I do not come from an especially political family. One parent has not voted in decades, and the other votes regularly, but is not an enthusiast and values harmony over potentially-divisive political discussions. Politically, I am left of center– the middle child in both age and political leanings: one brother to the left of me,Continue reading “On Politics”
Author Archives: ericlaw
Lenovo P1, Gen7: Meh
I’ve been a loyal user of Thinkpads for over twenty-five years now, and I currently own four (with another on loan from Microsoft). In July, the screen on my Lenovo X1 Yoga Gen 6 failed at an inopportune time, and my 8yo broke the screen on my backup (T480S), so I rush-ordered a Lenovo P1Continue reading “Lenovo P1, Gen7: Meh”
Defensive Technology: Antimalware Scan Interface (AMSI)
Endpoint security software faces a tough challenge — it needs to be able to rapidly distinguish between desired and unwanted behavior with few false positives and false negatives, and attackers work hard to obfuscate (or cloak) their malicious code to prevent detection by security scanners. To maximize protection, security software wants visibility into attack chainsContinue reading “Defensive Technology: Antimalware Scan Interface (AMSI)”
Content-Blocking in Manifest v3
I’ve written about selectively blocking content in browsers several times over the last two decades. In this post, I don’t aim to convince you that ad-blocking is good or bad, instead focusing on one narrow topic. Circa 2006, I was responsible for changing IE so that you could simply add an advertising site to theContinue reading “Content-Blocking in Manifest v3”
Attack Techniques: Encrypted Archives
Tricking a user into downloading and opening malware is a common attack technique, and defenders have introduced security scanners to many layers of the ecosystem in an attempt to combat the technique: With all this scanning in place, attackers have great incentives to try to prevent their malicious code from detection up until the momentContinue reading “Attack Techniques: Encrypted Archives”
text/plain 