Brett Hill


Brett Hill is technical product manager at Microsoft in charge of technical readiness for Microsoft Partners with Microsoft Business Productivity Online Suite. He operates and maintains a blog at

Comments on FireFox Thread comments 2

I think this guy is saying something very important.

"I as a web developer HATE IE it takes the XHTML standards and throus them out the window, to make a web page 100% perfect in IE is to make a page that dose not follow any of the standards that govern all the other browsers out there"

A new critical security fix for IE

In keeping with the IE discussion, Microsoft annoucned a culmative update for IE today. 

Microsoft Security Bulletin MS04-040:

Cumulative Security Update for Internet Explorer (889293)

Bulletin URL:


Version Number: 1.0

FBI serves subpoenas on Nmap creator

This is intresting.

Fydor is served!
The FBI is tracking someone and thinks Fydor may have some info about someone who downloaded something from somewhere.

Nevertheless, we may hear more about this.

FireFox Thread Comments 7

I truely respect the notion that standards are not effective when not respected by the dominate player in the field. This leads to a discussion of course of what does it take when the dominate player doesn't have to abide by the standards because their influence is, by definition, dominate. They can do pretty much what they want - and from a business perspective you can't argue that they've been sucessful. The experience of the poster who said they had no choice but to use IE is exactly what Microsoft would like to occur.

FireFox Discussion 20

Excellent discussion on the FireFox issues. I guess my point in all this is that FireFox is here to stay and only time will tell if that results in the opportunity for a more secure browsing environment. The post regarding standards is well taken, and I don't think anyone whose informed in the biz confuses ActiveX with an RFC standard. But this issue of standards is not so simple as "comply and everything is easy". Why should Micorosft comply with dated standards when they own the vast majority of the market share? Put yourself in the same situation.

WiFi Security Article 1

Here's a nice article about stealing W-Fi.
It's appliciable to many since one of the most frequently occuring vectors of attack in a company is through a wireless access port.

IE Explorer is the weakest link 4

Hardening servers is usually focused on keeping the bad guys out. But with the recent rapid fire release of serious exploitable problems in IE, server security needs to also include a renewed commitment to keeping administrators from browsing the net with IE. In classes and lecture, I tell people to block port 80 outbound from IIS server either using IPSEC, ICF (for SP1 on Windows Server 2003), or your firewall. Many smaller shops, however, permit admins to browse with IE in order to pull down patches from Windows Update or utilities as required.

Windows OS on Voting Machines not Pen Tested 7
If you had the job of security testing a voting machine that ran Windows, would you certify it without a penetration test?
DoS attacks for Hire
Companies extorted to avoid DoS attacks
Passphrases are the rage
Prediction: Less than 3 weeks to major worm.
This is how it goes sometimes 2
An admin tells me how a server was infected.
October-­December 2004: Blog
Check out Brett Hill's blog about thwarting hackers and resolving other security issues.
Welcome to the You've Been Hacked Blog

Greetings and welcome to the You've Been Hacked Blog! Over the next few monthsm we're going to be having a strong, frank discussion of security matters related to Micorosoft opearating systems, services, and products. As the title suggests, there is a special focus on what to do if you think you've been hacked. All of these can be complex and important topics and we want to hear from you about your experiences, questions, concerns, references, FAQ's and links.

Microsoft Stack Master Class

Master-Level Microsoft Stack Class with John Savill
Online Class: Thursdays Oct. 12th-Dec. 21st
30 Hours of Training for $995!

Understand the complete Microsoft solution stack, how the products work together, and how to implement and maintain for a total datacenter and desktop solution. This course covers the latest technology updates including Windows Server 2016 and Windows 10 and will enable the new capabilities to be leveraged in your organization.


Join the Conversation

Sponsored Introduction Continue on to (or wait seconds) ×