Feeds:
Posts
Comments

Posts Tagged ‘Security’

Then and Now Microsoft Windows XP™ initially creates all user accounts as local administrators. Administrators have full access to system-wide resources and can execute any privileged operation. Microsoft guidelines suggest that users run day-to-day tasks under a least privileged account (LUA), however many users prefer to operate at the administrator level for the following typical [...]

Read Full Post »

Presently, users of the Microsoft Windows™ operating system have had to face several challenges to secure the integrity of the data residing on their computer. Users have had to cope with the vast slew of malware, including viruses, spyware, and root-kits, which typically cause damage to data and/or applications residing on the user’s desktop pc. [...]

Read Full Post »

Overview This post serves as a primer for software developers interested in learning about Code Access Security (CAS) in .NET. The following information is not exhaustive of the subject matter and contains the basic overview of Code-Access-Security. Those interested in this subject are encouraged to read further. The following articles cover code security and are [...]

Read Full Post »

LUA Bugs

So, you’ve made the jump to Least Privileged User Account (LUA), but some of your applications no longer work….  These are known as “LUA Bugs”, and Aaron Margosis has written a post about fixing them.

Read Full Post »

For those of you that read my blog often (or talk to me directly), you’ll know that I am constantly advocating that users operate their computers under a least-privileged user account – LUA.  Many have taken my advice, of not running day-to-day operations under an administrator account, or account with elevated privileges (yes, that includes [...]

Read Full Post »

Quoted from:  http://cp.sonybmg.com/xcp/english/howtouse.html To install the software on this disc, you must have Administrator rights on your computer. Administrator rights are typically the default setting for home computers, however, in many work environments it is not the default setting. If you do not have Administrator rights, log out of your account and log in as [...]

Read Full Post »

It may not have escaped your attention that Sony has been featured in the news a lot recently, concerning proven allegations about Sony BMG installing DRM root kits on Windows computers, belonging to consumers: http://news.bbc.co.uk/2/hi/technology/4400148.stm Essentially, root kits are malicious pieces of software that are installed in the lower-levels of the Windows operating system, which [...]

Read Full Post »

See my previous post about LUA, and why it is a good idea.  Today I managed to get ASP.NET 2.0 to debug correctly, using Visual Studio .NET 2005 under LUA.  Thanks to Andrew Duthie’s post.  I needed to tweak my system a little, here are my steps in digest (II6 only): 1. Create a new [...]

Read Full Post »

Running as Non-Admin

I have recently converted my developer workstations over to running as non-admin.  I was inspired to move over to a least-privilege user account after sitting in on a talk by Randy Hayes – president for the CMAP (Central Maryland Association of .NET Professionals) user group.  The principle theme of Randy’s talk was about better protecting [...]

Read Full Post »

Okay, I am posting a link to this awesome example of DPAPI (Data Protection API) for C# and VB.net, mainly for my own reference. If you want to encrypt data in web.config files on shared servers, this is the way to do it. http://www.obviex.com/samples/dpapi.aspx Thanks to Julie Lerman for making me aware of DPAPI.

Read Full Post »

Older Posts »