Last November, I wrote a post about the basics of security software. In that post, I laid out how security software is composed of sensors and throttles controlled by threat intelligence. In today’s post, we’ll look at the Windows Filtering Platform, a fundamental platform technology introduced in Windows Vista that provides the core sensor andContinue reading “Defensive Technology: Windows Filtering Platform”
Category Archives: security
Runtime Signature Checking Threat Model
Telerik developers recently changed Fiddler to validate the signature on extension assemblies before they load. If the assembly is unsigned, the user is presented with the following message: In theory, this seems fine/good– signing files is a good thing! However, it’s important to understand the threat model and tradeoffs here. Validating signatures every time aContinue reading “Runtime Signature Checking Threat Model”
Debugging Chromium
A customer recently complained that after changing the Windows Security Zone Zone configuration to Disable launching apps and unsafe files: … trying to right-click and “Save As” on a Text file loaded in Chrome fails in a weird way. Specifically, Chrome’s download manager claims it saved the file (with an incorrect “size” that’s actually theContinue reading “Debugging Chromium”
Authenticode in 2025 – Azure Trusted Signing
I’ve written about signing your code using Authenticode a lot over the years, from a post in 2015 about my first hardware token to a 2024 post about signing using a Digicert HSM. Recently, Azure opened their Trusted Signing Service preview program up for individual users and I decided to try it out. The documentationContinue reading “Authenticode in 2025 – Azure Trusted Signing”
Guidelines for Secure Filename Display
Many years ago, I wrote the first drafts of Chromium’s Guidelines for Secure URL Display. These guidelines were designed to help feature teams avoid security bugs whereby a user might misinterpret a URL when making a security decision. From a security standpoint, URLs are tricky because they consist of a mix of security-critical information (theContinue reading “Guidelines for Secure Filename Display”
Attack Techniques: “I Already Hacked You” Scams
Scammers often try to convince you that you’ve already been hacked and you must contact them or send them money to prevent something worse from happening. I write about these a bunch: Another common “Bad thing already happened” scam is to send the user an email telling them that their devices were hacked some timeContinue reading “Attack Techniques: “I Already Hacked You” Scams”
Mark-of-the-Web: Real-World Protection
Two years ago, I wrote up some best practices for developers who want to take a file’s security origin into account when deciding how to handle it. That post was an update of a post I’d written six years prior explaining how internet clients (e.g. browsers) mark a file to indicate that it originated fromContinue reading “Mark-of-the-Web: Real-World Protection”
Security Software – An Overview
I’ve spent nearly my entire professional career in software security: designing software to prevent abuse by bad actors. I’ve been battling the bad guys for over two decades now, from hunting security bugs in Microsoft Office (I once won an Xbox for finding a vulnerability that allowed malicious clipart take over your computer) to designingContinue reading “Security Software – An Overview”
Best Practices for SmartScreen AppRep
Last year, I wrote about how Windows integrates SmartScreen Application Reputation to help ensure users have a secure and smooth experience when running downloaded software. tl;dr: When a user runs a downloaded program, a call to SmartScreen’s web-based reputation service is made, and four possible outcomes can occur: As a software developer, it’s natural thatContinue reading “Best Practices for SmartScreen AppRep”
Defensive Technology: Controlled Folder Access
Most client software’s threat models (e.g. Edge, Chrome) explicitly exclude threats where the local computer was compromised by malware. That’s because, without a trusted computing base, it’s basically impossible to be secure against attackers. This concept was immortalized decades ago in the Ten Immutable Laws of Security: In the intervening years, new technologies (like SecureContinue reading “Defensive Technology: Controlled Folder Access”
text/plain 