Mark Russinovich

From Wikipedia, the free encyclopedia

Mark Russinovich is a software engineer and author who works for Microsoft as a Technical Fellow. He is a regular contributor to TechNet Magazine and Windows IT Pro magazine (previously called Windows NT Magazine) on the subject of the Architecture of Windows 2000 and was co-author of Inside Windows 2000 (4th edition). Russinovich is the author of many tools used by Windows NT and Windows 2000 kernel-mode programmers, and of the NTFS filesystem driver for DOS. He is widely regarded as a Windows expert, and is a Microsoft MVP.

Some of his work was done in collaboration with David A. Solomon and under the banner of Sysinternals which is also used by Bryce Cogswell. The commercial part of his work partly spun off to the company Winternals Software.

In 1996, Russinovich discovered that the difference between the workstation and server editions of Windows NT comprised solely two values in the Windows Registry[1].

On July 18, 2006, Russinovich announced in his blog that Winternals Software has been acquired by Microsoft, and that he is joining the company's Platforms and Services division.[2]

Russinovich got his Ph.D. degree at Carnegie Mellon University.

Contents

[edit] Sony Rootkit Controversy

On October 31, 2005 Russinovich published his discovery of the rootkit behavior of Extended Copy Protection, an implementation of Digital Rights Management on many Sony BMG audio CDs. This led to the Sony CD copy protection scandal including, among other things, class action lawsuits against Sony for privacy violation. He also discovered that Norton Systemworks has a rootkit to recover deleted files, but it can be used by malware to perform unauthorized actions.

[edit] WMF Vulnerability

In January 2006, Russinovich again came to public attention when he analyzed the Windows Metafile vulnerability in Windows and concluded that it was not a deliberate backdoor. This possibility had been raised – albeit tentatively – by Steve Gibson after a cursory investigation of the nature of the exploit and its mechanism.

[edit] Bibliography

Books

Articles

Videos

[edit] References

  1. ^ Andrew Schulman (September 16, 1996). Differences Between NT Server and Workstation Are Minimal. O'Reilly and Associates. Retrieved on November 16, 2005.
  2. ^ Mark Russinovich (July 18, 2006). On My Way to Microsoft!. Mark's Sysinternals Blog. Retrieved on July 18, 2006.

[edit] External links

In other languages