If you are following this blog since 2008 when I started you probably noticed that troubleshooting is a subject that I love it. Troubleshooting using tools like Perfmon and Windbg is amazing. In my new role at Microsoft I don’t deal with this on the daily basis anymore (like I used to on CSS Forefront Edge Team), however the love did not go away. I’m still quiet involved with troubleshooting and researching about new things and hot to fix it when it is not working. This week for example me and Tom recorded the Episode 13 of our Security Talk show. This episode was called Demo Day and I demonstrated how to use Perfmon and Windbg to troubleshoot a performance issue on TMG.
The video is available here or you can watch below:
I hope you like it!
You can’t deny that social networks today are part of the vast majority of the people’s life. It is everywhere, you go to a supermarket and you see: “Like Us on Facebook at <URL>”…it’s on TV, on the streets….everywhere. Now, the questions are: do people know how to behave on social network? Do they know about the risks of revealing too much? Does your company have a security policy about social network usage? Did you have a security awareness training when you joined your current company? Was social network one of the topics of this training?
Incorrect usage of social network can cause harm not only to the individual but also to the company. Employees must be trained to correctly use social network, mainly when they are using it to advertise their work and sometimes exposing company’s information. Here in US we have a recent case where an employee was fired for ranted about his company on Facebook. As I’m not here to share something that you already know, just click here and see for yourself the security risks of social networks.
What I do want to share with you is something that happened this month in Brazil and I wrote about in my blog (in Portuguese). Matter of fact there were two recent episodes in Brazil that caught my attention. The first one (I originally wrote in Portuguese here) was about a student that used to brag about being rich by posting photos on Facebook to show the nice things that he had. His posts caught the attention of someone that was on his friend’s list. This person was able to get the key of the student’s house and handed over to thieves in order to robber those objects that were posted on Facebook. They did, they broke in to the student’s house looking for the stuff he said he had, however they found nothing other than mobile phone, some jewelry and cash. It turns out that the student was not rich, he was only bragging those things to call the attention of his friends on school.
For this particular case it is very important to understand that you need to educate your kids on how to safely use social network and other Internet resources. Here are some resources that you can start using for that:
The second case is even scarier in my opinion. While the first was about a kid saying things that he shouldn’t say but he was a minor and not fully educated to deal with such technology, the second case is about adult’s behavior. With the proliferation of social network integration with geographic service location we pretty much know everything that our friends are doing and where they are in such moment of time. While this can look as cool as it can be, it is also very dangerous. Last week I wrote in my blog (in Portuguese) about this case that happened in Brazil where someone left on vacation and posted: “I’m leaving on a trip”. When they got back home they didn’t have TV, computers and other electronics, all gone. The robbers left a note in a piece of paper saying: “Next time that you leave on a trip let us know”. Now that’s very serious….but I see that all the time. People are integrating all the social tools without be concert about privacy settings and when they post one thing in one place it is propagated everywhere. Sometimes those posts are wide open on Twitter and available for anyone with malicious intentions to take advantage of that.
Be careful, make sure to watch what you’re saying on social networks, make sure to not reveal too much, make sure to use the privacy settings that those platforms have available to at least create some restrictions on your profile. Be aware that everything that you write on a social network platform can (and might) be used against you in one way or another.
Back in 1999 I was working in one of the largest telecom company in Brazil, there I was responsible to maintain the core Windows NT 4 Servers and some of the services running on top of it (such as Exchange 5.5). Some days when I was scanning my badge to get into the datacenter I used to think: geez, we have so many servers on this datacenter, soon we will have to physically expand it just to be able to keep up the same level of services to our customers. Then I start thinking on the network infrastructure and all those VLANs to manage, the headache to move servers across VLANs, all the dependencies, etc. Not only that, but when we were stroke by “ILOVEYOU” I thought the world was coming to an end when I was trying to clean all those mailboxes. Fortunately this is past and the evolution of the datacenter is upon us. Do you want to know what I’m talking about? If you do, take your time and watch the video below from BUILD Conference to see what’s coming on this regard:
Make sure to watch the whole video before you think you can’t achieve secure isolation in the cloud at the same time that you build a low cost datacenter with powerful management tools.