Rookies…

Can someone tell me my Google and Apple are such rookies in the technology realm that they store passwords in clear text? I mean really! Is this 2013 or 2000? The question all the Google users need to ask is what else in their systems are this insecure? Do you really want to put your career on the line to use a system that is obviously very immature? I know that all software companies go through this as something small becomes something really big, Microsoft sure had their day in court and now it is Google and Apples turn but come on Google, you were born in the day of the Internet not forced how to live within it, you should have learned from those that came before you! My advice, wake up and learn that security is at the core of everything and it must come before convenience and user ease of use!

Its Official, Apple is irrelevant…

I about fell out of my chair laughing while I watched the Apple presentation of iOS 7. Now I have always laughed when Apple has made minor changes to the iPhone and the sheep lined up to open their wallet but this one has to take the cake. Color scheme changes equate to “mind blowing”, really, are you really that empty minded? Worse yet is the blatant pirating that was done from every other system out there. I’m no fan of Windows 8 (yet) but at least they had the creative bone to come up with something more than a color scheme change. Think I’m off base, check out the stock market, they were far from impressed either.

Windows Server 2012 and Windows 8 activation with KMS

If you are running a Windows 2008 R2 server for KMS and you want to use it to activate Windows Server 2012 and Windows 8 systems you will need to do a few things.

  1. Download the hotfix for KB2691586 and install it.
  2. Get your key for Windows 2012 Server from the Microsoft Volume Licensing site.
  3. Run slmgr /ipk <your2012keyhere>
  4. Run slmgr /ato

On your Windows 2012 server run slmgr /ato and it if things are good to go it will successfully activate.

Amazed…

This is just a rant in regard to the IE zero day issue. When Chrome, Firefox, you name the browser other than IE has a zero day (and yes all of them have them) does a government entity (like Germany) run out and tell everyone to quit using them? Really! When you make statements like this you really show how technically incompetent you really are!

Internet Explorer Zero Day

For those of you that have read the latest news regarding the Microsoft Internet Explorer Zero Day issue you can take a step back and breath a bit easier if you have a few things in place. When I first read that it was exploitable with Windows 7 and IE 9 my curiosity was heightened. So a quick update to Metasploit and exploit ie_execcommand_uaf was in play. Running these command within the Metasploit console:

  1. use windows/browser/ie_execcommand_uaf
  2. set srvhost <yourhackingcomputeripaddresshere>
  3. exploit

I then went to a fully patched Windows 7 system running IE 9, Java (fully patched) and Systems Center 2012 Endpoint Protection update to date, typed in the url that Metasploit gave me and immediately Endpoint Protection gives me an message and blocks and IE 9 crashes.

I took this to the next level and ran under an admin level account with the same results.

So before you go running out and turn off everyone’s access to Internet Explorer because the “experts” tell you to do so. Check it yourself! This also tells you something security experts have been telling you for years: multiple layers of security and keep things patched!

Surface and K12 education article

Read this article and couldn’t have said it better myself so here is the link:

http://betanews.com/2012/08/17/microsoft-surface-could-easily-upset-ipad-in-k-12-education/

Windows 8 after two days…

This post is easy. I’m re-installing Windows 7. This thing is Vista 2.0. Don’t get me wrong I see the system as a wonderful solution in the phone/tablet arena but to look at this and get serious about upgrading an organization that is currently sitting on Windows 7 I see minimal benefit to doing so. The best thing in the product is the ability to directly mount ISO images.


Categories

Twitter Updates