Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

Ollie Whitehouse

Ollie Whitehouse
Member for: 3 years 50 weeks
Contact: Send this user an email
Member for: 3 years 50 weeks
Blog: View recent blog entries
Contribution Stats
0
Solutions
0
Forum Threads
0
Comments
63
Blog Entries
0
Ideas
0
Articles
0
Videos
0
Downloads
0
Events
0
Groups Joined

Ollie Whitehouse's Activity

Show:
New blog entry 20 Nov 2007
Ollie Whitehouse posted: Security Issues & COTS Mobile Operating Systems – Some Very Rough Numbers
I was interested in getting some rough numbers on publicly disclosed vulnerabilities in Symbian and Windows CE/Mobile platforms and applications. I cannot say with any degree of confidence that what I present below is reflective, simply due to the fact that different bugs get categorized under
New blog entry 08 Nov 2007
Ollie Whitehouse posted: Windows CE & Mobile Advisories – Elvis has left the building!
Well, we’ve arrived at where we’ve been trying to get to for some time. That is to say that we now have the ability to release security advisories for Windows CE & Windows Mobile after working through the accepted responsible disclosure process with Microsoft. It hasn't been easy, with
New blog entry 14 Oct 2007
Ollie Whitehouse posted: Getting Ready to Respond to Mobile Security Issues
O.K. - firstly - long time no blog. Secondly, apologies for that - a mixture of vacation, work, and work travel has recently seen me distracted a little from my blogging duties (my plate spinning is improving, however). Anyway, with the apologies out of the way, onto the subject of this blog. R
New blog entry 27 Sep 2007
Ollie Whitehouse posted: North America SMS SPAM – The Case of the Recent Cross Carrier SPAM
Interesting tidbit: I subscribe to the Messaging News email newsletter. (I don’t actually remember signing up for it – buthey ho). I couldn’t find this replicated on their site so I am going toquote the interesting bits of the newsletter. What caught by eye was the title ‘Cell Phone Users E
New blog entry 06 Sep 2007
Ollie Whitehouse posted: Windows Update used to distribute fixed ATI driver – but it's optional!
In my last post on the subject of Vista versus the battle of vulnerable and malicioussigned drivers, I said there was some conjecture about whetherMicrosoft was going to use Windows Update to distribute a patch for avulnerable ATI driver. Elia Florio on our Security Response Operations tea
New blog entry 29 Aug 2007
Ollie Whitehouse posted: It’s a bird! It’s a plane! It’s… well, it’s actually a plane
With the airline industry being as competitive as it is, many of today's airlines are in the process of implementing lavish in-flight entertainment systems that offer a wide range of options including TV, movies, music andgames. Gone are the days where they tossed you cheap headphones wrap
New blog entry 28 Aug 2007
Ollie Whitehouse posted: What Does the Future Hold for Security?
Yes this could be a 500 page book, but I’m going to try to present the future of security in fewer than 1,200 words. Up to now in this anniversary series, my fellow Symantecites have been discussing what has happened over the past 25 years around security and how Symantec and the indus
New blog entry 26 Aug 2007
Ollie Whitehouse posted: A call to embedded system developers – think of the consumers and users
Recently I bought a NAS (Network Attached Storage) solution for hometo manage backups for the ever increasing number of storage devices weall seem to be accumulating. I did as most people would and selected aconsumer solution from a well-known brand. The brand name on the box,as is not unusual in
New blog entry 23 Aug 2007
Ollie Whitehouse posted: ATI’s penicillin to PurplePill and the PatchGuard patch that wasn’t
Here is a short update to bring this latest chapter in Vista’s security fairytale finally to a close. On Monday the 13th of August, ATI patched their Catalyst drivers to resolve the vulnerability that PurplePill exploited. ATI should be commended with the speed and agility theyre
New blog entry 13 Aug 2007
Ollie Whitehouse posted: Is That a Hole in Your Kernel or Are You Just Pleased to See Me?
