Welcome to MSDN Blogs Sign in | Join | Help

September 2007 - Posts

What's wrong with this code, part 21 - A Psychic Debugging Example - The answers.

So for the past couple of posts , I've been walking through a psychic debugging experience I had over the weekend. As I presented the problem, there were three pieces of information needed to debug the problem. An interface: class IPsychicInterface { Read More...
Posted Wednesday, September 26, 2007 1:17 PM by LarryOsterman | 10 Comments

What's wrong with this code, Part 21 - A psychic debugging example: The missing piece

As I mentioned yesterday , one of the other developers in my group had hit a sticky problem, and he asked me for my opinion on what was going wrong. There were 3 pieces of information that I needed to use to diagnose the problem, I gave you two of them Read More...
Posted Tuesday, September 25, 2007 9:39 AM by LarryOsterman | 18 Comments

What's wrong with this code, part 21, a psychic debugging example

Over the weekend, one of the developers in my group sent me some mail - he was seeing one of the registers in his code getting corrupted across a procedure call. He was quite surprised to see this, and asked me for any suggestions. With the help of the Read More...
Posted Monday, September 24, 2007 4:41 PM by LarryOsterman | 48 Comments

Threat Modeling Again, Threat Modeling Rules of Thumb

I wrote this piece up for our group as we entered the most recent round of threat models. I've cleaned it up a bit (removing some Microsoft-specific stuff), and there's stuff that's been talked about before, but the rest of the document is pretty relevant. Read More...
Posted Friday, September 21, 2007 10:20 AM by LarryOsterman | 12 Comments

Threat Modeling Again, Threat modeling and the fIrefoxurl issue.

Yesterday I presented my version of the diagrams for Firefox's command line handler and the IE/URLMON's URL handler. To refresh, here they are again: Here's my version of Firefox's diagram: And my version of IE/URLMON's URL handler diagram: As I mentioned Read More...
Posted Wednesday, September 19, 2007 10:33 AM by LarryOsterman | 26 Comments

Threat Modeling Again, Threat Modeling in Practice

I've been writing a LOT about threat modeling recently but one of the things I haven't talked about is the practical value of the threat modeling process. Here at Microsoft, we've totally drunk the threat modeling cool-aid. One of Adam Shostak's papers Read More...
Posted Tuesday, September 18, 2007 3:48 PM by LarryOsterman | 11 Comments

Threat Modeling Again, Presenting the PlaySound Threat Model

It's been a long path, but we're finally at the point where I can finally present the threat model for PlaySound. None of the information in this post is new, all the information is pulled from previous posts. ---------------- PlaySound Threat Model The Read More...
Posted Monday, September 17, 2007 9:30 AM by LarryOsterman | 7 Comments

Threat Modeling Again, Pulling the threat model together

So I've been writing a LOT of posts about the threat modeling process and how one goes about doing the threat model analysis for a component. The one thing I've not talked about is what a threat model actually is . A threat model is a specification, just Read More...
Posted Friday, September 14, 2007 7:58 AM by LarryOsterman | 9 Comments

Threat Modeling Again, Analyzing the threats to PlaySound

In my last post , I enumerated a bewildering array of threats that the PlaySound API is subject to, today I want to work through the analysis process for each of those threats. To refresh, here's the DFD and the list of threats: Application: External Read More...
Posted Thursday, September 13, 2007 8:02 AM by LarryOsterman | 4 Comments

Got Tetris?

I just wanted to take a quick break from threat modeling to point to a video that Valorie passed on to me that's nothing short of remarkable (from the blog of one of my favorite magazines, Mental Floss ): Advanced Tetris Gameplay : The magic happens about Read More...
Posted Wednesday, September 12, 2007 8:38 AM by LarryOsterman | 7 Comments

Threat Modeling Again, Threat Modeling PlaySound

Finally it's time to think about threat modeling the PlaySound API. Let's go back to the DFD that I included in my earlier post, since everything flows from the DFD. This dataflow diagram contains a number of elements, they are: Application: External Read More...
Posted Tuesday, September 11, 2007 9:28 AM by LarryOsterman | 7 Comments

Threat Modeling Again, STRIDE per Element

As I mentioned the other day , we had three huge big realizations as we've been doing more and more threat models. The first (which we've known all along) was that threats are permanent - the threats that apply to the elements of your component don't Read More...
Posted Monday, September 10, 2007 10:31 AM by LarryOsterman | 6 Comments

Threat Modeling Again, What does STRIDE have to do with threat modeling?

In my last couple of posts , I've talked about the STRIDE categories. As I mentioned, STRIDE provides a convenient classification mechanism for threats, and threat modeling is all about trying to identify the threats to your feature/component/whatever. Read More...
Posted Friday, September 07, 2007 7:52 AM by LarryOsterman | 5 Comments

Threat Modeling Again, STRIDE Mitigations

I described the 6 STRIDE categories the other day . In that post, I mentioned that there are "well understood" mitigations for each of the STRIDE categories. Of course this list isn't exhaustive, many of these are obvious, and some don't apply, but when Read More...
Posted Wednesday, September 05, 2007 10:36 AM by LarryOsterman | 14 Comments

Threat Modeling Again, STRIDE

As has been mentioned elsewhere , when we're threat modeling at Microsoft we classify threats using the acronym STRIDE. STRIDE stands for "Spoofing", "Tampering", "Repudiation", "Information disclosure", "Denial of service", and "Elevation of privilege". Read More...
Posted Tuesday, September 04, 2007 9:00 AM by LarryOsterman | 9 Comments
 
Page view tracker