RSA Conference 2007, Day 3 (Thursday) Noon Update

UPDATE: Brian Seitz posted an audio cast of a short interview with Mike Howard and myself after our session this morning.  Here is the link on the Microsoft RSA site:

 audioInterview at RSA, Mike Howard & Jeff Jones 

Mike Howard and I got together this morning to put the finishing touches on our session presentation (in the Crypto Lounge) and finished going over all the details about 20 minutes before our session was to start.  So, we trek over to our room to find a large crowd of folks waiting out side the door, waiting to get in.  I ask the lady if the previous session is about over and she responds, saying “sorry, this session is full.”  Huh?  “Excuse me, which session is full – the *next* one – that starts at 9:10am?”  “Yes, you can’t go in, it is already too full.”  Aha!

 So, I say “Oh, well we need to get in because we’re the speakers.”  She looks at me and say “sorry, but I can’t let you in.”  I say “seriously, we’re the speakers, the session can’t start unless you let us go in.”  So, we got in.

And it was fun.  We didn’t talk about features, but instead went through the details of the SDL process and how it was applied specifically to Windows Vista, giving stats and examples everywhere we could.  We also demonstrated the integrity protection that is used by “low rights IE”, as well as the details of /NXCompat and /Dynamicbase linker options, with some code that executed from memory locations.

Mike and I talked afterward and we think we’ll probably do an updated version of the session at TechEd in June.  Also, we’re thinking that we might do a Live webcast of the session in a few weeks, if people are interested.

 I’ve run into a ton of folks that I used to work with during this trip and that has been great too.  Today I’m going to try and do some walk arounds and interview some folks and get their thoughts on the show for this year.

About the Author
Jeff Jones

Principal Cybersecurity Strategist

Jeff Jones a 27-year security industry professional that has spent the last decade at Microsoft working with enterprise CSOs and Microsoft's internal teams to drive practical and measurable security improvements into Microsoft products and services. Additionally, Jeff analyzes vulnerability trends Read more »