Browse by Tags

Tagged Content List
  • Blog Post: LUA Buglight

    I've been somewhat remiss of late in my focus on what I consider to be a very important aspect of the discipline of software development, namely least privilege. I was fortunate to have one of the great folks in my local developer community, Randy Hayes, join me last Friday for my FAQ Friday webcast...
  • Blog Post: Reducing UAC prompts

    I've been somewhat lax in my postings on least privilege of late, in part because I've been pretty pleased with what I've been seeing in Windows Vista for low privilege, which we call the User Access Control (UAC) feature. UAC allows you to run as either a low-privileged user or as what's called protected...
  • Blog Post: The benefits of Least Privileged User accounts

    A somewhat long, but very interesting, article on experimental evidence of the benefits of using LUA (least privileged user accounts). An important point they found...Power User isn't the answer. The findings indicated that removing a user account from the Administrators group can dramatically reduce...
  • Blog Post: Another Least Privilege Site

    Entitled, appropriately enough, http://www.leastprivilege.com/ . Some good posts: A link to some good info on ASP.NET 2.0 configuration from local guru K. Scott Allen (who, I should note, will likely be speaking again at our upcoming Security Code Camp ). A sample ASP.NET 2.0 Membership Provider...
  • Blog Post: Good least privilege blog entry

    Nigel Watling, one of my fellow evangelists who works out of Redmond, and who got the nod to present my session on least privilege for developers at Tech-Ed EMEA, has posted a good entry on least privilege on his blog . My favorite bit is the following: The idea of least privilege is to limit the...
  • Blog Post: Shame on me, and kudos to Robert Hurlbut

    Shame on me that I forgot last week to mention Robert Hurlbut's excellent Birds of a Feather session on Developing with Least Privilege. It was a nice opportunity to have an informal discussion about some of the challenges involved, and Robert showed off a wide array of customized MakeMeAdmin shortcuts...
  • Blog Post: Tech-Ed in the books (pretty much)

    Only another hour or so left in Tech-Ed officially. I did my session on Developing with Least Privilege this morning at 9am. Good group, and remarkably wide awake, given that the attendee party at Universal Studios Orlando was last night. Thanks to all of you who attended. It was a great week, but...
  • Blog Post: Leavin' on a jet plane...

    Heading to Orlando in the morning...getting up at 4:30, which is less than 4 hours from now. Woohoo! I'm very excited about the coming week at Tech-Ed 2005. I can tell that most of Microsoft is already there or on the way because my email inbox has become practically silent. I'm planning to blog...
  • Blog Post: CMAP Meeting next week

    From my friends at Central Maryland ASP.NET Professionals User Group : Meeting Date: Tuesday, June 7, 2005 Time: 6:30 PM - 9:00 PM Central Maryland ASP.NET Professionals (cmap-online.org) Location: UMBC Technology Center 1450 South Rolling Road Halethorpe, MD 21227 Topics: AUTOMATED...
  • Blog Post: Non-Admin: Live!

    From my colleague Aaron Margosis : Tech*Ed 2005 in Orlando, FL (USA) will include significant coverage of "non-admin" topics: · SEC350 - "Tips and Tricks to Running Windows with Least Privilege" , presented by Aaron Margosis, and · SEC351 - "Developing with Least Privilege" , presented by...
  • Blog Post: Can't make it to Tech-Ed next week?

    You can still get some of the great content via the simulcast Webcasts : Microsoft Tech·Ed 2005 is sold out but you can still explore Microsoft technologies and solutions in this series of webcasts. Join us through the end of May for pre-Tech·Ed webcasts, then tune in for a special week of webcasts...
  • Blog Post: Want to know where spyware might be hooking into your system?

