(no subject)
Threat Modeling at Microsoft
http://www.schneier.com/blog/archives/2007/10/threat_modeling.html
This is an excellent series of blog posts by Microsoft's Larry Osterman about threat modeling, using the PlaySound API as an example. Long, detailed, and complicated, but well worth reading. The last post is particularly good.
*w/thanks to Bruce Schneier*
http://www.schneier.com/blog/archives/2007/10/threat_modeling.html
This is an excellent series of blog posts by Microsoft's Larry Osterman about threat modeling, using the PlaySound API as an example. Long, detailed, and complicated, but well worth reading. The last post is particularly good.
*w/thanks to Bruce Schneier*