Security Software โ An Overview ๐
Iโve spent nearly my entire professional career in software security: designing software to prevent abuse by bad actors. Iโve been battling the bad gu [...]
text/plain
Posts
Best Practices for SmartScreen AppRep ๐
Last year, I wrote about how Windows integrates SmartScreen Application Reputation to help ensure users have a secure and smooth experience when runni [...]
Defensive Technology: Controlled Folder Access ๐
Most client softwareโs threat models (e.g. Edge, Chrome) explicitly exclude threats where the local computer was compromised by malware. Thatโs becaus [...]
On Politics ๐
I do not come from an especially political family. One parent has not voted in decades, and the other votes regularly, but is not an enthusiast and va [...]
Lenovo P1, Gen7: Meh ๐
Iโve been a loyal user of Thinkpads for over twenty-five years now, and I currently own four (with another on loan from Microsoft). In July, the scree [...]
Defensive Technology: Antimalware Scan Interface (AMSI) ๐
Endpoint security software faces a tough challenge โ it needs to be able to rapidly distinguish between desired and unwanted behavior with few false p [...]
Content-Blocking in Manifest v3 ๐
Iโve written about selectively blocking content in browsers several times over the last two decades. In this post, I donโt aim to convince you that ad [...]
Attack Techniques: Encrypted Archives ๐
Tricking a user into downloading and opening malware is a common attack technique, and defenders have introduced security scanners to many layers of t [...]
Welcome to Fall, I guess? ๐
Two months without a blog post? Sheesh. A lot has happened in two months, although perhaps nothing especially interesting. I splurged on a new laptop, [...]
Browser Features: Find in Page ๐
For busy web users, the humble Find-in-Page feature in the browser is one of the most important features available. While Google or Bing can get you t [...]