Larry Seltzer

Microsoft has been steadily mitigating, if not eliminating, the major deficiencies in the security of its products. Its easy to forget the dismal security quality of the products Microsoft shipped not too long ago, although I would argue that such quality was the industry norm. Everyone has improved the security—or perhaps I should say “securability”—of […]

Not many of us actually read all the legal agreements we enter into and this problem has gotten far worse in the era of the Internet. We all agree to licenses and contracts that we dont take seriously. Fyodor Vaskovich found out the hard way that some terms of service are so arbitrary and capricious […]

Theres something different about the security market, and especially the anti-malware market. Most software markets tend to move towards consolidation, but competition is alive and well in anti-malware. Clearly the major players are concerned about Microsofts entry into the market with their consumer-oriented OneCare service and the corporate Forefront products. Big players in the corporate […]

It was a big deal, just about a year ago. AOL announced that it would be implementing Goodmail CertifiedEmail, an accreditation service. The service has been operating, according to Goodmail, since May of 2006. The way it works is that Goodmail sets technical and business criteria for e-mail senders. Those who qualify can pay a […]

Theres a good argument to make, and some experts make it, that virtualization is one of those technologies thats making a cyclical comeback. The whole VM thing, after all, was invented by IBM guys in the 60s, right? My instincts are sympathetic to this argument: VMs were invented for an era when hardware was really, […]

Its one of those “not really a big deal yet but could blow up soon” problems: Printers, especially higher-end multifunction business printers, have become so intelligent and complicated that they have serious security risks. They are, in fact, really desktop computers, even workstations in disguise. They run a wide range of operating systems customized and […]

Security research, like any business, is competitive, and everyones looking for some new angle. One of the hottest angles out is the “Month of XXX Bugs” phenomenon, where XXX is whatever product youre picking on. Normal people are usually perplexed at the idea of so-called “good guys” publicizing bugs in other peoples products, especially security […]

When I think of the prototypical botnet, I think of cable modem users with teenagers downloading programs that they assume to be other things. There are many other typical scenarios, and while theyre perfectly accurate, its probably true that most bots are hijacked broadband PCs. But there is another type of dangerous botnet out there […]

Symantec is arguing that Windows Vistas User Access Control features are too intrusive, and perhaps they have a point. Theres no reason to assume Microsoft got things perfect. Windows has a rich history of third parties adding value and making it better. One of my favorite improvements on user access control in all current versions […]

Who would have imagined that so much business and so much abuse would center around Internet domain names? Certainly not the designers of the system, including those of the Whois service, which reports on ownership and some other data on domain names. But an effort to reform the process is underway, and you have just […]