So, in the Future Watch section of the last Internet Security ThreatReport and in our Windows Vista research, we stated that drivers wereincreasingly being attacked and that we would expect this trend tocontinue. We also stated that these third-party drivers posed one ofthe greater areas of exposu
New blog entry 07 Aug 2007
Ollie Whitehouse posted: Driver Signing on Vista 64 – ATI Isn’t Getting a Christmas Card This Year
The other day, I blogged about the latest happenings in the Atsiv saga . Today I’m providing an update, which I couldn’t have made up even if I tried. This can only be described as one of those moments that would makeanyone in Microsoft’s situation start to sob. Alex Ionsecu published anent
New blog entry 05 Aug 2007
Ollie Whitehouse posted: 64-bit Driver Signing on Windows Vista – ‘Computer Says No’
So Friday before last, I blogged about the Atsiv tool .As a quick refresh this was a tool which implemented its own PE loaderwithin a kernel driver. The authors had gone through the process ofobtaining a signing key for both the 32-bit and 64-bit versions ofWindows Vista for their kernel driver
New blog entry 01 Aug 2007
Ollie Whitehouse posted: Paterva Evolution – Data Mining for the Google Generation
So in a world where data is king, peopleare obviously going to look for ways to mine the data in more effectiveways. I saw a talk in May last year by Ian Cook titled, “FindingInformation in the Darkweb,” with a subtitle of “Open SourceIntelligence Gathering on a Shoestring.” This was interestin
New blog entry 26 Jul 2007
Ollie Whitehouse posted: Driver Signing on Vista 64-bit – Using the Process against Itself
One of my colleagues, Orlando Padilla,recently ran across a tool by Linchpin Labs & OSR, which allowedunsigned drivers to be loaded on Vista 64-bit. The tool, Atsiv ,is interesting since one of the big security features advertised byMicrosoft for Vista 64-bit was the fact that no unsigne
New blog entry 19 Jul 2007
Ollie Whitehouse posted: Mobile Executable Compressors - Hide and Seek 2.0 for Lilliputians
On the desktop we have many different executable compactors, compressors and encryptors. These are used to protect and/or obfuscate binary files. These can be employed by software authors and malicious code authors to protect their code from reverse engineering (though, typically in vain). A while
New blog entry 15 Jul 2007
Ollie Whitehouse posted: Even Symbian 9 Spyware Can Get Signed
With the advent of Symbian 9 came a new capabilities model that could be seen as akin to mandatory access control, or MAC, which I’ve touched on briefly in the past . If you’re interested more in the Symbian 9 capabilities model, I recommend you go read the Embeddec.com article or pur
New blog entry 02 Jul 2007
Ollie Whitehouse posted: Windows CE/Mobile Rootkits
If you Google for either "Windows CE", "Windows Mobile" along with "rootkits" [1] [2] you don’t find anything on the subject. Back in the early part of this year I started a little skunk-works project (which resulted in an internal whitepaper) to understand the tec
New blog entry 19 Jun 2007
Ollie Whitehouse posted: SMS Spam – Thnx – C U in Court m8
In the words of the Ghost Busters, “We’ve got one…” We’ve got what?, I hear you ask. We now have an example of alleged SMS spam with some real statistics rather than the usual conjecture. We know SMS spam has been growing through the monitoring of such sites as Grumble Text [1] however we’ve never
New blog entry 07 Jun 2007
Ollie Whitehouse posted: Access Violations on Windows CE are not Security Issues (if you’re Microsoft)
Time for the next installment in my enthralling series on ‘Watching Microsoft Patch Windows CE’ and remember kids: There are currently no reported security vulnerabilities for Windows CE In my previous entry on this subject [2] I covered up untilFebruary’s updates for Windows CE 5 (the
New blog entry 03 Jun 2007
Ollie Whitehouse posted: Attack Surface Analyses of Windows Mobile 6
So time for another Mind Map. My generic one for Mobile devices last time was received pretty well. I put together the one below for Windows Mobile 6 as part of an internal research project on the new features Microsoft introduced (click for the bigger version) as well as ensuring that

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,988