_image$star_image$star_image ( 3 / 1839 )
Wow that was FAST!!!! 
Wow I have to mention that CACE Technologies has got to have the fastest shipping on the planet. I ordered an AirPcap on Feb 15th, and on Feb 20th UPS delivered it to me. Now considering that that CACE Technologies is located in the US and I'm in Canada, I'd have to say that is the fastest than any package has reached me from the US, congrads CACE and UPS.

I'll blog about the AirPcap more later but thus far I can say its a cool tool!!

[ view entry ] ( 1303 views )   |  permalink  |  $star_image$star_image$star_image$star_image$star_image ( 3 / 1495 )
Closed vs Stealthed Ports 
One of the things that I love about computers is you can always try things and see what happens. This ability to experiment can be rather handy as a BS filter and so I thought I would try a little experiment for the closed vs stealthed port debate which can be found here Place your bets - Closed vs Stealthed.

The results are simply that closed ports are not of interest to hackers or worms, as they can't break into either. While I always recommend the use of a firewall which typically results in stealthed ports, closed ports as just as secure with the exception that they could be used in a DOS attack on someone else (read the thread as I don't believe that reflection attacks are very common anymore give the huge bot armies which are available).


[ view entry ] ( 911 views )   |  permalink  |  $star_image$star_image$star_image$star_image$star_image ( 3 / 1530 )
Get ready for Vista and Office 2007 - December 12th Calgary 
I am planning to be at the The 2007 Microsoft Launch Event in Calgary on December 12, 2006. If Vista isn't on your radar screen it should be, so start learning about it now.


[ view entry ] ( 972 views )   |  permalink  |  $star_image$star_image$star_image$star_image$star_image ( 3 / 1721 )
Security issues will always exist 
At a recent tech show I was asked a question as to what I think the future trends will be in security. I think that security will always be an issue for a number of different reasons. First one of the key features of computers is also one of their downfalls when it comes to preventing malware from running on a computer. Computers are flexible and are meant to run programs, and on top of that programs one person runs are likely very different from the programs another person runs, so the idea of determining what good software is pretty well impossible. While digital certificates and signing code add to the level of user confidence in a program there is no way to programmatically determine that software is not malware. For example typically how anti-malware detection software works is to look for some known code signature within the program, which while effective means the malware author has period of time before the malware is discovered, analyzed and signatures generated and distributed, and often this period of time is sufficient for the malware to generate favorable results from the malware authors perspective. So what Iím driving at is malware will never totally disappear, sorry to say.

Now if we look at trends within attack vectors we see that some vendors have made great strides in securing their software. For example Microsoft has done a very good job at securing their operating systems, in that we have not see a purely technical attack in a very long time (Sasser I believe was the last major worm of this type) By technical attack I mean exploiting a vulnerability which exists in the OS and only requires the vulnerable system be connected directly to the internet, it requires zero user interaction (other then the user doesnít patch their system). All global attacks we have seen lately requires some form of user interaction, to click on the attachment, go to some web site, fall for some phishing scheme, etc. Our inability to fix or otherwise totally education users and human nature is another reason why security issues will never disappear in that users are just to easy to exploit. A good social engineering attack is always easier and better then a good technical attack.

Since the OS has become much harder to exploit one trend that is on the increase is the number of attacks which focus on third party software or on internally developed software. Very few companies have invested in training their developers in secure coding practices or have made security a fundamental consideration in every phase of software development. The unfortunate result of this is most companies develop software which is full of potential exploits like SQL or script injection, cross scripting, privilege/authentication issues, canonicalization, etc. The list is almost endless and far to many corporations are vulnerable to far to many of these types of attacks, so until corporations and third party developers start investing in secure code by design and development, their security issues will never go away.

New technologies and practices are always a source of new exploits. For example wireless networks continue to be a security issue and despite the progress of secure protocols such as WPA, far too many wireless networks remain unsecured. Things like home or otherwise remote workers can have huge impact on security. We live in a world of constant change both in technology and human issues, and where there is change there is opportunities for security exploits.

Hacking itself has changed radically over the years, and given it has evolved far beyond a mere curiosity or hobby to become a very profitable business, security issues will not go quietly into the good night but will be exploited in every fashion possible which will benefit the black hats. If nothing else as security gets better, hackers have gotten better, and more creative. Certainly the advantage belongs to the black hats as typically security is a Ďreactioní based process (it typically hasnít matured beyond being reactive yet), so black hats still sit back and pick apart software, processes, etc looking for vulnerabilities to exploit and white hats try to keep up with patching code etc. Certainly the secure by design and development helps reduce the number of vulnerabilities and layered security minimizes their impact but we still large depend on reactive process to secure systems.

Microsoftís Vista presents some very interesting changes in the concept of security, and while I very much like Vista and think it represents a huge step forward in security, it also presents some interesting challenges to both users and corporations. Vista is not only a very secure OS, but it can treat data in a very secure fashion and for the first time corporations can have the security they have always dreamed of, but I sometimes wonder if they find instead that their dreams are in fact too restrictive. So certainly for the first time corporations will have to confront security not just at a systems level, but on other levels as well. For example they will really have to think their processes through and find that balance between security, productivity, creativity and user involvement. This is totally new terrain to most corporations and will no doubt take companies a very long time to figure out what to do and while they are evolving there will be security issues. I very much look forward to the release of Vista and seeing the impact it has on security as I think it will be substantial, but yet very interesting in that it will create a number of new issues we havenít even considered yet.

So are we winning the so called war of security, I think so, but I donít think itís truly possible to fully win this war and security issues will remain with us forever.


[ view entry ] ( 945 views )   |  permalink  |  $star_image$star_image$star_image$star_image$star_image ( 3 / 1498 )

<<First <Back | 1 | 2 | 3 | 4 | 5 | Next> Last>>