Best offers
Exclusive Interview: Nvidia's Ian Buck Talks GPGPU
With Snow Leopard and Windows 7 both offering GPGPU capabilities, we wanted to talk to Nvidia's Ian Buck. Not only is he one of the fathers of Brook, the programming language ultimately adopted by AMD/ATI, but the head of Nvidia's CUDA group as well. Read More
-
Beamforming: The Best WiFi You’ve Never Seen
Forget 802.11n Draft 2.0. The future of video-capable WiFi depends on a signal-boosting technique called beamforming. We put the pioneers in this frontier through some real-world testing to find out which technology is going to change the wireless world. Read More
-
Exclusive Interview: Going Three Levels Beyond Kernel Rootkits
Today we have the pleasure of chatting with Joanna Rutkowska, one of the top computing security innovators in the world. She is the founder and CEO of Invisible Things Lab (ITL), a boutique computer security consulting and research firm. Read More
Partners
The Games selection
adventure :
Ray
Adventure game, South Park style. Pick the way the story goes by picking an answer among those offered.
|
violent :
Interactive Buddy
Unwind on your interactive buddy: Do anything you want to him, it will earn you money, and you can buy other stuff to torture him with.
|
Sponsored links
Microsoft to Release Internal Security Tools
Next news- Email |
- Print |
- Comment (1) |
- Share
Microsoft began to take security of their operating systems and applications around 2001 when coding problems in many of its products left open doors to a whole wave of malicious programs.
Things such as self-propagating worms crashed e-mail servers, created botnets and stole users personal information. These issues ended up costing end users and large corporations a lot of money in damages. On the flip side it proved quite lucrative for the technical support industry – a lot of money was to be made during that time period.
Microsoft will soon be releasing internal tools and methods it has used over the past little while. These tools were used to reduce the number of security issues in current products, and two of the tools will be free: the SDL Optimization Model and the SDL Threat Modeling Tool 3.0. Both tools will be available for download from the Microsoft SDL website in November.
Here is a brief history behind all of this:
In early 2002 Bill Gates launched the Trustworthy Computing Initiative. Two years later, the company refined something called the Security Development Lifecycle (SDL) – essentially a process to ensure it writes near-bulletproof code. Use of the SDL over the past while has reduced the number of security issues in its new flagship operating system – Window Vista, as well as SQL Server.
Microsoft believes that extending the SDL to Independent Software Vendors (ISV) and other developers for enterprises such as banks, will add confidence to Microsoft software designed for Windows. Quoting Steve Lipner of Microsoft’s SDL team:
« “If somebody is using a third-party application on the Microsoft platform, they are still a Microsoft customer. We want their computing experience to be safe and secure.”
“We think this is going to be a great resource for people who want to get into the SDL and need to figure out how to they get started.” »
Most third-party applications built for the Windows platform is not coded with state-of-the-art security practices in mind, but Microsoft would like to make developers a little more aware. Microsoft can make your operating system as tight as possibly can, but the moment you install a third party application you need to wonder – what kind of holes did this program just open up?
Source : Tom's Hardware
There have been other tools released over the years like the Microsoft Baseline Security Analyzer:
http://technet.microsoft.com/en-us [...] 84924.aspx