Guest on IMI TechTalk Radio Show

Tom D’Auria invited me back to talk more computer security on his IMI TechTalk radio show. I appeared on the show in November of 2006 to promote my book, Essential Computer Security. We did not get to cover all of our questions in the time allotted, so I will be back on the show on Sunday, February 18th. This show will focus on wireless network security, avoiding becoming a victim of a phishing attack, botnets, and the importance of backing up data. Of course, I will also promote my book again. [:D]

To listen to the show, you can tune in to KFNX AM 1100, broadcast out of Phoenix, AZ, at 5pm EST on Sunday, February 18. If you aren’t in the Phoenix area, you can also listen to the live simulcast of the show on the KFNX web site. Or, as an alternative, you can download an MP3 recording of the entire show after the fact from the IMI TechTalk web site.

Internet Explorer Protected Mode

In Vista, Internet Explorer gets the benefit of some added security. Using WIC (Windows Integrity Control), Vista treats files and processes associated with Internet Explorer as Low integrity as long as it is running in Protected Mode. Internet Explorer Protected Mode is enabled by default and ensures that the Low integrity objects associated with Internet Explorer are unable to write to, act on, or otherwise interact with any objects higher than Low integrity- which is most of the system. For more information, you can read this article I posted on my Internet / Network Security site: Internet Explorer Protected Mode

Windows Integrity Control

With Vista, Microsoft introduced a new security concept to help protect your computer. Rather than relying on discretionary controls, like NTFS file and folder permissions which users can assign and change, Vista also has new mandatory controls. WIC, or Windows Integrity Control (also referred to as MIC, or Mandatory Integrity Control in some circles), assigns an integrity, or trustworthiness, level to each object and uses the integrity levels to control interactions between the objects. The integrity levels are assigned by the operating system and supercede, or override, the dicretionary permissions to protect the computer system. WIC is used throughout the system, but is arguably most noticeable in the Internet Explorer Protected Mode which protects the Vista operating system from malicious web content in Internet Explorer. For more details about WIC, check out this article I submitted to SecurityFocus: Introduction to Windows Integrity Control.