Category: Technical Article

Apple iOS Security Whitepaper

In February of this year, 2014, Apple released an updated whitepaper describing Apple iOS Security. Overall, the operating system and its components are very securely designed. The Table of Contents: Introduction System Security Secure Boot Chain System Software Authorization Secure Enclave Touch ID Encryption and Data Protection Hardware Security Features File Data Protection Passcodes Data …

Continue reading

Authentication Problems in an Environment with Windows Server 2003 and Windows Server 2012 R2 Domain Controllers

Why this happens: The Kerberos client depends on a “salt” from the KDC in order to create the AES keys on the client side. These AES keys are used to hash the password that the user enters on the client, and protect it in transit over the wire so that it can’t be intercepted and …

Continue reading

Microsoft DirectAccess

Microsoft DirectAcess has made great strides in Windows Server 2012. Key Points: First available with Windows Server 2008 R2. Built-in client support for Windows 7 and newer. Provides always-connected connection to corporate network (connects before the user logs on). Leverages IPV6 and 6to4 tunneling (additional configuration required when using Windows Server 2008 R2 as the …

Continue reading

New APT Approaches

The Trend Micro Security Intelligence Blog has an interesting article on how hackers are using legitimate tools as part of APT attacks.   In our 2013 predictions, we noted how malware would only gradually evolve without much in the way of significant change. This can be seen in the use of some (otherwise legitimate) hacking tools …

Continue reading

Great InfoWorld Interview with Mark Russinovich on Azure and Cloud Computing

InfoWorld has a great Interview with Mark Russinovich, Microsoft Technical Fellow, on Azure and Cloud Computing. I included my favorite quotes below: Intro: Mark Russinovich is a legendary figure in the computer industry. A former teenage hacker who went on to earn a PhD in computer engineering from Carnegie Mellon, Russinovich cofounded Winternals Software — …

Continue reading

How to Clean up the WinSxS Directory and Free Up Disk Space on Windows Server 2008 R2 with New Update

It’s finally here! After pages and pages of comments from you requesting the ability to clean up the WinSxS directory and component store on Windows Server 2008 R2, an update is available. http://support.microsoft.com/kb/2852386 As a refresher, the Windows Server 2008 R2 update is directly related to my previous blog post announcing a similar fix for …

Continue reading