Jesper's Blog
Obligatory file photo:
Welcome to Jesper Johansson's blog. This is my home for pontification on the web. In case this is your first time here, I have been working on information security for about 20 years, and have been writing and speaking on the topic for about 10. I am also a
Microsoft MVP
in Windows Security.
My most recent book is
Windows Vista Security
with Roger Grimes. Because I am also a scuba instructor you may find some posts related to that topic as well. Just because it took me so long to get it, I also like to say that I have a Ph.D. in Management Information Systems from the University of Minnesota.
Browse by Tags
All Tags
»
Windows Vista
(
RSS
)
Least Privilege
Running Windows
Security
Security Pontification
Windows Security
Windows Server 2008
What I Learned from Attending the Windows Launch Event Today
Today I attended the Microsoft 2008 server wave launch event in Seattle. In the process I learned a number of things: The launch event apparently does not need to coincide with actually launching anything. Server 2008 launched a couple of months ago....
Resource Kit Done!
Last Friday the last of the Windows Server 2008 Security Resource Kit finally went to press! This was a project I had not really planned and so, to complete it in time, I brought in an amazing crew of co-authors. Together, we managed to put together 17...
IE's hidden buttons
Even having used Internet Explorer 7 for about 18 months, I just discovered something new. IE has a hidden status bar, with four security-related buttons on it: Right next to where the zone is shown are a series of six boxes. I always figured it was some...
Do Vista Users Need Fewer Security Patches Than XP Users?
On January 23, Jeff Jones, Director of Security at Microsoft, published his "One Year Vulnerability Report" for Windows Vista. In the report, he analyzed whether Windows Vista had fewer vulnerabilities in its first year than it's predecessor...
Using Autoplay on Vista To Stop Attacks
The January issue of TechNet Magazine has an article I wrote about how to hack a system using autoplaying USB flash drives. While it is not possible to stop all attacks from USB tokens, Vista does include some interesting protective measures. However...
Need a laptop with a TPM?
For the third time in a week someone asked the question "If I want to use BitLocker with a Trusted Platforms Module (TPM), which computer should I get?" Wonderful question. For some reason, the hardvare vendors seem to treat the TPM chip as...
Hey, Mozilla: Quotes Are Not Legal in a URL
When I was a child, I learned a saying that I still find important to keep in mind: Those who are sitting in a glass house shall not throw stones The good folks at Mozilla may want to look up what that really means. Two days ago, Mozilla published Firefox...
At Least This Snake Oil Is Free
Snake oil , for those that are not familiar with the U.S. English vernacular, is a derogatory term for some product that makes unverifiable or exaggerated claims. True to the tradition, we now find " Vista Firewall Control ," complete with a...
Downloads from the Vista Security Book
As with Protect Your Windows Network I wrote some tools for the Windows Vista Security book that just came out. However, the Vista book does not come with a CD. Rather, Wiley has made the tools available for download . If you solemnly promise that you...
WSUS is Like A Box of Chocolates
Windows Software Update Services (WSUS) is one of the more entertaining products Microsoft has created, if by entertaining you mean trying to put logic behind the installation of some relevant subset of 4,381 updates (today's total). WSUS 3.0 has...
Unified Hardening Guidance for the U.S. Government
All U.S. Government computers are finally required to conform to one of two configurations. White House Memo M-07-11 , further clarified in M-07-18 directs all government agencies to use a single hardening guide. M-07-18 clarifies that it is to be the...
Show the Owner of a File
In my most recent article in TechNet Magazine I wrote: Unfortunately, icacls.exe can’t show you the owner of an object. There is no way to actually see, from the command line, who the owner of an object is. Furthermore, if you save the ACL for an object...
Access Control Lists in Windows Vista
TechNet Magazine just published the first of several articles with excerpts from the Windows Vista Security Book . " New ACLs Improve Security in Windows Vista " is what they called the first of two excerpts from the Access Control chapter....
I've Hit F12 For the Last Time
OK, so whose bright idea was it to put the F12 key so close to the Delete key on the keyboard? And whose bright idea was it to map F12 to "Save As..." in every MS Office application? And, whose bright idea was it to default the Save As... option...
Confusion about Vista Features: What UAC Really Is
As you may know I am just putting the finishing touches on a new book. Roger Grimes and I teamed up to write Windows Vista Security . In the course of doing the research for the book, and just keeping up with the popular press lately, it has become obvious...
More Posts
Next page »
Search
Go
This Blog
Home
Contact
About
News
The
Windows Server 2008 Security Resource Kit
is available!
.
You can also order it as part of the whole
Windows Server 2008 Resource Kit
and save some money.
Or, if you need to know about Vista instead, there is:
If you need a more general approach to help you
Protect Your Windows Network
, there is a book for that too
There is now a
mobile version
of the blog.
Tags
Diving
Least Privilege
Mitigations
Running Windows
Security
Security Pontification
Software Development
Thinking differently
Troubleshooting
Windows Security
Windows Server 2008
Windows Vista
Navigation
Home
Blogs
Photos
Downloads
Archives
May 2008 (3)
April 2008 (5)
March 2008 (5)
February 2008 (6)
January 2008 (3)
December 2007 (7)
November 2007 (4)
October 2007 (3)
September 2007 (4)
August 2007 (1)
July 2007 (10)
May 2007 (4)
April 2007 (3)
March 2007 (1)
February 2007 (1)
January 2007 (1)
December 2006 (1)
November 2006 (1)
October 2006 (2)
September 2006 (12)
August 2006 (5)
Links
My Microsoft Blog
Steve's Blog
Susan's SBS blog
Alun Jones is a great guy, with great insight
Jen's blog
Aaron Margosis' blog
Syndication
RSS
Atom
Comments RSS
Receive Email Updates
Subscribe