strawberryJAMM's Security and User Experience WebLog

The delicate balancing act between intuitive user experience and secure software systems

Browse by Tags

Related Posts
  • Blog Post: Least-Privileged Users, Add/Remove Programs and System Management Server

    I just found out something very interesting related to Least-Privileged User Accounts and software installations that are pushed out to enterprise employees using Systems Management Server (SMS) , where they show up in the "Add New Programs" view of the Add/Remove Programs (ARP) control panel applet...
  • Blog Post: "Using a Least-Privileged User Account" OR "Woohoo, I've been published on microsoft.com!"

    Well, not to toot my own horn too loudly, but I've had my first external facing document, Using a Least-Privileged User Account (LUA), published on TechNet as part of the monthly Microsoft Security Newsletter for January 2005 . This newsletter is considered the authoritative information source for understanding...
  • Blog Post: strawberryJAMM moves to Blogs @ TechNet

    So, the proverbial cat is out of the bag - Microsoft has opened up blogs.technet.com , giving Microsoftie bloggers with more of an IT Pro focus than a Developer focus a place to call their own. Since I tend towards the former more than the latter, my blog is now over on TechNet, effective immediately...
  • Blog Post: Browsing the Web and Reading E-mail Safely as an Administrator, Part 2

    Michael Howard has written a follow up to an earlier article where he outlined how to programatically make web browsing and reading e-mail safer for administrators . In this latest article, he provides instructions on how to do the same thing using SAFER (also known as Software Restriction Policies ...
  • Blog Post: More Tips and Tricks for the LUA User

    Aaron Margosis has just posted four more columns with LUA Tips and Tricks on his "Non-Admin Blog": Managing Power Options as a Non-Administrator Remembering Calculator and Character Map Settings Ctrl-C Doesn't Work in RUNAS or MakeMeAdmin Command Shells Changing the System Date, Time and/or Time Zone...
  • Blog Post: Customer Feedback Wicki for Windows Security Access Control

    Hi folks. My current possition at Microsoft is as a Program Manager (PM) on the Security User Experience team in the Windows Security Access Control (WSAC) group. I'm just posting this to mention a new set of Wiki pages at Channel9 that have been put in place. WSAC is looking for customer feedback on...
  • Blog Post: Safe Web Browsing and E-mail for the Administrator

    This is a useful article by Michael Howard, the biggest big-wig Security dude on the MSFT campus… <quote who="Michael Howard" where=" Browsing_the_Web_and_Reading_E-mail_Safely_as_an_Administrator "> Summary : Michael Howard discusses how you can run as an administrator and access Internet data...
  • Blog Post: A New Wiki for the LUA / Non-Admin community

    Well, isn't this nice. The "least-privileged user" concept with Windows is slowly picking up speed and getting ready to take off - come check out the new Non-Admin Wiki that was just launched by Jonathan Hardwick . (Wiki's are great - now those of us who champion the principle of Least-Privlege on Windows...
  • Blog Post: All you need is LUA

    I was thinking about LUA (Least-privileged User Accounts) and had this little burst of silly creativity that I felt compelled to share on my blog... ☺ Jenni --=+=-- To the Tune of "All you Need is Love" (With my deepest apologies to John Lennon and Paul McCartney) All you need is LUA By Jenni Merrifield...
  • Blog Post: LUA in the News

    There's an article at infoworld talking about LUA in Longhorn - check it out: http://www.infoworld.com/article/05/04/06/HNfewerpermissions_1.html
  • Blog Post: Adobe Photoshop CS activation doesn't play well with LUA

    Arrggggg!!! The longer I run as LUA, the more and more I feel the pain. I'm so glad we're working to improve this situation in Longhorn. Last weekend I upgraded from Adobe Photoshop 6 to Photoshop CS . With Photoshop CS you are now required to "activate" the product within 30 days. Since this was...