Mark Russinovich
From Wikipedia, the free encyclopedia
Mark Russinovich is a software engineer and author who works for Microsoft as a Technical fellow. He is a regular contributor to TechNet Magazine and Windows IT Pro magazine (previously called Windows NT Magazine) on the subject of the Architecture of Windows 2000 and was co-author of Inside Windows 2000 (3rd edition). Russinovich is the author of many tools used by Windows NT and Windows 2000 kernel-mode programmers, and of the NTFS file system driver for DOS. He is widely regarded as a Windows expert[citation needed].
Some of his work was done in collaboration with David A. Solomon and under the banner of Sysinternals which is also used by Bryce Cogswell. The commercial part of his work partly spun off to the company Winternals Software.
Contents |
[edit] Earlier work
 |
This article may require cleanup to meet Wikipedia's quality standards. Please improve this article if you can. (July 2009) |
In 1996, Russinovich discovered that the difference between the workstation and server editions of Windows NT 4.0 comprised solely two values in the Windows Registry[1].
On July 18, 2006, Russinovich announced in his blog that Winternals Software has been acquired by Microsoft and that he was joining the company's Platforms and Services division.[2]
Russinovich got his B.S. and Ph.D. degrees in computer engineering at Carnegie Mellon University and his M.S. degree at Rensselaer Polytechnic Institute.
[edit] Sony Rootkit Discovery
 |
Wikinews has related news: Sony faces class action lawsuits for DRM |
On October 31, 2005 Russinovich published his discovery of the rootkit behavior of Extended Copy Protection, an implementation of Digital Rights Management on many Sony BMG audio CDs. This led to the Sony CD copy protection scandal including, among other things, class action lawsuits against Sony for privacy violation. He also discovered that Symantec's Norton SystemWorks bundle has a rootkit to recover deleted files, but it can be used by malware to perform unauthorized actions.
[edit] Windows Metafile vulnerability
In January 2006, Russinovich again came to public attention when he analyzed the Windows Metafile vulnerability in Windows and concluded that it was not a deliberate backdoor. This possibility had been raised — albeit tentatively — by Steve Gibson after a cursory investigation of the nature of the exploit and its mechanism.[3]
[edit] Bibliography
Books
- Solomon, David; Mark Russinovich (September 16, 2000). Inside Microsoft Windows 2000 ((Third Edition) ed.). Microsoft Press. ISBN 0-7356-1021-5.
- Russinovich, Mark; David Solomon (December 8, 2004). Microsoft Windows Internals ((Fourth Edition) ed.). Microsoft Press. ISBN 0-7356-1917-4.
- Russinovich, Mark; David Solomon, Alex Ionescu (June 17, 2009). Microsoft Windows Internals ((Fifth Edition) ed.). Microsoft Press. ISBN 0-7356-2530-1.
Articles
- Russinovich, Mark (October 1997). "Inside NT's Object Manager". Windows IT Pro. http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=299.
- Russinovich, Mark (December 1998). "NT vs.UNIX: Is One Substantially Better". Windows IT Pro. http://www.windowsitpro.com/Articles/Index.cfm?IssueID=97&ArticleID=4500.
- Russinovich, Mark (June 1999). "Inside Encrypting File System, Part 1". Windows IT Pro. http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=5387&Key=Internals.
- Russinovich, Mark (February 2007). "Inside the Windows Vista Kernel: Part 1". TechNet Magazine. http://www.microsoft.com/technet/technetmag/issues/2007/02/VistaKernel/.
- Russinovich, Mark (March 2007). "Inside the Windows Vista Kernel: Part 2". TechNet Magazine. http://www.microsoft.com/technet/technetmag/issues/2007/03/VistaKernel/.
- Russinovich, Mark (April 2007). "Inside the Windows Vista Kernel: Part 3". TechNet Magazine. http://www.microsoft.com/technet/technetmag/issues/2007/04/VistaKernel/.
- Russinovich, Mark (June 2007). "Inside Windows Vista User Account Control". TechNet Magazine. http://www.microsoft.com/technet/technetmag/issues/2007/06/UAC/.
Videos
- Russinovich, Mark (November 2006). "Windows Vista Kernel Changes". Microsoft TechEd IT Forum 2006. http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=340.
- Russinovich, Mark (November 2006). "Advanced Malware Cleaning". Microsoft TechEd IT Forum 2006. http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=359.
- Russinovich, Mark (November 2006). "Advanced Windows Troubleshooting with Sysinternals Process Monitor". Microsoft TechEd IT Forum 2006. http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=346.
- Russinovich, Mark (November 2006). "Windows Vista User Account Control Internals". Microsoft TechEd IT Forum 2006. http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=360.
[edit] References
- ^ Andrew Schulman (1996-09-16). "Differences Between NT Server and Workstation Are Minimal". O'Reilly and Associates. http://www.oreilly.com/news/differences_nt.html. Retrieved on 2005-11-16.
- ^ Mark Russinovich (2006-07-18). "On My Way to Microsoft!". Mark's Sysinternals Blog. http://blogs.technet.com/markrussinovich/archive/2006/07/18/on-my-way-to-microsoft.aspx. Retrieved on 2007-04-26.
- ^ Steve Gibson (2006-01-12). "grc.news.feedback". Gibson Research Corporation. http://12078.net/grcnews/article.php?group=grc.news.feedback&id=60006. Retrieved on 2007-11-06. "The only conclusion that can reasonably be drawn is that this was a deliberate backdoor put into all of Microsoft's recent editions of Windows."
[edit] External links
- Mark's TechNet blog
- Video interview with Mark in his office at Microsoft on TechNet Edge
- Mark's public event/session videos on Microsoft IT's Showtime! by TechNet
- Original Article on Sony's rootkit
- Inside the WMF backdoor
- Windows Sysinternals Tools written by Mark Russinovich
- Symantec Norton Protected Recycle Bin Exposure
