Setting up RemoteApp and secure FTP on Windows

I spent some time setting up RemoteApp and secure FTP for a small business which wanted better remote access without VPN. VPN is problematic for various reasons: it is sometimes blocked by public or hotel wifi providers, it is not suitable for poor connections, performance can be poor, and it means constantly having to

…continue reading Setting up RemoteApp and secure FTP on Windows

Switching from Windows will not protect your data, says Trusteer CEO

I’ve just been sent some quotes from Mickey Boodaei, CEO of Trusteer, which caught my eye. It’s a response to the story that Google is directing employees not to use Windows because of security concerns.

Boodaei says that while switching from Windows may reduce the prevalence of common malware, it will not protect against

…continue reading Switching from Windows will not protect your data, says Trusteer CEO

The insecurity of Verified by Visa and MasterCard SecureCode

An article on the H points to this paper by Steven Murdoch and Ross Anderson, from the University of Cambridge Computer Laboratory, on the poor security design of the 3-D secure (3DS) protocol used by Visa and MasterCard in the UK and catching on worldwide. In addition, 3DS undermines privacy by sending a full description

…continue reading The insecurity of Verified by Visa and MasterCard SecureCode

The end of Code Access Security in Microsoft .NET

In the early days of .NET I remember being hugely impressed by Code Access Security. It gave administrators total control over what .NET code was permitted to run. It’s true that the configuration tool was a little intimidating, but there were even wizards to adjust .NET security, trust an assembly, or fix an application

…continue reading The end of Code Access Security in Microsoft .NET

Government security advice is misguided; switching browsers will not make you safe

I have mixed feelings about the recent government recommendations from France and Germany to switch from Internet Explorer for security reasons.

Although raising security awareness seems on the face of it to be a good thing, this is naïve advice and may do more harm than good. Security is a complex and multi-faceted problem,

…continue reading Government security advice is misguided; switching browsers will not make you safe

Have Windows OEM vendors learnt anything from Apple?

I’ve just set up a new consumer Windows 7 PC – it was HP’s Compaq Presario CQ5231UK, not bad value at £399 (VAT included) with Core 2 Duo E7500 (2.93 Ghz), 3GB RAM, Windows 7 Home Premium 64-bit – yes, 64-bit Windows really is mainstream now – 500GB hard drive and NVIDIA G210 graphics.

…continue reading Have Windows OEM vendors learnt anything from Apple?

Sophos Windows 7 anti-virus test tells us nothing we don’t already know

Sophos is getting good publicity for its latest sales pitch virus test on Windows 7. This tells us:

We grabbed the next 10 unique samples that arrived in the SophosLabs feed to see how well the newer, more secure version of Windows and UAC held up. Unfortunately, despite Microsoft’s claims, Windows 7 disappointed just

…continue reading Sophos Windows 7 anti-virus test tells us nothing we don’t already know

Hands On with Microsoft Security Essentials – terrible name, but product looks good

Microsoft has released its free Security Essentials software, antivirus and antispyware protection aimed at home users. It runs on XP 32-bit, or Vista or Windows 7 32-bit or 64-bit, the only technical restriction being that Windows must validate as “genuine”.  Businesses are meant to use Forefront Client Security, though “home-based small businesses” are specifically

…continue reading Hands On with Microsoft Security Essentials – terrible name, but product looks good

O2 router attack shows danger of staying logged in

Concerned about web security? One thing that may prove more valuable than any amount of supposed security software (anti-virus and the like) is the simple good practice of logging out of web sites at the end of each session.

Here’s the reason. Let’s say you are logged into some site – could be Facebook,

…continue reading O2 router attack shows danger of staying logged in

Search for virus help highlights lack of authority in Google, Wikipedia

A contact suffered a trojan infection on his Windows XP machine the other day. He was alerted to the infection by Windows Defender, but the Remove or Quarantine actions offered by Defender did not work. If he removed the trojan, it reappeared on the next reboot. The installed AVG security suite sat there unconcerned.

…continue reading Search for virus help highlights lack of authority in Google, Wikipedia