Windows: Choose Where To Get Apps π
Modern versions of Windows offer a setting named βChoose where to get appsβ which can reduce attack surface by limiting the locations from which appli [...]
text/plain
Posts
Winter 2026 Runs π
I did a reasonably good job running on my treadmill throughout the fall of 2025, in preparation for my second summit of Mount Kilimanjaro over New Yea [...]
Security Software False Positives π
Software developers and end-users are often interested in understanding how to resolve incorrect detections from their antivirus/security software, in [...]
Security Surfaces π
An important concept in Usable Security is whether a given UI represents a βsecurity surface.β Formally, a security surface is a User Interface compon [...]
Defensive Technology: Ransomware Data Recovery π
In a prior installment we looked at Controlled Folder Access, a Windows feature designed to hamper ransomware attacks by preventing untrusted processe [...]
Windows Shell Previews β Restricted π
Windows users who installed the October 2025 Security Updates may have noticed an unexpected change if they use the Windows Explorer preview pane. Whe [...]
An Improbable Recovery π
Way back on May 11th of 2022, I was visiting my team (Edge browser) for the week in Redmond, Washington. On Wednesday night, I left my ThinkPad X1 Ext [...]
AI Injection Attacks π
A hot infosec topic these days is βHow can we prevent abuse of AI agents?β While AI introduces awesome new capabilities, it also entails an enormous s [...]
2025 Summer Vacation π
The boys and I went to Maryland for the first half of August to visit family and check out some roller coasters. They hit Kings Dominion, Busch Garden [...]
Security Product Efficacy π
Iβve written about security products previously, laying out the framing that security products combine sensors and throttles with threat intelligence [...]