Hyperbole, Embellishment, and Systems Administration Blog

Apr 23, 2014
blog

Remote Desktop for Windows Phone 8.1 available

As someone who uses the Azure management console on my phone to spin up and spin down VMs (generally my son's Minecraft server) - I've been frustrated that I can't RDP into a server from my Lumia 1520, even though I can remote desktop from my iOS and Android devices. Well my frustration has been sated as finally a Remote Desktop app that runs on my Lumia 1520 with the Windows 8.1 Dev Preview has been made available in the App Store. You can find it here:...More
Apr 20, 2014
blog

3 Reasons why Network Access Protection is being phased out. 4

The announcement that NAP was being deprecated wasn’t trumpeted. Most people who knew the technology only found out that it was going away when they studied the features removed or deprecated in Windows Server 2012 R2 in some detail. Even then NAP’s inclusion on this list was a surprise. Most of the other features marked as deprecated or removed were fairly old and often a bit arcane. NAP isn’t really either....More
Apr 18, 2014
blog

Four Terrible Service Account Management Habits

When it comes to bad habits of server administrators, one of the worst is what goes on with service accounts. Here are four bad habits that I’ve noticed server administrators regularly indulge in when it comes to the configuration and management of service accounts: Bad Habit One: Setting up service accounts with passwords that don’t expire....More
Apr 16, 2014
blog

The increasing need for two factor authentication

One of the many takeaways from the Heartbleed bug is that username/password combinations are only as secure as the servers they are stored on. A mate of mine, Troy Hunt, runs a site called Have I been Pwned.  Right now he has records of over 161 million accounts where the e-mail address/password combination has been stored in an account database that has been compromised and uploaded to somewhere on the internet. To find out if one of your accounts may have been compromised, you type in your e-mail address....More
Apr 14, 2014
blog

Incentive to hunt for exploits.

One of the shibboleths of Open Source development is that many eyes make shallow bugs. While this makes intuitive sense, one thing that Heartbleed shows us is that something in plain sight can remain unfound if no-one is looking for it....More
Mar 29, 2014
blog

Forgetting WiFi Networks that don’t require authentication. 2

The ability for our devices to seamlessly autoconnect to WiFi networks we’ve chosen to connect to in the past is a wonderful convenience. Newer OS, including Android, Windows, and iOS store information about access points we’ve connected to in the past and synchronize this information across devices. For example, this is why, when I visit my mates place with a new laptop, it’s already configured to access his Wifi even though I’ve never connected with that specific computer before....More
Mar 13, 2014
blog

Windows Azure: Waiting for Checkpoints

I spend a heap of time building and configuring virtual machines to test out different configurations....More
Mar 9, 2014
blog

Android OS updates are critical to security

The best way to protect a device against malware is ensuring that it has an up-to-date OS. When Windows RT came out, I purchased an ASUS Vivo Tab RT as it was released in Australia before the first generation Surface RT was. I later acquired a Surface RT and in the last week acquired my third Windows RT device, the Nokia 2520. Unsurprisingly all of these devices are running the same updated version of Windows 8.1 RT....More
Feb 26, 2014
blog

How can you ensure that BYOD user devices are secure?

How can you ensure that BYOD user devices are secure? In all seriousness, you can’t. I sometimes wonder if the BYOD movement, apart from its sloganeering about “empowering users” is really saying “hey, lets devolve the cost of device management onto employees and hope for the best”....More
Feb 19, 2014
blog

Configure privileged accounts to expire

You should strongly consider enabling the Account Expires option when creating administrator accounts. There are a couple of reasons for this, but the primary one is to make sure that sensitive accounts don’t persist when no one needs them. If someone is still using an account that has expired or is about to, it’s fairly straightforward to modify the Account Expires option....More
Feb 14, 2014
blog

Security: Ingredient, not icing.

A recent survey by Trustwave https://www2.trustwave.com/2014-security-pressures-report.html found that 80% of IT Pros reported being pressured to deploy IT projects into production environments before they’d been able to resolve all security issues....More
Feb 11, 2014
blog

Form follows function

Form follows function is a principle of architecture. The idea is that the shape of an object is based on its function. That there’s a “best” shape for an object used for a particular task. That’s probably why things like hammers, shovels, and screwdrivers haven’t changed much in the last 80 or so years....More
Jan 13, 2014
blog

What’s happening with Network Access Protection?

The TechNet article tells the stark truth, NAP in Windows Server 2012 R2 is “deprecated”. http://technet.microsoft.com/en-us/library/dn303411.aspx. The technology designed to ensure that only healthy clients connected to protected internal network is now not going to be the focus of new features or development. Deprecated is a weird term. It might mean that it’s not available in the next iteration of Windows Server, or that it might be available in versions years from now....More
Jan 10, 2014
blog

Not Just XP, you need to migrate from Windows Server 2003 and 2003 R2

Windows Server 2003 and Windows Server 2003 R2 reach the end of extended support on July 14 2015. By this stage everyone is aware that the Windows XP end of life is just around the corner. Even though people are aware of it, there are still many computers out there running the “soon to be unsuported” OS....More
Jan 6, 2014
blog

The more time you spend understanding the problem, the less time you’ll need to spend solving it.

I’ve often heard the joke that all there is to IT troubleshooting is doing a bit of diagnosis to develop a description of the problem, plugging the relevant terms into a search engine, and applying whatever solution turns up as the result of the search. While a search engine is a powerful solution finding tool, most IT pros will have exhausted a few other avenues before they type a query into Google....More
Dec 15, 2013
Commentary

Administrator accounts with passwords that don't expire 2

Some administrators configure their accounts so that their password never expires....More
Dec 9, 2013
blog

Perennial Problems with Website Passwords

Another week, another breech reported, and another round of changing password on a number of website across the internet....More
Dec 4, 2013
blog

A simple step to improve security: Fix permissions.

If you think about the most publicized data breaches in the last few years, specifically Manning and Snowden, you’ll realize that these weren’t perpetrated by nefarious hacker collectives such as Anonymous, but were instead perpetrated by insiders with political agendas....More
Dec 2, 2013
blog

Congruence Bias, Systems Administrators, and Troubleshooting

90% of Systems Administration is the art of troubleshooting. “Art” because most systems administrators I know practice troubleshooting through inspiration rather than deductive insight. It often isn’t a matter of assessing all possible evidence about a problem and then deducing the answer. Generally most systems administrators (and I’m guilty of this myself) jump to a conclusion about the cause of a problem based on some of the clues we see....More
Nov 26, 2013
blog

Thinking about Security: The truth about dishonesty

Dan Airley has done a great video on the impact of micro versus macro dishonesty. You can watch it here: http://vimeo.com/49462153 - the gist is that large number of people being dishonest in a minor way have a greater impact than a small number of people undertaking major dishonest actions. He tested 30,000 people. The results of the experiment found 12 “big” cheaters and 18,000 “small” cheaters. The impact of the big cheaters was around $150. The impact of the “small” cheaters was around $32,000....More
What's Hyperbole, Embellishment, and Systems Administration Blog?

IT pro Orin Thomas provides true tales, snafus, news, and urban legends for Microsoft Windows system administrators.

Contributors

Orin Thomas

Orin Thomas is a contributing editor for Windows IT Pro and a Windows Security MVP. He has authored or coauthored more than thirty books for Microsoft Press, founded the Melbourne System Center,...
Blog Archive

Sponsored Introduction Continue on to (or wait seconds) ×