Forgot to disable auto-post from the NotObvious blog.

Catch the original over there

I fixed myself some Earl Grey yesterday (Tue) morning thinking (despite the hints in the advance notice e-mails last week), "Ah. It's 2008 and the first patches from Microsoft are on their way. I'm glad those mega-worms of 2006 are behind us. We are finally free from the anonymous network vector."

But, as I carefully looked over the January patch list and gazed in awe and fear of MS08-001, I wondered what to make of Microsoft's claim of enhanced security in Vista (supposedly built from the ground up) and pondered what real changes were made when they took time off and scoped out the code of XP. What of Writing Secure Code? It's 2008 and we're still susceptible to PING attacks?! (Granted, that one will just make your system unusable rather than give the malcontents full access to it)

This remote, anonymous (potential) exploit should turn many heads in corporate America. It's time for executives and IT staff to seriously consider getting rid of the monoculture of Microsoft. You could at least split the difference and run half OS X and half Windows (50% of your staff could get work done in a crisis, either way).

This initial patch of the year will also give pause to 2000->XP and 2000->Vista migrations (or it should, anyway) since you wouldn't have needed to worry if your organization happened to still be on the old, clunky OS. Just what Microsoft and soon-to-be-outsourced IT teams needed.

And, all this happens just when you were beginning to think you had a handle on at least one part of desktop security.

Keep those signatures updated on your firewalls & IDS system, maintain a watchful eye on your alert consoles and, most of all, patch those systems (including all those virtual machines you have such tight control over).

F-Secure is accepting volunteers for two new technology preview programs:

• The F-Secure Health Check Technology Preview (Health Check lets you evaluate the security status of your computer, letting you know if you are safe or not, and help you fix security issues, if any.)
  
  
• F-Secure Internet Security Technology Preview [IISTP] (that provides you with a preview of the upcoming features of F-Secure's consumer products)

It looks to be a good opportunity to get a sneak peek of upcoming client security tools and and potentially influence the development of the products.

Microsoft has finally grasped the power of a minimal OS install and the use of the command line. I'd love to have some spare human cycles to get a Drupal / MySQL / Server Core 2008 going.

PowerShell was a huge improvement over CMD.EXE and the features in 2.0 seem to provide even more functionality. Not enough hours in the day to look at all of these shiny new toys...

Windows PowerShell : The Community Technology Preview (CTP) of Windows PowerShell 2.0: "This CTP release helps developers to more easily layer their runtime or GUI on top of PowerShell, leveraging its cmdlets and remoting infrastructure.  It includes APIs to create and use a pool of Runspaces (engines) to run cmdlets.  This release also presents very early looks at Restricted Runspaces (the ability to declare a script, cmdlet or variable public or private) and the Graphical PowerShell (a script editor and a Unicode-enabled console).  These are just a few of the new features I think are interesting in Windows PowerShell 2.0 CTP.  Additionally this CTP includes some simple updates... like new parameters to select-string (Context, AllMatches, NotMatch and Encoding) and new operators like –split and -join!"

No time for a full write-up, but LifeHacker mentioned Sandboxie today and that led me to look at Altiris SVS. I've been espousing file system and registry virtualization in Vista quite a bit lately and this just kicks it up a bit.

When I get time (after my final) to play with this, I'll post a more complete review or see if SF is interested in a full feature. Meanwhile, grab the tools and give them a go!

Well, a little bird told me today that Forefront Client Security (FCS) would be out this week, and sure enough it is (Passport/Live registration required)

It's a whopping 153MB ISO and almost a a full MB of documentation in a separate download.

Hopefully there are some enhancements from the public beta release and hopefully the docs are better.

FCS aims to be an enterprise replacement for your favourite anti-virus/malware/spyware vendor's offering. It's very fledgling at this point, but should not be discounted if you're a Microsoft shop that runs the latest versions of their infrastructure components.

I'd wait for full a/v certification and SP1 if you have the choice, tho.

Like many OS X users, I have Parallels installed with a number of VMs configured & ready to run at a moment's notice. I have an XP SP2 image built with Office 2003 / IE 7 and another with Vista (Business edition) and Office 2007.

Without a doubt, XP + O2K3 easily wins what I refer to as the battle of the VMs -- at least on my first-gen MacBook Pro. The XP image only requires 512MB RAM to be ultra-responsive, and I get to keep the disk caching policy set to better performance to OS X. Vista barely crawls with 900MB RAM (I started with Microsoft-stated 512MB minimum requirement) and I can go get a cup of coffee while it and O2K7 both startup. The Vista VM also requires me to give it disk priority and consumes so many other system resources that OS X is a more than a tad unresponsive at times as well.

I'm not disparaging Vista or the new Office. They both have some nice features and way more security options. When it comes to getting cross-platform work done, tho, XP will remain my primary Parallels VM until at least my hardware profile catches up.

Don't even get me started on how fast my FreeBSD 6.2 image is, tho *:^)