Perimeter
5/14/2010
01:22 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Microsoft Security In 140 Characters Or Less

When Microsoft's JG Chirapurath said he would stick to Twitter's maximum capacity of 140 characters for his responses in our twitterview last week, he wasn't kidding.

When Microsoft's JG Chirapurath said he would stick to Twitter's maximum capacity of 140 characters for his responses in our twitterview last week, he wasn't kidding.My interview with Chirapurath, senior director of Microsoft's identity and security business group, via Twitter last week was fun, interesting, and frustrating -- all at the same time. I'd never conducted a twitterview before, so this was a refreshing change of venue. JG deftly condensed his responses into bite-sized answers -- some that provided insight into Microsoft's strategies, and others that left me wishing I had more than the 30 minutes we had allotted (lesson learned) so I could drill down more on some of the topics.

And the natural Twitter-time lag time between my tweeted questions and his tweeted responses felt like dead-air moments in a television interview.

But one thing I learned from the twitterview format is that while it limits the verbiage, it doesn't leave much room for marketing speak, and its informality makes it a little more personal. It forces stripped-down responses that cut to the chase.

Aside from not carving out enough time for the twitterview, another mistake I made was forgetting to address JG at his Twitter account, @MS_Forefront, in my first few tweets. Anyway, I'm open to any suggestions to improve the experience, so feel free to hit me with some ideas @DarkReading.

Will Dark Reading twitterview again? Absolutely.

Anyway, in case you missed it or want a recap, here's a "twitterscript" of the interview last week:

DarkReading Kelly Jackson Higgins here for Dark Reading, with JG Chirapurath, sr director of Microsoft's ID & security biz grp. Hi JG. #MSFTtweet 2:30 PM May 6th via web

DarkReading Welcome everyone to our twitterview. #MSFTtweet 2:32 PM May 6th via web

DarkReading JG, are you ready to start? #MSFTtweet 2:33 PM May 6th via web

MS_Forefront @DarkReading ready when you are ... I feel 140 charac pithy this AM ^JGC 2:35 PM May 6th via CoTweet

DarkReading Great. What struck me among the anncmnts yesterday by MSFT was the support for 5 different vendor AV engines. Why multivendor? #MSFTtweet 2:37 PM May 6th via web

DarkReading (and feel free to go over 140--I'll remain pithy) .;-) #MSFTtweet 2:37 PM May 6th via web

MS_Forefront@DarkReading - Multivendor coz no one vendor can catch or see all the threats out there. This is the way to go #MSFTtweet 2:39 PM May 6th via CoTweet

DarkReadingWill we see more of this mulitivendor strategy by MSFT in other products? If so, can you say which ones? #MSFTtweet 2:40 PM May 6th via web

MS_Forefront @DarkReading 4 sure in the sec. FPE/FOPE already uses it. TMG uses cloud with info from industry to enable web filtering. ^JGC #MSFTtweet 2:42 PM May 6th via CoTweet

DarkReadingThere's been a lot of discussion of the future of signature-based scanning. How does MSFT see the role of signatures evolving? #MSFTtweet 2:45 PM May 6th via web

MS_Forefront@DarkReading There's always a role for it but the key trend is aggregating thrt int - we vendors have to work 2gether better ^JGC #MSFTtweet 2:48 PM May 6th via CoTweet

DarkReadingOne of our readers asks what advantage is of Forefront Protection for SharePoint 2010 --doesn't it rely (mainly) on signatures? #MSFTtweet 2:49 PM May 6th via web

MS_Forefront@DarkReading 3 thngs. Deep integ w/ SP2010 & BPOS.Prvnts users from up/dwnldng infect docs. Multiengines. Ups the game IMHO ^JGC #MSFTtweet 2:53 PM May 6th via CoTweet

@MS_Forefront How does the new Active Directory FS 2.0 work with CardSpace, and how will it with CardSpace 2.0? #MSFTtweet 2:55 PM May 6th via web

MS_Forefront@DarkReading we're delivering a Cardspace CTP that enables released ADFS 2.0 in WinServer to issue InfoCards ^JGC #MSFTtweet 3:00 PM May 6th via CoTweet

DarkReading@MS_Forefront (Shifting gears a bit here): What is the status of the U-Prove crypto technology MSFT announced at the RSA con? #MSFTtweet 3:03 PM May 6th via web

MS_Forefront@DarkReading - cntng to invest. Rlsd CTP @ RSA int U-Prove with ADFS, WIF. Rlsd a 2nd spec via OSP dscrbng int using WS* & InfoCards. ^JGC 3:08 PM May 6th via CoTweet

MS_Forefront @DarkReading - Got to run. Thanks very much. This was a lot of fun. Let's do this again soon. ^JGC #MSFTtweet 3:09 PM May 6th via CoTweet

DarkReading@MS_Forefront Thank you for your time, JG. We'll have to carve out more time next time. #MSFTtweet 3:11 PM May 6th via web

-- Kelly Jackson Higgins, Senior Editor, Dark Reading Follow Kelly (@kjhiggins) on Twitter: http://twitter.com/kjhiggins Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-2595
Published: 2014-08-31
The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, enables MSM_CAM_IOCTL_SET_MEM_MAP_INFO ioctl calls for an unrestricted mmap interface, which all...

CVE-2013-2597
Published: 2014-08-31
Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that lever...

CVE-2013-2598
Published: 2014-08-31
app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite signature-verification code via crafted boot-image load-destination header values that specify memory ...

CVE-2013-2599
Published: 2014-08-31
A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.3.x enables debug logging, which allows attackers to obtain sensitive disk-encryption pas...

CVE-2013-6124
Published: 2014-08-31
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the permissions of an arbitrary fil...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.