Identity Metasystem whitepaper

I'm just catching up with my RSS feeds after few days being off-line (failed power supply may be very troublesome) and I found interesting link at Kim's Cameron blog. Kim is presenting Microsoft Whitepaper titled The Identity Metasystem: Towards a Privacy-Compliant Solution to the Challenges of Digital Identity which is about Identity Metasystem, InfoCards and … Continue reading "Identity Metasystem whitepaper"

Dual booting Vista and Linux on BitLocker and TPM protected drive

If You are interested in an answer to question "How to dual boot Linux and Vista on BitLocker protected drive?" You will find it on Cyril Voisin blog. Cyril is Security Advisor working in Microsoft France, and in his latest post he described how to configure dual booting for Vista and Linux on BitLocker drive with … Continue reading "Dual booting Vista and Linux on BitLocker and TPM protected drive"

Vista will open more access for security providers …

I just found at joe's  site link to Washington Post's article which is informing about decission which was made at Microsoft to open access to system "guts" for security software providers. If it is true, and I don't have any reasons not to belive WP it will mean that security software providers like Symantec and … Continue reading "Vista will open more access for security providers …"

Windows Defender and Your Run key – what do You need to know?

  Recently one of my friends who is running small (but very good – <ad word>If You need serious security guys, just call them</ad word>) security company sent me a link to some document. This document described simple experiment with security features made on Windows Vista (Beta2). What its author did was creating simple program … Continue reading "Windows Defender and Your Run key – what do You need to know?"

MIIS newbie tales – Export password attribute with Extensible MA

Today I had a little chat on e-mail with Alex Tcherniakhovski which was about following topic: how to create export only attribute with Extensible MA to set initial password for newly provisioned account? (OK, this wasn't exactly such topic but this is what it was about 🙂 ). So problem is: we are provisioning new account to … Continue reading "MIIS newbie tales – Export password attribute with Extensible MA"

VML patch (MS06-055) released out of band

As we can read on MSRC blog, Microsoft has published out of band patch for VML vulnerability existing in IE. This flaw was described in Microsoft Security Advisory (925568) published lately. Bug patched by this update allows remote code execution so it should be applied as soon as it will be possible (some people do some tests and other … Continue reading "VML patch (MS06-055) released out of band"

Disable simple bind without SSL on ADAM

Today on ActiveDir.org ~Eric pointed out interesting feature in ADAM which allows ADAM administrator to configure ADAM instance to reject simple bind attempts on ports without SSL. To do this one have to edit properties of CN=Directory Service,CN=Windows T,CN=Services,CN=Configuration,CN={<GUID>} object and set RequireSecureSimpleBind attribute value to 1. This will reject authentication attempts which will be made … Continue reading "Disable simple bind without SSL on ADAM"

Auditing directory changes aka "Who deleted this object"

Some question were raised by few peoples about directory object auditing – mostly in a context of question "Who deleted the object?" – so I've decided to give this topic a little space. Windows 2000\2003 provides us with auditing mechanism which can be used also to track changes for Active Directory objects. Probably this isn't … Continue reading "Auditing directory changes aka "Who deleted this object""