http://msinfluentials.com/blogs/jesper/default.aspx<table><tr><td> <p align="center"><font size="2">Obligatory file photo:</font><br /> <img src="https://msinfluentials.com/blogs/jesper/jesper-new45x60.jpg" width="97" height="131" alt="" /></td><td> <font face="Arial">Welcome to Jesper Johansson&#39;s blog. This is my home for pontification on the web. In case this is your first time here, I have been working on information security for about 20 years, and have been writing and speaking on the topic for about 10. <br />My most recent book is the <b>Windows Server 2008 Security Resource Kit </b>. Because I am also a scuba instructor you may find some posts related to that topic as well.  Just because it took me so long to get it, I also like to say that I have a Ph.D. in Management Information Systems from the University of Minnesota. </font></td></tr></table>enCommunityServer 2008.5 SP2 (Build: 40407.4157)http://msinfluentials.com/blogs/jesper/archive/2011/04/24/uninstalling-google-chrome-breaks-your-computer.aspx#22101Tue, 26 Apr 2011 19:49:01 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22101Robear Dyer, MS MVP<p>cf. <a rel="nofollow" target="_new" href="http://www.slipstick.com/problems/link_restrict.htm#reg2">www.slipstick.com/.../link_restrict.htm</a> </p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22101" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/10/02/security-awareness-post-3-recognizing-your-surroundings.aspx#22096Tue, 23 Nov 2010 23:19:35 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22096trsm.mckay<p>Given the likely audience, I think you left an important qualifier out of the URL description. The second to last field is the important one. If they don&#39;t realize that fact, they may think an URL like this actually is from Microsoft:</p> <p>www.microsoft.evil.com</p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22096" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/10/02/security-awareness-post-2.aspx#22095Fri, 19 Nov 2010 09:14:21 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22095John<p>Great post. Thanks for sharing. Spyware has become a big issue these days.</p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22095" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/09/27/october-is-national-cybersecurity-awareness-month.aspx#22094Mon, 01 Nov 2010 10:15:19 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22094GPS<p>More good info here.....I&#39;ll be back!</p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22094" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/10/02/security-awareness-post-3-recognizing-your-surroundings.aspx#22093Tue, 19 Oct 2010 02:42:53 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22093Jay<p>Discover&#39;s home page behaves as you describe, but with a minute&#39;s worth of digging you can find they do have a secure login form (click &quot;Forgot User ID&quot;, then click &quot;Login&quot; above the form it give you on that page):</p> <p><a rel="nofollow" target="_new" href="https://www.discovercard.com/cardmembersvcs/loginlogout/app/ac_main">www.discovercard.com/.../ac_main</a></p> <p>Another trick that typically works (it works on Discover) is to just click the Submit button without specifying anything, or (if they have Javascript validation against empty form fields) with bogus information entered. &nbsp;Their &quot;please try again&quot; login form will usually be on the secure URL that they intended to have you submit your credentials from the insecure page to.</p> <p>I agree that this is not the right way for a company to get many people to use the secure login page, but for those of us who are security conscious, it does satisfy our desire to know we&#39;re really talking to Discover (DFS Services LLC) before submitting our credentials.</p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22093" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/10/02/security-awareness-post-3-recognizing-your-surroundings.aspx#22090Tue, 05 Oct 2010 15:15:26 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22090DaveN<p>Something else that&#39;s always bothered me about Discover - they allow a maximum password length of 10, with no special characters. &nbsp;Although I&#39;ve never had any fraudulent transactions, I&#39;ve received two new cards long in advance of expiration. &nbsp;When calling to activate, they say the new card was issued for security reasons, but refuse to elaborate.</p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22090" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/10/02/security-awareness-post-3-recognizing-your-surroundings.aspx#22089Tue, 05 Oct 2010 13:00:58 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22089Alan<p>AMEX is better? See:</p> <p>Amex Password Policies Declared Brain-Dead</p> <p><a rel="nofollow" target="_new" href="http://blogs.pcmag.com/securitywatch/2010/02/amex_password_policies_declare.php">blogs.pcmag.com/.../amex_password_policies_declare.php</a></p> <p>American Express Sends Personal Details From Web Form In Clear Text</p> <p><a rel="nofollow" target="_new" href="http://blogs.pcmag.com/securitywatch/2010/05/american_express_sends_persona.php">blogs.pcmag.com/.../american_express_sends_persona.php</a></p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22089" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/09/27/october-is-national-cybersecurity-awareness-month.aspx#22083Sat, 02 Oct 2010 11:36:05 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22083Riz Lee<p>such a very informative and valued article, regards</p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22083" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/09/27/october-is-national-cybersecurity-awareness-month.aspx#22082Tue, 28 Sep 2010 16:14:54 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22082jesper<p>Well, yes, but October 2009 was the sixth annual incarnation of this. The current announcement is at <a rel="nofollow" target="_new" href="http://www.dhs.gov/files/programs/gc_1158611596104.shtm#4">www.dhs.gov/.../gc_1158611596104.shtm</a>. </p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22082" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/09/27/october-is-national-cybersecurity-awareness-month.aspx#22080Tue, 28 Sep 2010 13:10:13 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22080Carl<p>That declaration is for October 2009, not 2010. As of yet there is nothing other than The Public that has declared Oct &#39;10 Cyber Security Awareness Month.</p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22080" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/06/30/apple-to-iphone-users-please-install-this-untrusted-configuration-profile.aspx#22076Fri, 10 Sep 2010 11:54:33 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22076seks izle<p>it is odd that it&#39;s unsigned.</p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22076" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/06/30/apple-to-iphone-users-please-install-this-untrusted-configuration-profile.aspx#22075Mon, 23 Aug 2010 16:22:41 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22075Andre<p>There are any bugs at the time. looks like apple isn&#39;t never failing.</p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22075" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/06/26/how-to-fix-the-quot-unable-to-install-apple-mobile-device-usb-driver-quot-problem.aspx#22071Sun, 25 Jul 2010 17:41:05 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22071LAREN<p>Seriously THANK YOU!! &nbsp;Not if run into more problems with the update BUT you are the only help to get rid of that pesky apple mobile device!</p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22071" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/06/26/how-to-fix-the-quot-unable-to-install-apple-mobile-device-usb-driver-quot-problem.aspx#22070Wed, 21 Jul 2010 10:12:39 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22070Johnny<p>Recently I upgraded to iTunes 9.2 and purchased my second iPhone 4 (The last ones glass screen cracked after a single drop.) I&#39;ve followed your guide precisely and after a complete reinstall continue to get the Mobile Device Error message... i can&#39;t restore the contents from my old iphone 4 or 3gs to my new one as a result. calling apple tech is what the store suggested but i assume it will have no benefit as you experienced. any suggestions would be greatly appreciated. </p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22070" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2010/06/26/how-to-fix-the-quot-unable-to-install-apple-mobile-device-usb-driver-quot-problem.aspx#22068Fri, 16 Jul 2010 06:33:24 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:22068Passerby<p>I have 3 system, 2 running XP SP2 and one of it is Win 7, not pirated</p> <p>I haven&#39;t face any issues so far, really</p> <p>I reinstall my OS once or twice a year and all my computer are at least 5 years old</p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=22068" width="1" height="1">