Clik here to view.
How Forcing Password Changes Actually Weakens Security
When was the last time you got that not too friendly message stating that your password has expired and asking you to change it? Probably only a few weeks ago, and just as sure as day follows night, it...
View ArticleTaking Ownership Fails With UNC Path, Works Locally!?! Why?
Here is an interesting tidbit related to Windows security: Create a test file share, e.g. C:\temp\test, and share it with full permissions for eveyone (share, not NTFS permissions) as “test” Create the...
View ArticleClik here to view.
Does a Self-Respecting IT Pro Need Antivirus?
Microsoft’s latest Security Intelligence Report confirms a feeling I have had for a long time: I do not need antivirus. Let me explain why. I am a Version Junkie Like most IT pros I love new software....
View ArticleClik here to view.
WLAN Security – Beware of (Unknown) Wi-Fi Hotspots
In its issue 1/2012 German c’t magazine published an article about security in Wi-Fi networks. The authors describe how very easy it is to gain access to other people’s accounts and passwords in a...
View ArticleClik here to view.
Analysis: Require Domain Controller Authentication to Unlock Workstation
Among the many security options that are configurable via Group Policy there is a setting Interactive logon: Require Domain Controller authentication to unlock workstation. For security reasons this is...
View ArticleClik here to view.
How to Make Google Chrome Search via SSL/HTTPS by Default
A while ago I wrote about the dangers of using unencrypted Wi-Fi networks. Right now I am connected to such a network and trying hard not to give away authentication cookies or passwords – information...
View ArticleClik here to view.
AppLocker – Fact Sheet
This is the first in a small series of articles about AppLocker, a technology built into Windows that enables administrators to audit and optionally block application execution. Requirements AppLocker...
View ArticleClik here to view.
AppLocker – Security Problems
This article is part of my small series about AppLocker, a technology built into Windows that enables administrators to audit and optionally block application execution. AppLocker Security There is no...
View ArticleClik here to view.
AppLocker – Solutions to Common Problems
This article is part of my small series about AppLocker, a technology built into Windows that enables administrators to audit and optionally block application execution. AppLocker and UAC One of the...
View ArticleClik here to view.
How to Determine the Size of the System Volume Information Directory
Due to the strict permissions on the System Volume Information directory finding out its true size is not easy. Explorer is really bad at such things. It definitely was not made for administrative...
View ArticleClik here to view.
Workaround: “554 rejected due to spam content” sending e-mail
It sometimes happens when I reply to an e-mail from somebody who is asking about my products that the receiving mail server rejects my message with the code “554 rejected due to spam content”. Google...
View ArticleClik here to view.
Remote Management of Windows PCs in an Isolated Security Zone
With the advent of BYO it has become fashionable to regard PCs as untrusted devices that should be isolated in a dedicated security zone. Zoning Such an approach has a big advantage: by separating...
View ArticleClik here to view.
Thoughts on Cloud File Synchronization Security
As the Box IPO shows enterprise cloud file synchronization & sharing (EFSS) is a hot topic. Yet the hottest vendors do not “get” security. Kryha-Chiffriermaschine, Kryha-Encryption Device by Ryan...
View ArticleClik here to view.
Disabling Azure Active Directory Password Expiration
User accounts created in Azure AD are subject to Azure AD’s password policies and restrictions, whose defaults are far from optimal. Unfortunately, the most severy shortcomings cannot currently be...
View ArticleClik here to view.
Browser Ad Blockers and Privacy
You have probably been in this situation: on some shopping site you put an article in your cart, but decide not to buy it after all. Later on, you notice that you are getting targeted ads for the exact...
View ArticleClik here to view.
Blocking Office Macros, Managing Windows & macOS via Intune
ContentsHow to centrally manage essential security settings of self-managed devicesThe ObjectivePreparing Microsoft IntuneSetting Up the Configuration With Device ProfilesWindowsmacOSBeyond AAD...
View ArticleClik here to view.
Disable TLS 1.0 and 1.1 in Firefox Now!
Mozilla had planned to disable the insecure versions 1.0 and 1.1 of the TLS protocol in Firefox 74. Unfortunately, they reverted that planned change. This post explains how to disable insecure TLS...
View ArticleClik here to view.
End-to-End-Encrypted Team Communication & Collaboration Tools
ContentsWhat is This About?RequirementsText & Audio/Video ChatMattermostNetsfereRiot/MatrixStackfieldWickrWireFile Storage, Sharing and SyncLucidLinkSync.com for BusinessTresorit This post is a...
View ArticleClik here to view.
Application Network Connection Monitoring With Splunk & uberAgent
This is part 1 of my application network connection monitoring series, a group of articles that explain how to analyze the network traffic of any Windows or macOS app. The communication targets of the...
View ArticleMS Office & Teams: Network Connection Target Hosts
This post lists the internet communication targets of Microsoft Office and Teams. It is a part of my application network connection monitoring series, a group of articles that explain how to analyze...
View Article