Attack on Windows BitLocker

Fraunhofer SIT has presented a method for discovering the BitLocker drive encryption PIN under Windows. The method even works where TPM is used to protect the boot process. The trick? An attacker with access to the target computer simply boots from a USB flash drive and replaces the BitLocker bootloader with a substitute bootloader which mimics the BitLocker PIN query process but saves the PINs entered by the user to disk in unencrypted form.

Although the BitLocker boot process carries out an integrity check on the system, and thereby the Windows installation, it does not check the bootloader itself – not that the actual attack described even gets as far as the Windows boot process. Consequently, according to the Fraunhofer SIT report, even if a Trusted Computing Module (TPM) is fitted, it fails to protect against such an attack.

Link – http://www.h-online.com/security/news/item/Attack-on-Windows-BitLocker-877894.html

The Bing Bar

image Also announced yesterday is the Bing Bar. Another search/tool bar? Yes and no, it replaces the MSN Toolbar Beta. If you go to the MSN toolbar URL you get the following page:

Link – http://liveside.net/bingblog/archive/2009/12/03/the-bing-bar.aspx

Windows 7 Starter hides but allows ad-hoc networking

This week, I was disassembling software that a major, to-remain-nameless OEM, put out for their netbook customers. I was ready to call them out on code that deliberately bypassed a licensed feature check in Windows, enabling ad-hoc wireless networking… but when I booted up an Eee PC, ad-hoc wireless networking worked out of the box.

Link – http://www.withinwindows.com/2009/12/02/windows-7-starter-hides-but-allows-ad-hoc-networking/

Bing Maps Beta

Today is a day I’ve been waiting for. Today is the day that I can finally stop biting my lip and start blabbing to the world that YES we have Streetside photography in Bing Maps – woohoo! Today is the day we release our beta Silverlight version of Bing Maps and it is smoking hot. We’ve added two new map modes – Streetside and Enhanced Bird’s Eye. We’ve added an Application Gallery to browse applications mashed-in to Bing Maps – sort of the reverse of our APIs where you’re putting Bing Maps onto your site. We’ve added Photosynth and a slew of other features…read on! If you don’t like to read, you can watch the video Laura Foy and I made on Channel 9.

Link –http://www.bing.com/community/blogs/maps/archive/2009/12/02/bing-maps-adds-streetside-enhanced-bird-s-eye-photosynth-and-more.aspx

Mark Russinovich on MinWin, the new core of Windows

Since the first public news of Windows 7’s development back on October 2007, we’ve heard about a component of the operating system called MinWin — a tantalizingly titled element that sounds like some kind of portable Windows kernel. Now Windows 7 is actually residing on paying consumers’ desktops, and inside of it — and inside of Windows Server 2008 R2 — is the MinWin kernel architecture…and yet few have been made clear as to what it actually is.

Link – http://www.betanews.com/article/Mark-Russinovich-on-MinWin-the-new-core-of-Windows/1259792850

Office 2010 scheduled for June release

Microsoft is set to launch an entirely new updated wave of Office applications in June 2010. The Office suite will be updated for Windows, including ribbon support for all products, and will also be launching Office 2010 for Mac OS X sometime in 2010.

Link – http://www.neowin.net/news/main/09/11/30/office-2010-schedule-for-june-release

SQL Server 2008 R2 gets an official due date

Speaking of roadmaps, Microsoft (either “by design” or by mistake) has provided a due date for SQL Server 2008 R2, the next version of its database.

Up until recently, the Softies have been saying SQL Server 2008 R2 would be a “first half” 2010 product. But in a new benchmark report, that date gets more specific.

Link – http://blogs.zdnet.com/microsoft/?p=4660

To R2 Or Not To R2?

…that is the question. Whether ’tis nobler in the server cabinet to suffer the outrageous lack of valuable new functionality, or to take arms against the powerful improvements to the core Windows Server operating system. And by opposing, manage without them? To sleep (or hibernate): perchance to dream of an easy upgrade. I guess you can see why I don’t write poetry very often – it always seems to end up sounding like somebody else’s.

Link – http://blogs.msdn.com/alexhomer/archive/2009/11/29/To-R2-Or-Not-To-R2_3F00_.aspx

Windows 7: Past, Present and Future

A year after its triumphant debut at PDC 2008, Windows 7 is, of course, complete and shipping to customers. There are lots of things one might discuss around the Windows 7 development process, but the most impressive aspects, I think, are that Windows 7 happened on schedule–literally within two weeks of an internal schedule Microsoft previously denied ever using–and encompasses in final form almost exactly the product that it had publicly promised.

