Ping!

It have been more than two months since I posted here. I was visiting Canada and California on vacations, and now I'm a bit overflowed with duties from my job and the local ISSA chapter (I'm president since July). I hope to be able to translate some things that I wrote this week and to resume posting here more regularly in the next few weeks.

A quick note, I went to ToorCon in San Diego during my vacations. It was a bit too technical comparing to what I'm used to do now, but the presentation from Dan Kaminsky is always something worth to watch. I was expecting to see David Maynor and Johnny Cache doing a live presentation of their famous wireless exploit, but I believe you all already know what happened there.

Its funny how we stil have a lot of people bashing at Microsoft about security while we have companied like Apple and Oracle, with their terrible security behaviour. Microsoft has a huge security improvement in its products (can anyone remember the last vulnerability in IIS?), it's releasing good security products (the new ForeFront product lie has some interesting concepts), buying companies with good security products and professionals (Sysinternals...) and promoting security awareness everywhere. If there is a company "at our side" about this subject nowadays, it's Microsoft.

I really have hope on seeing Oracle following the same path. Still have doubts if Apple will try or if it will just close its eyes and pretend nothing is happening.