Bulk EFS decryption & encryption

Short story version: use the CIPHER command.

I had a 3-2-1 backup fail on me recently."

“21,684 files could not be copied”.

The original files were EFS encrypted.  Here’s a picture of what was going wrong:

In technical terms, the second computer did not have the EFS decryption key.  The easy fix was [...]

Automatically encrypting Firefox web pages

to stop snooping eyes from viewing what you’re doing.

Well you could use the HTTPS Everywhere Firefox plugin by the Electronic Frontier Foundation. 

The idea is simple.  You go to a web site, like http://www.google.com , and if there is a secure version (say https://www.google.com), you’ll be automatically redirected to it.

Useful?  Maybe…

[...]

Inside a RSA SecurID tag

This is a “new style” RSA SecurID token.

It, like the older style token, generates a code number every 30 seconds.  With the code number, and a PIN code and a username/password, I’m able to logon to my employer’s computers, from anywhere in the world.  The SecurID tokens are supposed to be tamper [...]

Today’s password is ’4rfvgy7uj’

Never heard about the concept of password “snakes” until I visited a customer 2 years ago.

Password snakes, simply put, are passwords which follow a path on the keyboard, as this picture illustrates.

It’s an interesting idea, but not one I’d really encourage as it’s too easy to remember, particularly for those types [...]

Anti-virus False Positives – been a few

It was an Ed Bott article which got me to thinking, “just how many anti-virus false positives have I dealt with over the years?”.   Six.   A false positive is when your anti-virus product flags a non-virus file as being virus-infected.

Number of false positive virus updates which impacted my customers? 6 Number of [...]

The world knows where you live – that is not good.

It might be a bit of a surprise to you, it certainly was to me.  The Apple iPhone stores the location of where a photo was taken.  It’s known as Location.  Or geo-location with other makes of phones/cameras.  Seems harmless enough, doesn’t it.

Except when some enterprising people decide to create a Firefox plug-in [...]

The 4th reason why Windows 2003 gets a Windows Update 0x80072F8F error.

Just finished installing Windows 2003 Server with SP1.  And I got the 0x80072F8F error when I tried to “Windows Update” it.

Microsoft’s suggestions?

Date/time is wrong on the server. Some DLLs need to be (re)registered. Disable the check for server certificate revocation.

None of those worked.  So I manually upgraded Windows 2003 [...]

How CheckPoint SmartDefense broke Windows 2008 R2 DNS

Microsoft changed some part of DNS in Windows 2008 R2, as one of our customers found out when they upgraded their (Windows 2008 based) DNS servers to R2.

Upgraded Windows 2008 R2 servers = No DNS Servers.

That is a bad thing, not having DNS available, as best practice for years now has [...]

Internet Explorer Security Tab Restrictions

One of our web developers contacted me, and asked how they could look at the settings for the Trusted Zone in Internet Explorer.  The Custom Level and Default Level buttons were greyed out.  And it’s not an Admin vs. Non-admin rights problem, as I have the same problem:

Internet Options - Security - Custom settings

The answer? Set the Security_options_edit value, t0 0 (that’s zero) in the HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings.

The Web Developer can now play to her heart’s content.

A breakdown of the security tab restrictions follows.

(Click here to continue reading Internet Explorer Security Tab Restrictions)

TrueCrypt – not as secure as I thought.

TrueCrypt LogoOn Wednesday, I wrote about TrueCrypt, and the requirement to create a Rescue Disk if you were going to use System Encryption.  I  looked into that, as I was setting up a test laptop so I could try the “Evil Maid” attack on TrueCrypt System Encryption.

And by Jove!  The Evil Maid attack works.

In short, the Evil Maid attack is a way to grab someone’s TrueCrypt’s passphrase.  Have a look at this photo of my test laptop:
Evil Maid - Can this password be hacked

(Click here to continue reading TrueCrypt – not as secure as I thought.)