Archive for the ‘Security’ Category

I love it when PR Blows up in your face

Sunday, July 22nd, 2007

Jesper has been doing some brilliant digging and shown that you need to be very careful before you bag out the opposition for their failures….

Hey, Mozilla- Quotes Are Not Legal in a URL

Posted in IT, Security | No Comments »

Microsoft Please Please KILL Share Permissions

Saturday, July 21st, 2007

It’s been 15 years or more since Microsoft launched Windows NT. No one has used a Windows 3.11 Server in production since Windows 2000 was around.

So why oh why do we still have share permissions in W2K3 and Longhorn? All they do is confuse Administrators and allow for weird security configurations and the problems that come with them. I frequently see mismatched configurations, confusion over remote and local access or confusion over other sharing methods such as HTTP.

There is a small supportive argument or them that goes along the lines of “but what if the NTFS permissions are wrong”. Well, lets look at the failure mechanisms.  Read more... (235 words, estimated 56 secs reading time)

This is a preview of Microsoft Please Please KILL Share Permissions. Read the full post (235 words, estimated 56 secs reading time)

Posted in IT, Security | No Comments »

Its Time For Airport Security To Ketchup With Reality (from The Herald )

Friday, June 8th, 2007

 

Link to Its Time For Airport Security To Ketchup With Reality (from The Herald )

Posted in Security | No Comments »

MS Office team to be shot – MS Project 2003 Auth

Tuesday, May 29th, 2007

I firmly believe one of the reasons MS holds the position they do is due to their control of the Directory, and their integration with it. MS thought so once too, and tried to extend it to the Internet with Passport.

So why oh why then does this MS product NOT support any of the normal UI’s for authentication.

MS Project 2003 Professional connecting to a MS Project Server 2003.

It gives the option of connecting with your domain account, or using a “Project Server Account”. Here comes the crunch. NEITHER of these options works on a PC that is not a domain member. There is no popup UI to ask for a password.  Read more... (171 words, 2 images, estimated 41 secs reading time)

This is a preview of MS Office team to be shot – MS Project 2003 Auth. Read the full post (171 words, 2 images, estimated 41 secs reading time)

Posted in IT, Security | No Comments »

Help the Terrorists

Monday, May 14th, 2007

Well despite the well publicised and highly debatable restrictions on liquids on International flights, it appears Qantas and Virgin have decided that company profits are more important the the security theatre shoved in your face everywhere else.

It is now possible for anyone to board a plane in Australia without showing ID. Known terrorists sign up here, if you are finding it difficult to travel elsewhere, we’ll happily let you on board.  Read more... (317 words, estimated 1:16 mins reading time)

This is a preview of Help the Terrorists. Read the full post (317 words, estimated 1:16 mins reading time)

Posted in Security | No Comments »

Blowing Up Planes

Saturday, September 9th, 2006

This is one of the best security articles I have read in a while. Finally some intelligence on aircraft security.

http://www.theregister.co.uk/2006/08/17/flying_toi…

Posted in Security | No Comments »

Attrition is always good value

Thursday, June 8th, 2006

http://attrition.org/security/rant/z/keysigning.html

Reminds me of Schneier’s pizza’s at the NSA

Posted in IT, Security | No Comments »

One of my favourite bugbears and argument starters – my comments are in there too

Thursday, April 27th, 2006

2 Factor Auth

http://blogs.technet.com/steriley/archive/2006/04/20/425824.aspx?CommentPosted=true#commentmessage

MS even let me present on this exact topic and make the same statements.

Posted in IT, Security | No Comments »