Dec 082009
 

I had a great video forwarded onto me by another IT Pro.  Microsoft has a presentation by Mark Russinovich on Windows Security Boundaries.  This is a great resource to learn how Microsoft approaches security boundaries in their operating systems.  Some of the security boundaries that are covered include physical machines, system virtual machines, and user sessions.  Mark also goes in to processes, patch guard, and kernel-mode signing.  As always Mark does a great job of breaking down security using some of his System Internals Tools.  The presentation is about an hour and fifteen minutes long.  Personally I think it is well worth your time if you want understand operating system security better.

Windows Security Boundaries On Tech Net
http://www.microsoft.com/emea/spotlight/sessionh.aspx?videoid=993

Jan 212009
 

One of the things that I have not seen for a long time is a program that rivals Roboform.  The greatest part about it is that its free.  Lastpass uses a utility that runs on your computer and also uses a web service.  This means that you can access your password information from multiple different computers.  The stand alone program that runs on your computer also insures that you access to the information if you computer is offline.  The main thing I like about the program is that you can set it up to automatically log you into sites once you visit them.  You can also store other information such as form information and secure notes.   Currently there are both plugins for Firefox and IE.   There is also a portable version available to people who want to take the information with them.  Some of the down falls currently are that it does not support Safari and Chrome web browsers.  According to everything I have read they are working on extending support to both of those browsers.  I would highly recommend checking out their services and to give them a try.

Lastpass Main Page
https://lastpass.com/

Oct 242008
 

Just in case you have not heard Microsoft has released a rare out of cycle security patch that should be applied ASAP.  Microsoft has not released an out of cycle patch in a very long period of time.  Susan Bradley has a great article up on windowssecrets.com that goes into the full explanation.  I strongly encourage you to apply the patch and read Susan’s article to better understand how critical this patch is.

WindowsSecrets.com Article
http://windowssecrets.com/2008/10/24/02-Microsoft-posts-emergency-defense-for-new-attack