 |
 |
|
November 11, 2003DevCon:MS OTG Case Study SessionI decided I wanted to expand my depth of knowledge and take a tangent and go to one presentation that I had no real understanding or interest in, just to gain from the experience. I decided what would be better than listening to a Microsoft employee talk about the Operations Technology Group (OTG) and view a few case studies. Hey, its not often you get to listen to a Sr. Systems Engineer talk about whats really going on in the field. Wow, it wasn't what I expected. Thats not good... or bad. Just different. The speaker unfortunately lacked any speaking training and it showed. He is easily losing my attention, not because of content, but presentation. Which is too bad. He seems extremely knowledgable on the topic. Its really interesting to see a Crash Analysis over the past 6 months in the OTG. If you ever wondered what they did with the online crash reports, I can tell you that they are datamining that information and really getting to the heart of the problems. Its neat to see via the case studies how some of these bugs come about, tracked and fixed. The bugcheck info has a lot of really useful information which can be utilized to find the line of offending code (in most cases) as well as show what was passed to it. Ya ya, I know this is known and boring to you. But its neat to see someone break down the bugcheck analysis and explain it technically; I learned a few new commands for WinDbg I never knew. Posted by SilverStr at November 11, 2003 03:45 PM | TrackBackComments
I think that there are two major issues that people think about when an application crashes and they are prompted whether to send the data in: 0. Send info to MS? Never Wim, +1 That's how I feel. I sometime wonder if I should send data in just so that MS knows their stuff is crashing, but normally decide I'm not really sure of what they are doing with the data, or if I trust them anyway (they don't have the best track record), and don't send it in. I'm going to guess that a lot of people feel the same way (what wim said). Posted by: Arcterex at November 12, 2003 11:50 AMYou can't have it both ways. If you don't trust them to fix your bugs, then you can't bitch at them for not fixing them! Next time you are given the prompt, actually hit the button to review the data and take the time to see what is being sent. Just to be sure, attach snort and data dump it when they send it. Find out for yourself if you are unsure. From what I saw that they can do with the dumpd ata in the OCA, its well worth the effort to report it. Posted by: SilverStr at November 14, 2003 09:14 PM |
 
My 5 Favorite Books
Writing Secure Code
Secure Programming Cookbook Security Engineering Secure Coding Principles & Practice Inside the Security Mind
My 5 Favorite Papers
Smashing the Stack
Penetration Studies Covert Channel Analysis of Trusted Systems DoD Trusted Computer System Evaluation Criteria NSA Security Recommendation Guides
Archives
December 2005
November 2005 October 2005 September 2005 August 2005 July 2005 June 2005 May 2005 April 2005 March 2005 February 2005 January 2005 December 2004 November 2004 October 2004 September 2004 August 2004 July 2004 June 2004 May 2004 April 2004 March 2004 February 2004 January 2004 December 2003 November 2003 October 2003 September 2003 August 2003 July 2003 June 2003 May 2003 April 2003 March 2003 February 2003 January 2003 December 2002 November 2002 October 2002 September 2002 August 2002 July 2002 |
|