    SysInternals' free Autoruns utility can help you track down what's auto-starting, so you can get rid of stuff you don't want. If you use it from a low-privilege account, and then from an admin account, you'll probably notice that there are a lot more places that spyware and other nasties can hook into...
  • Blog Post: More non-admin tips from Aaron

    How to allow users to manage file and print shares without granting other advanced privileges http://blogs.msdn.com/aaron_margosis/archive/2005/04/18/409105.aspx
  • Blog Post: Least Privilege Development BoF at Tech-Ed

    Robert Hurlbut just announced that his suggestion for a Least-Privileged Development Birds of a Feather session was accepted for Tech-Ed 2005 . I'll definitely be there: The TechEd BOF (Birds of a Feather) voting is over and mine was accepted. Here is the schedule: Developing software as a non...
  • Blog Post: Least Privilege and Explorer

    As I prepare for an upcoming talk at Tech-Ed 2005 on Least Privilege for Developers, it's worth reviewing a post from my colleague Aaron Margosis on Least Privilege and Explorer , in which he discusses some workarounds for challenges in making Windows Explorer play nice with RunAs.
  • Blog Post: Least Privilege and Longhorn in the news

    InfoWorld takes a somewhat skeptical tone in their article on the new LUA model in Longhorn , but even so, it's great to see the topic of least privilege getting more attention from the industry media. The article, I think, overstates the difficulty of running your computer with least privilege, but...
  • Blog Post: Aaron's got some new non-admin stuff up

    Check out: Ctrl-C doesn't work in RUNAS or MakeMeAdmin command shells Remembering Calculator and Character Map Settings Managing Power Options as a non-administrator
  • Blog Post: Is Spyware an IE-only problem?

    Recently, I had someone make the following comment on a post announcing IE 7 : Hahahaha....dude we don't need it! I'm a Microsoft person 100%, but creating something we already have is useless! We have Firefox! The FLAWLESS web suite. It's awesome enough. I can't imagine IE matching and beating it by...
  • Blog Post: Changing date/time as non-admin

    Another tidbit from Aaron Margosis : Changing the system date, time and/or time zone . Addressing one of the most common complaints about running as non-admin
  • Blog Post: Hidden Gem for Least Privilege Development

    I was reading through a recent Keith Brown article on security in the .net Framework 2.0, and noticed this little gem: System.Diagnostics Besides a whole boatload of new tracing and debugging features, better event log support and even a Stopwatch, there's a hidden gem lurking inside of the Process class...
  • Blog Post: New non-Admin/LUA site

    Fellow Microsoftie Jonathan Hardwick has provided a new resource for information on running/developing using LUA: http://nonadmin.editme.com The site is set up as a wiki, so you can register and contribute to the site, too, if you choose. Thanks to Jonathan...I'm looking forward to seeing this resource...
  • Blog Post: Misconceptions about Least Privilege

    I found a trackback to my recent post wishing for 2005 to be the Year of Least Privilege, and unfortunately, the response repeats one of the major misconceptions of Least Privilege user accounts: G. Andrew Duthie asks: " Will 2005 be the year of Least Privilege " (via Robert Scoble). Not a chance. Why...
  • Blog Post: Thanks, CapArea.NET!

    My thanks to all who came out for my presentation with Aaron Margosis last night at the Capital Area .NET Users Group . We had around 30 people, and Aaron and I quite enjoyed the strong interaction with the attendees. Hopefully, we convinced some folks to start running their machines using a normal user...
  • Blog Post: Least Privilege, Live!

    Interested in finding out more about the benefits of running with least privilege, and how you can do so without experiencing pain, or giving up power? Come to tonight's meeting of the Capital Area .NET Users Group , where I'll be speaking on the subject. The meeting starts at 7pm, and I'll be joined...
  • Blog Post: Web and Email and Administrators

    MSDN has just published part 2 of Michael Howard's discussion of strategies for browsing the web and reading email more safely if you absolutely must log onto your day-to-day machine as Administrator. Regular readers know I recommend against this, as does Howard, but if you can't or won't do this, this...
Page 1 of 2 (27 items) 12