Here is a rather interesting article from the site, Inside CRM. This article deals with a host of ways that you can take back control of your personal info.
From Inside CRM:
Internet scams, phishing, identity theft and other attacks that exploit your personal data are always a threat when you shop online, set up an email account, use a credit card, manage an online bank account or carry your Social Security card. There is hope, however, for fighting these threats, and you can start by taking back control of all of your personal data. The 50 tips and tools in this list will help you understand how these scams originate, how to protect yourself online and offline, and how to track down your personal data on the Internet.
Protect yourself and your data online by choosing a secure Web browser, understanding the dos and don’ts of wireless security, and correctly managing passwords.
Of course nothing is guaranteed but, it is a nice list of things that you can do to help protect yourself against the ne’er do wells that lurk in the dark places of the tubes. It hits on things such as using a web browser that isn’t IE using strong passwords et cetera. It also breaks it out into areas of concern such as “General Privacy” and “Credit and Finance”.
Check it out.
Apparently, Microsoft feels it necessary to provide a primer on why/how IT managers should upgrade to Vista. I guess this means that Vista must be worse on sales than was initially ballyhooed. Circling the bowl like Britney’s career?
The primer that I mention, entitled “How to Justify a Desktop Upgrade”, appears on a web page found on their Microsoft Canada website (via Slashdot) which says,
“The problems with positioning upgrades is that, from a user perspective, the changes may not seem significant. But from an administrative perspective, some of the security features are huge,” he said.
“So, as an IT person, who is responsible for the security of the company from viruses and for making sure that everyone is safe, there are many features in Windows Vista that I like. It does a great job of keeping people from being able to browse certain sites. It protects from viruses, because there are a lot more things that will get locked down, and the lock down tends to be tighter. You have a tougher time having things happen accidentally. Probably the biggest hassle from a security perspective [with past technologies] is that users tended to run as administrators. In Vista, that’s not the default anymore.”
OK, so this is a patch for XP then? Is that the rationale? The article goes on to outline how XP is more expensive to run than Vista. Hmm, hardware upgrades must have come down in price and I missed it (yes, I’m being sarcastic).
I love this closing line from the document:
“The increase in security – the inability for users to just simply install stuff, means that you are decreasing the amount of reactive tasks that an administrator has to perform,” said Johnson. “This allows him to become proactive in all things you want in your company.”
Wow, I guess it’s time to upgrade…yes, more sarcasm.
This just tells me that Linux/Mac are beating Microsoft’s brains into the floor. No great shock there. I can only hope that the folks in Redmond spend a little less time with their Google fixation and get down to brass tacks.
In case the page mysteriously vanishes in the night here is a .pdf of the original.
Tags: Vista Failure, Microsoft Selling Vista, Vista vs XP
As we speed through the day we manage to forget things. Be honest, everyone does. I have managed to offload a lot of my day using GTD and Google but, that still doesn’t solve the memory issue (but it helps). How does one improve their memory especially for a field such as security? Well, I found this article on Wired (dated Jul 13/07) that lists ways that you can “amp up” your brain.
Some examples,
Improve Your Memory.
Ancient Greek bards recited 10,000-line poems by heart. Their secret? The Method of Loci. Here’s how it works: To remember, say, a shopping list, imagine walking to the store. Use items on your list to construct incongruous visual images along the way – a carton of milk perched atop a mailbox, bananas growing on a rosebush, and so on. Then, when you arrive at the store, mentally retrace your imagined steps to retrieve all the items on your list.Read better, faster.
Speed-reading courses preach a form of skimming that doesn’t help comprehension or retention. The best way to pump up the pace is to read a lot – for pleasure. In a 2001 study, subjects who read assigned texts increased their speed an average of 18 percent and comprehension by 11 percent. Those who read texts of their own choosing improved speed by 87 percent and comprehension by 33 percent.
Another one that they list deals with getting more sleep. Riiight, that’ll happen.
For the full list of suggestions follow the link. Have any suggestions that you would like to share?
Tags: Improve Your Memory, Better Memory, Improved Thinking, Clarity Of Thought
Why can’t every data center look this good?
Read on for more examples over on MAKE.
Tags: Data Centers, Data Center Wiring, Good Wiring
Fresh of the press… a dash of liquidmatrix hotness…
Here you go. On this page you will find a small POC (Proof of Concept) of a client-side (only JavaScript) spider that is based on the top of Yahoo Site Explorer PageData service which you can read more about from this page. I’ve being talking about client-side spiders for quite some time now over here and here and I even came up with POC based on Yahoo Pipes for my OWASP presentation on Advanced Web Hacking Reveled, which you can find over there.
Tags: Yahoo Spider, Web 2.0, Javascript, Hacking, Spidering, OWASP
In the course of my daily work I tend to have to rely on my lazy brain (read=Google) for information that I may have offloaded. Now here is a great resource that I stumbled on today. This is a list of cheat sheets…lots of them.
Enjoy.
Tags: Cheat Sheets, Browser Short Cuts, Shortcuts
Good ole` IE6 – rockin` your Internet experience since 2001.
Apparently IE6 attempts to guess what you mean in certain circumstances allowing for rigid anti-XSS filters to fail when looking for precise terms like javascript: and vbscript: even after attempting to de-obfuscate. Rather than attempt to explain, take a look at this snippet from his email:
Here are a couple of BitLocker guides from Microsoft.
The Windows BitLocker Design and Deployment guides describe the various aspects of planning for deploying Windows BitLocker Drive Encryption for Windows Vista® Enterprise and Windows Vista® Ultimate computers in an enterprise environment. The document is organized in two guides, and you should carefully consider each guide before you deploy BitLocker Drive Encryption.
Windows BitLocker Drive Encryption Design Guide
This guide provides a systematic approach when planning for BitLocker deployment and highlights the main decision points. This guide is intended for use by an infrastructure specialist or system architect. It assumes that you have a good understanding of how BitLocker and TPM work on a functional level.Windows BitLocker Drive Encryption Deployment Guide
This guide provides detailed instructions on how to prepare Windows Vista images for BitLocker and how to deploy BitLocker in an enterprise environment. This guide is intended for use by a deployment specialist or deployment team. It assumes that you have a good understanding of how automated Windows deployment, Active Directory Domain Services (AD DS) schema extension, and Group Policy works.
Enjoy
Article Link
Tags: BitLocker, Drive Encryption, BitLocker Design Guide, BitLocker Deployment Guide
Firstly, this theme is known for it’s rather high complexity and only a very limited number of individuals actually understand what is behind it. Therefore bringing peoples attention on it would surely not be amiss.
Secondly, there is no bullet proof solution to protect against this and the more people understand what it is about, the higher are the chances that we’ll come to a solution somewhen in future. Four eyes are likely to see better than two, so lets start.
Good morning all…
I’d like to introduce you to this wild new concept… a _MONDAY_ posting from yours truly.
The topical material for this new Monday feature is “How to do a good job of the real job of the information security professional.” AKA, do what you need to be doing rather than what you inevitably end up doing.
For this first column, let’s consider together the MITs (Most Important Tasks) for your upcoming week. This is an idea that I’ve snarfed from several of the current crop of productivity gurus (Merlin Mann, Leo Babauta and others) and it’s made a difference in my world.
