tag:blogger.com,1999:blog-127991322011-09-09T07:47:25.849-04:00Thoughts on Identity Management, Security, and Active Directory.kbelfordhttp://www.blogger.com/profile/12927364806450368949noreply@blogger.comBlogger141100tag:blogger.com,1999:blog-12799132.post-1147092738327408842006-05-08T08:50:00.000-04:002006-05-08T08:52:33.323-04:00

The U.S. Court of Appeals raised questions Friday that may curtail the ability of government to extend wiretapping rules to the internet. A Clinton era law permitted the Federal Communication Commission to extend wire-tapping rules to telephone networks and the government argued that these rules should be broadly interpreted to include the internet as a whole.The dispute arises from government

Rick DeMenthttp://www.blogger.com/profile/08847683508229176904noreply@blogger.com1tag:blogger.com,1999:blog-12799132.post-1135347348139447272005-12-23T09:14:00.000-05:002005-12-23T13:12:55.140-05:00

I thought I would post this holiday tale that brings me a bit of a chuckle every time I think about it. There are a number of truisms in computer security, one of which is that most malicious worms, Trojans, and viruses are a result of clever social engineering (Read about the Anna Kournikova worm here).I was working in an office for a large real estate concern and like most offices these days

Rick DeMenthttp://www.blogger.com/profile/08847683508229176904noreply@blogger.com1tag:blogger.com,1999:blog-12799132.post-1129557407488072762005-10-17T09:53:00.000-04:002005-10-17T09:58:27.020-04:00

No, this is not a come-on for some kind of internet scam; these are the four most used passwords on the internet today.According to the CERT/CC (Computer Emergency Response Team/Coordination Center), a federally funded organization based at Carnegie Mellon University, an estimated 80% of all network security problems are caused by bad passwords.I thought this was especially chuckle worthy since

Rick DeMenthttp://www.blogger.com/profile/08847683508229176904noreply@blogger.com1tag:blogger.com,1999:blog-12799132.post-1129300781386997962005-10-14T10:36:00.000-04:002005-10-14T10:48:52.006-04:00

I ran across this screed which I thought was pretty darn insightful, it's called "The Six Dumbest Ideas in Computer Security" by Marcus Ranum and it offers some fairly unqualified contempt for ideas that have become axiomatic in the realm of computer security.Some of the things that made the list like the idea that user education is an effective way to enhance security is laid to waist by the

Rick DeMenthttp://www.blogger.com/profile/08847683508229176904noreply@blogger.com0tag:blogger.com,1999:blog-12799132.post-1126635213210533752005-09-13T14:11:00.000-04:002005-09-13T14:19:19.096-04:00

There is, at least I thought, an interesting aside today in a Tech News World article about proposals in the UK and the USA to use National Identity cards as a solution to identity theft. As content providers are reminded, almost on a daily basis, a technological solution to stopping content piracy is an exercise in futility. And so it goes with Identity theft, at least according to Dr. Emily

Rick DeMenthttp://www.blogger.com/profile/08847683508229176904noreply@blogger.com0tag:blogger.com,1999:blog-12799132.post-1124999176587060322005-08-26T09:44:00.000-04:002005-08-26T09:44:49.580-04:00

TechWorld has a useful introduction on Identity Management and Provisioning in a two part series.Part One talks about the challenges of Identity Management and some of the pitfalls.Part Two gives managers some tips and suggestions on managing people who are joining or leaving an organization.It's a quick read, check it out.

