Jesper's Blog

Obligatory file photo: I am a Senior Security Strategist in the Security Technology Unit at Microsoft. My job is to explain to our customers how to run Microsoft products securely, and to the extent that it is needed, help the product groups figu

Jesper's Blog

  • Should you worry about password cracking?

    I have received more and more queries about whether to worry about password cracking, and what to do to avoid it. It seems it may be time to document this a bit better. It is all, of course, already in Protect Your Windows Network, but I am also working on a new TechNet column on the topic. In the meantime, here is an excerpt from the column. More than likely the column will be in the October TechNet Security Newsletter.
  • Power Users are Admins who have not made themselves admins yet

    It seems kind of odd that in 2006 I would still get these questions, but twice in the past week have I had to explain the truth about Power Users to someone. Typically they are organizations who are trying to limit the rights of their users, who right...
  • Conscientious Risk Management and WMF

    This past week there have been a lot of questions about the WMF vulnerability, what Microsoft is doing, and what the community should do to protect against it. For many reasons, Microsoft's response to the problem is best left to those who do this for...
  • What is a "zero-day"?

    Once again, it seems misguided reporters have appropriated a technical term and are misusing it in ways to confuse the field. "Hacker" was not the first term they ruined, but it is still the one that irks me the most. The primary definition of "Hacker...
  • How LMCompatibilityLevel really works

    A while ago I once again got frustrated by LMCompatibilityLevel and the amount of confusion that is out there about it. There was also an intriguing thing in the SAMBA documentation that they (incorrectly) called "NTLM2 Session Response" that needed figured...
  • Please don't disable security features, at least while we are testing them

    I couldn't tell you how many times I have either had the question "how do I turn off User Account Control" or heard the statement "boy, I sure hate all those annoying user account control popups in Vista." Yeah, security sucks, it gets in the way of...
  • Exceptions to the rule - When you may WANT to turn off SMB message signing

    Being a security guy I see the world in black and white. People are either good or bad. Technical security means are either secure or not. We are either underpaid, or we are in marketing. No, seriously, nothing is that black and white. Take SMB Message...
  • Windows Firewall: the best new security feature in Vista?

    It is interesting how some of the best security features in Windows receive either no attention, or get criticized for the strangest reasons. Case in point: Windows Firewall is one of the best firewalls out there, and yet much of the talk about it are...
  • Why your comments no longer automatically show

    Just a quick note to let you know why your comments to my blog no longer show up automatically. It turns out that someone decided my blog was a good place to post ads for online pharmacies, gambling, and all that other stuff that we apparently do not...
  • Blocking certain extensions in ISA server

    For some reason I decided that today was a good day to figure out how to block certain file extensions from being accessible over the web. This could be very useful, for instance, if you are trying to prevent a particular exploit that utilizes a particular...
  • Disable that Pesky Built-in Administrator Account!

    I'm working on an FAQ for passwords right now. Look for it in the Security Newsletter next month ( http://www.microsoft.com/technet/security/secnews/newsletter.htm ). However, one thing that has come up more than a few times in the recent past is what...
  • All good things must come to an end

    This is an excerpt from a mail I sent out internally today: The sands of time seem finally to have run their course. On September 1 I will not only celebrate the 5-year anniversary of my time here at Microsoft but also my departure from the company...
  • Yes, it is unfortunately true

    I have unfortunately been prevented from speaking at TechEd in New Zealand, Australia, and Japan; the final events I was planning to speak at before I leave Microsoft on September 1. I cannot express how terrible I feel about this. The hope was that these...
  • Are You A People Person?

    As my family keeps reminding me, I'm not much of a people person. It could just be that I am projecting myself onto others, but I am pretty sure that much of the IT industry is like me, which raises a number of serious security problems. If you are interested...
  • Clearing the pagefile to wipe sensitive data

    The other day an old issue came up again: how do we mitigate the threat of sensitive data in page files. Page files are basically an on-disk repository of data that was in memory but not needed right at this moment. The system will page the data to disk...
  • Death by PowerPoint

    I'm at yet another event, and this time I decided to go see a few of the other sessions instead of just trying to find as much free food as possible between my own presentations. This experience brought to mind an old concept: "Death by PowerPoint." It is almost embarrassing how some people use PowerPoint. Steve Riley frequently refers to e-mail as "the place where knowledge goes to die." Well Steve, you have it wrong. Nothing kills knowledge as fast as putting it in PowerPoint.
  • Some Password Policy Settings Are Not Enforced When Disconnected

    This is a post I was asked to do a while ago and have been procrastinating on. I apologize for that. For various reasons, every so often, certain FAQ items come up again. One of them is whether certain password policies are enforced when a system is not...
  • Last Post

    Today was my last "normal" day at Microsoft. (That's with a grain of salt - an exceptional company has few normal days). Tomorrow I just have the exit interview early and then I will be unemployed for a few days. I wonder when I am officially not an employee...
  • Weird ISA error, and apparent solution

    This morning when I tried to use FrontPage (don't even start) to edit one of my web sites, I was faced with this error: Error Code: 500 Internal Server Error. Internet Control Message Protocol (ICMP) network is unreachable. For more information about...
  • Malware and administrative rights

    For about a year I have been telling a story to highlight how users running as administrators are much more likely to get malware installed on their systems than users who run as normal users. The story is actually in Protect Your Windows Network if you...
  • Are usernames superfluous?

    A friend just pointed me to an interesting blog post . The premise is that logon dialogs should not be asking for a username. Mostly the blog post points to why the username provides no value, not really expanding the argument that it is superfluous....
  • Required Attributes of Security Solutions

    I've been trying to come up with a list of attributes that a security solution needs to have to be complete and sufficient. The idea is to develop a set of attributes that can be used when analyzing security to see if it fulfills the needs of the situation...
  • Structuring Infosec Organizationally

    Last week I visited a customer and was greeted by two people who introduced themselves, respectively, as the "Chief Information Security Officer" and the "Chief IT Security Officer." Yes, they had two separate functions for this, one to secure information...
  • I Got A New Blog!

    Some of Microsoft's amazing Most Valuable Professionals (MVP) made me a blog on a new site they call msinfluentials.com . I can't thank Susan , Nick , Vlad , Chad , and Wayne enough. You guys are truly special and exemplify all the best things about the...
  • Free Windows Software

    Blake Handler sent me a link to his blog post about free Windows software a couple of days ago. It is a very cool list that shows a lot of free things published by Microsoft. Check it out at: http://bhandler.spaces.live.com/blog/cns!70F64BC910C9F7F3!1231...