Link – http://www.winsupersite.com/win7/nowwhat.asp

Microsoft URL Rewrite Module 1.1 for IIS 7

URL rewrite module provides a rule-based rewriting mechanism for changing requested URL’s before they get processed by web server.

The Microsoft URL Rewrite Module 1.1 for IIS 7 provides flexible rules-based rewrite engine that can be used to perform broad spectrum of URL manipulation tasks, including, but not limited to:

  • Enabling user friendly and search engine friendly URL with dynamic web applications;
  • Rewriting URL’s based on HTTP headers and server variables;
  • Web site content handling;
  • Controlling access to web site content based on URL segments or request metadata.

Link – http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=dba94a96-e513-4f87-9082-8cb04b743793

Hands-On Look at What’s New in Office 2010

Now that we’ve had some time to play with the Office 2010 Professional Beta, we thought we’d share what’s new and useful inside Microsoft’s big suite. Take a gander at the pictorial evidence below.

Overall, Office 2010 is not the kind of leap forward that Windows 7 was from Vista (or, for most PC upgraders, from XP). It adds a lot of stuff that’s previously been available only through plug-ins, makes performing the basic tasks of opening, printing, and sharing documents a good deal more convenient, and throws in a few new features that will expand the repertoire of those who really know their Office.

Link – http://lifehacker.com/5411837/hands+on-look-at-whats-new-in-office-2010

Guided Tour inside the Windows Azure Cloud

at PDC09 in Los Angeles this week and got a great opportunity to get a guided tour of a piece of the Windows Azure Cloud from Patrick Yantz, a Cloud Architect with Data Center Services. You may think it’s a Cloud Container, but it’s not!
Join me on this very technical 15 minute deep dive inside the making of the hardware behind the Windows Azure Cloud.

Hanselminutes on 9 – Guided Tour inside the Windows Azure Cloud with Patrick Yantz Scott Hanselm

Windows Home Server Power Pack 3

We are announcing that the Windows Home Server Power Pack 3 will be available in all shipping languages (Chinese, English, French, German, Italian, Japanese, and Spanish) on November 24 2009. Power Pack 3 will be a free update to existing Windows Home Server users via Windows Update.

Windows Home Server Power Pack 3 improves the Windows Home Server experience with Windows 7 and Windows Media Center by providing features like backup and restore of computers running Windows 7, Windows 7 Libraries integration, enhancements for Windows Media Center, and better support for netbook computers.

Link – http://windowsteamblog.com/blogs/windowshomeserver/archive/2009/11/19/windows-home-server-power-pack-3-available-november-24th-includes-enhancements-for-windows-7-based-computers.aspx

Hyper-V and Domain Controllers – Demo Tips and Tricks

In the past I have talked about the different configuration options when running Domain Controllers and Hyper-V.  One of the more interesting configurations I discussed then was having a Hyper-V server joined to a domain where the domain controller was a virtual machine running on the same instance of Hyper-V.

This is actually a configuration I use all of the time when I am doing public demonstrations.  The reason why I do this is because:

  1. I do not like to ship hardware – as I have had hardware get damaged in shipping too many times.
  2. I do not trust networking in a demo environment – so if I can keep it all on one computer, I will.
  3. I often have to demonstrate software / configurations that need a domain controller.

This all means that I need to have a domain controller in a virtual machine on my laptop.

Over the course of many demos – I have gleaned a few interesting tips and tricks for this sort of configuration.

Link – http://blogs.msdn.com/virtual_pc_guy/archive/2009/11/20/hyper-v-and-domain-controllers-demo-tips-and-tricks.aspx

Hyper-V and Domain Controllers – Demo Tips and Tricks

In the past I have talked about the different configuration options when running Domain Controllers and Hyper-V.  One of the more interesting configurations I discussed then was having a Hyper-V server joined to a domain where the domain controller was a virtual machine running on the same instance of Hyper-V.

This is actually a configuration I use all of the time when I am doing public demonstrations.  The reason why I do this is because:

  1. I do not like to ship hardware – as I have had hardware get damaged in shipping too many times.
  2. I do not trust networking in a demo environment – so if I can keep it all on one computer, I will.
  3. I often have to demonstrate software / configurations that need a domain controller.

This all means that I need to have a domain controller in a virtual machine on my laptop.

Over the course of many demos – I have gleaned a few interesting tips and tricks for this sort of configuration.

Link – http://blogs.msdn.com/virtual_pc_guy/archive/2009/11/20/hyper-v-and-domain-controllers-demo-tips-and-tricks.aspx

← Older Entries
Newer Entries →