Rick DeMenthttp://www.blogger.com/profile/08847683508229176904noreply@blogger.com4tag:blogger.com,1999:blog-12799132.post-1124998241644738492005-08-25T13:33:00.000-04:002005-12-23T09:31:02.410-05:00

Washington Technology has an article up regarding a proposed privacy credential that is backed by major technology companies including IBM Corp., Mitre Corp. and SRA International Inc.The Certified Information Privacy Professional/Government (CIPP/G) credentialing program is the first publicly available privacy certification for government professionals, according to the International Association

Rick DeMenthttp://www.blogger.com/profile/08847683508229176904noreply@blogger.com0tag:blogger.com,1999:blog-12799132.post-1123786619805522392005-08-11T14:34:00.000-04:002005-08-11T14:59:29.336-04:00

This article about an international identity theft ring brings up an important point about firewalls for home computer systems. The story from Tech News World is about an FBI investigation that broke up the ring. The SunBelt Security firm discovered that a keystroke logger was being installed on computers without the knowledge of the user."Sunbelt Software discovered sophisticated and frightening

Rick DeMenthttp://www.blogger.com/profile/08847683508229176904noreply@blogger.com0tag:blogger.com,1999:blog-12799132.post-1122560062920296182005-07-28T10:09:00.000-04:002005-07-28T10:17:01.756-04:00

OK here's an interesting metric brought to us by the folks at Tech News World; specifically the cost to do a password reset.It's a problem for the organizations that store this information online, since we will probably forget some of our passwords at various times, and it can cost from US$15-100 to do a reset. Multiply that by the hordes of people who increasingly live online, and you can see

Rick DeMenthttp://www.blogger.com/profile/08847683508229176904noreply@blogger.com0tag:blogger.com,1999:blog-12799132.post-1121861543228086352005-07-20T08:08:00.000-04:002005-07-20T08:13:03.180-04:00

The USA Today has a story about an FBI report that talks about how crooks are shifting their focus to stealing individual's identity information.Last year, U.S. enterprises lost, on average per respondent, $203,606 to 13 forms of cyberattacks, down from $526,010 in 2003, according to the survey of 700 businesses, government agencies and universities. But hackers are pinching proprietary data with

Rick DeMenthttp://www.blogger.com/profile/08847683508229176904noreply@blogger.com0tag:blogger.com,1999:blog-12799132.post-1121778003211943332005-07-19T08:57:00.000-04:002005-07-19T09:02:23.506-04:00

So you've decided to install your application's AD extensions into ADAM. Great, but the thing you need to know is that ADAM is not really fault tolerant per se. Sure you can set up ADAM replication partners, but unless your application can specifically target more then one partition (not real likely), you will have to fool with your DNS entries in order for the application to find the back-up

Rick DeMenthttp://www.blogger.com/profile/08847683508229176904noreply@blogger.com2tag:blogger.com,1999:blog-12799132.post-1119987585299010552005-06-28T14:34:00.000-04:002005-06-28T15:39:45.326-04:00

Most people are apprehensive about storing custom data inside of Active Directory. As I search through other blogs and newsgroup postings, I see that most administrators and developers limit themselves to storing simple values on existing objects. This would include setting the value of a field like "Location" on a user object to the home classroom for a student. This may serve its purpose in

Richard Wakemanhttp://www.blogger.com/profile/17779097891474721694noreply@blogger.com3tag:blogger.com,1999:blog-12799132.post-1118431952655385042005-06-10T15:30:00.000-04:002005-08-25T16:33:54.536-04:00

No I'm not talking about the Adam you may have heard about in Sunday school, I'm talking about Microsoft's Active Directory Application Mode (ADAM). The fist question might be why ADAM? Well when I was taking courses on Windows 2000, the first of Microsoft's network OS's to feature Active Directory, the instructors would go on and on about extending, adding to, or rearranging the AD schema. Most

Rick DeMenthttp://www.blogger.com/profile/08847683508229176904noreply@blogger.com1tag:blogger.com,1999:blog-12799132.post-1118350561858864802005-06-09T16:36:00.000-04:002005-06-10T15:34:11.786-04:00

Yes folks the time has come to get this puppy off the ground, the wild thing must run free and in case you don’t know what the heck I'm talking about, well … I'm talking about this blog. I have been threatening my co-workers for some time to start a blog to talk about a number of computer related topics, mostly Network Identity and Security related issues, and they all basically said, "…sure Rick

Rick DeMenthttp://www.blogger.com/profile/08847683508229176904noreply@blogger.com3