Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » Software Engineering   (RSS)

Engineering 7: A view from the bottom

About 2 months ago, Steven Sinofsky and Jon DeVaan started the “ Engineering Windows 7 ” blog.  The instant I saw the blog, I wanted to contribute to the blog (because I love writing :)). I spent a fair amount of time thinking about what to write Read More...
Posted Thursday, October 16, 2008 7:43 AM by LarryOsterman | 8 Comments

Resilience is NOT necessarily a good thing

I just ran into this post by Eric Brechner who is the director of Microsoft's Engineering Excellence center. What really caught my eye was his opening paragraph: I heard a remark the other day that seemed stupid on the surface, but when I really thought Read More...
Posted Thursday, May 01, 2008 9:14 AM by LarryOsterman | 66 Comments

When you're analyzing the strength of a password, make sure you know what's done with it.

Every once in a while, I hear someone making comments about the strength of things like long passwords. For example, if you have a 255 character password that just uses the 26 roman upper and lower case letters, plus the numeric digits. That means that Read More...
Posted Monday, November 12, 2007 5:47 PM by LarryOsterman | 20 Comments

Some final thoughts on Threat Modeling...

I want to wrap up the threat modeling posts with a summary and some comments on the entire process. Yeah, I know I should have done this last week, but I got distracted :). First, a summary of the threat modeling posts: Part 1: Threat Modeling, Once again. Read More...
Posted Monday, October 01, 2007 9:54 AM by LarryOsterman | 16 Comments

What's wrong with this code, part 21 - A Psychic Debugging Example - The answers.

So for the past couple of posts , I've been walking through a psychic debugging experience I had over the weekend. As I presented the problem, there were three pieces of information needed to debug the problem. An interface: class IPsychicInterface { Read More...
Posted Wednesday, September 26, 2007 1:17 PM by LarryOsterman | 10 Comments

What's wrong with this code, Part 21 - A psychic debugging example: The missing piece

As I mentioned yesterday , one of the other developers in my group had hit a sticky problem, and he asked me for my opinion on what was going wrong. There were 3 pieces of information that I needed to use to diagnose the problem, I gave you two of them Read More...
Posted Tuesday, September 25, 2007 9:39 AM by LarryOsterman | 18 Comments

Threat Modeling Again, Threat Modeling Rules of Thumb

I wrote this piece up for our group as we entered the most recent round of threat models. I've cleaned it up a bit (removing some Microsoft-specific stuff), and there's stuff that's been talked about before, but the rest of the document is pretty relevant. Read More...
Posted Friday, September 21, 2007 10:20 AM by LarryOsterman | 12 Comments

Threat Modeling Again, Threat modeling and the fIrefoxurl issue.

Yesterday I presented my version of the diagrams for Firefox's command line handler and the IE/URLMON's URL handler. To refresh, here they are again: Here's my version of Firefox's diagram: And my version of IE/URLMON's URL handler diagram: As I mentioned Read More...
Posted Wednesday, September 19, 2007 10:33 AM by LarryOsterman | 26 Comments

Threat Modeling Again, Threat Modeling in Practice

I've been writing a LOT about threat modeling recently but one of the things I haven't talked about is the practical value of the threat modeling process. Here at Microsoft, we've totally drunk the threat modeling cool-aid. One of Adam Shostak's papers Read More...
Posted Tuesday, September 18, 2007 3:48 PM by LarryOsterman | 11 Comments

Threat Modeling Again, Presenting the PlaySound Threat Model

It's been a long path, but we're finally at the point where I can finally present the threat model for PlaySound. None of the information in this post is new, all the information is pulled from previous posts. ---------------- PlaySound Threat Model The Read More...
Posted Monday, September 17, 2007 9:30 AM by LarryOsterman | 7 Comments

Threat Modeling Again, Pulling the threat model together

So I've been writing a LOT of posts about the threat modeling process and how one goes about doing the threat model analysis for a component. The one thing I've not talked about is what a threat model actually is . A threat model is a specification, just Read More...
Posted Friday, September 14, 2007 7:58 AM by LarryOsterman | 9 Comments

Threat Modeling Again, Threat Modeling PlaySound

Finally it's time to think about threat modeling the PlaySound API. Let's go back to the DFD that I included in my earlier post, since everything flows from the DFD. This dataflow diagram contains a number of elements, they are: Application: External Read More...
Posted Tuesday, September 11, 2007 9:28 AM by LarryOsterman | 7 Comments

Threat Modeling Again, What does STRIDE have to do with threat modeling?

In my last couple of posts , I've talked about the STRIDE categories. As I mentioned, STRIDE provides a convenient classification mechanism for threats, and threat modeling is all about trying to identify the threats to your feature/component/whatever. Read More...
Posted Friday, September 07, 2007 7:52 AM by LarryOsterman | 5 Comments

Threat Modeling Again, STRIDE Mitigations

I described the 6 STRIDE categories the other day . In that post, I mentioned that there are "well understood" mitigations for each of the STRIDE categories. Of course this list isn't exhaustive, many of these are obvious, and some don't apply, but when Read More...
Posted Wednesday, September 05, 2007 10:36 AM by LarryOsterman | 14 Comments

Threat Modeling Again, STRIDE

As has been mentioned elsewhere , when we're threat modeling at Microsoft we classify threats using the acronym STRIDE. STRIDE stands for "Spoofing", "Tampering", "Repudiation", "Information disclosure", "Denial of service", and "Elevation of privilege". Read More...
Posted Tuesday, September 04, 2007 9:00 AM by LarryOsterman | 9 Comments
More Posts Next page »
 
Page view tracker