Well, It’s been over a week since Tech Ed New Zealand and Tech Ed Australia ended, so I’m assuming that I’m still gainfully employed. I did learn that Vegemite is not “apple butter” and should be used sparingly, and that Dr. Pepper, while a huge success here in Texas, is not much celebrated Down Under.
Tech Ed? Well, it was terrific! I want to thank everyone who attended and took some time to come to my sessions. I delivered two, one entitled “Vista Security Tidbits” which covered some of the aspects of Vista security that IT Professionals want to know more about (UAC, IE7, BitLocker, etc.) but since we only had an hour, I hoped it served as the “appetizer” to those later sessions which covered these topics in great detail. I also did a session entitled “Identifying Computer Attacks: Tips, Tricks, and Techniques” which demonstrated ways to identify an incident has occurred on the network. I even showed some of the more common digital forensics tools out there, such as Guidance Software’s EnCase and Access Data’s Forensic Tool Kit. All in all the scores were generous and the comments were welcome. I really appreciate the time I got to spend with the good people in Australia/New Zealand and I’d gladly make the trip back there. I did receive a few interesting comments during my visit. I’d love to open some debate around the ideas, and maybe help find a solution. I’m certainly not the “know-everything-security-related” guy, so I thought maybe some of you out there in the ether may have some ideas
It does sound risky, and we know that auditing isn’t prevention. Is this the only solution? Is there a better one?
I think we have this one nailed with Vista RC1, and the UAC is certainly less “chatty”. I think what this gentleman was getting to, was he’d like to see the UAC stop asking you after it realizes you’re going to say yes, after the 100th time. We’re talking about something completely different at that point, of course with regards to “AI that learns”. The UAC has been taking it on the chin lately, but the security fundamentals being introduced are crucial to success. We are trying to change “user behavior” and to those of you out there who attempt to do that daily, you know it’s not easy.
Did I miss anything? Time for a Dr. Pepper!