Tales from the Crypto

         Alun Jones (Security MVP Reconnect) writes about security, cryptography, SSL, PKI, and pretty much anything else that bothers him enough.

Archive for February, 2010

February 21, 2010

Samples that suck: IfModifiedSince

I’ve been trying to improve my IFetch application’s overall performance, and it’s clear that the best thing that could be done to improve it immediately is to cache the information being returned from the BBC Radio web site, so that next time around, the application doesn’t have to reload all the information from the web, […]

February 18, 2010

Bad Names: Windows Phone Mobile Compact Edition Seven Series Pocket PC

OK, admittedly, the name isn’t really that long, but even though I’m spending this week on Microsoft’s home turf, I can’t say that I’ve met two people who can trip off their tongue the proper name of the new version of Windows Mobile: Windows Phone Seven Series  Seriously? Every single word there is a generic […]

Malware blue-screens when patched

Filed under: General Security @ 12:00 am

The Microsoft update MS10-015 recently demonstrated rather dramatically that unauthorised patches of the operating system make your operating system significantly unstable and unreliable. In this case, the unauthorised patch is a rootkit called, among other things, “Alureon”, which alters some low-level drivers supplied with Windows. Those of us who have been in this industry for […]

February 12, 2010

MVP Summit Next Week

Today, I’ve been reminding many people at work that I’ll be out next week for the MVP Summit. In previous years, the questions I’ve received in response have been mainly about “what’s that?”, “does that mean you work for Microsoft?”, “what are you going to be learning about?” etc. This year, the questions have moved […]

February 10, 2010

Are you rugged?

Filed under: General Security,Programmer Hubris @ 11:49 pm

As a developer, I’ve heard a number of adjectives applied to those who practice my craft. “Rugged” isn’t one I expect to hear very often. Granted, there are a few who alternate their brief stints of coding with explorations of the far-flung hinterland, but even these never quite seem to fill the “rugged” ideal. Until […]

February 9, 2010

TLS Renegotiation attack – Microsoft workaround/patch

Hidden by the smoke and noise of thirteen (13! count them!) security bulletins, with updates for 26 vulnerabilities and a further 4 third-party ActiveX Killbits (software that other companies have asked Microsoft to kill because of security flaws), we find the following, a mere security advisory: Microsoft Security Advisory (977377): Vulnerability in TLS/SSL Could Allow […]

February 3, 2010

So I deleted it without reading it.

Filed under: General Security @ 11:10 am


February 1, 2010

A golden rule of performance improvement

The Rule: Performance optimizations are not worth making for anything less than 10% improvement in speed. Corollary: Performance optimizations must be measured before and after, and changes reverted if they do not cause significant performance improvement. Converse: If you are pushing back on implementing a feature “because it will make the app unbearably slow”, particularly […]

© 2017 Tales from the Crypto   Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs