Best practices for… chkdsk

The longer I work, the more I’m aware of the simple fact: even the most routine and mundane thing, technology or tool can have something to learn about it. Like you never know what is a cake you it is made from, unless you try to make it yourself =) The same stuff can be told about, say, chkdsk. What do you think: do you need to know something more than command line switches about chkdsk? Ok, if you don’t have an inquiring mind then probably not. But probably you just don’t know what impact it can have on your … Continue reading Best practices for… chkdsk

Creating your own troubleshooting pack

Take notice: My new feed address is now Please re-subscribe. As I wrote in one of my blogs, you not only can tell your user which exactly troubleshooting pack to run, you can also create one of your own. Finally I decided to learn how and to tell you. I was pretty sure it was very hard, creating those. But I was plain wrong: it’s easy. Moreover it’s fun, because for creating it you should collect all the components of a geek’s fun: 1) Use GUI 2) Use scripting 3) Run the automation and see the result! So, let’s … Continue reading Creating your own troubleshooting pack

Blog wrap-up

It seems like I haven’t write any wrap-ups for my blog for at least a year. Unfortunately, there wasn’t much to wrap into it. Now, as I returned to the blogging, I just do the thing for the year LCDS: Create your own curriculum The easiest way so far to create a good looking redistributable, or publishable course from your materials. %systemroot%\System32 secrets: defrag the continuation of the series. Defragmentation lost its fancy GUI, so why use it? Network trace without NetMon, WireShark, etc… Network trace without NetMon, wireShark, etc… Part 2 Two parts of the article which tells you … Continue reading Blog wrap-up

Want to learn about cryptography? I know where.

 Take notice: My new feed address is now Please re-subscribe. Do you have some spare time and want to know how cryptography works? What is the most secure cipher? And why λ is always more than ε… Well, the latter is not true =) Anyhow, there is a place where you can learn more about cryptography for free. Stanford University provides such a course for free at I’m at the second week now, and already tampered one cipher text and know how decrypted another (it’s not that tricky, but very time consuming). So welcome to the world of … Continue reading Want to learn about cryptography? I know where.

Looking for a GP object?

Take notice: My new feed address is now Please re-subscribe. Well, some time ago I wrote about finding the exact setting in your group policy editor, which is, certainly, quite useful. But this is vital when you try to create a new GPO or find a value in an exact existing one. But what if you want to look at the GPOs in your environment which contain settings from some area? From the age of Server 2003 there is an answer. Not the ideal one, but still, it is better than nothing. So, you need to find which of … Continue reading Looking for a GP object?

Myths #2: PKI edition.

Take notice: My new feed address is now Please re-subscribe. BTW, did you know what do certificate template options like “Allow private key to be exported” or “Prompt the user during enrollment and require user input when the private key is used” really do? Do they make you more secure or not? Certainly, some people who read my blog do know the answer, others have already guessed the answer: no. They don’t enforce any behavior on a client: it just communicate the requested by CA features. A good example of it was windows 2003: while you weren’t able export … Continue reading Myths #2: PKI edition.

Trustworthy computing: non-SDL view. Part 2: non-corporate.

Do you think my latest post was about corporate products because only corporate products are subject to not being designed to be secure in deployment? No, consumer ones are built the same way. Say, the famous story about Windows Live Mail and Live Mail’s SSL. Till the recent changes you weren’t able to use both of them. Either you expose your communication without using SSL or you couldn’t use convenient client. I was very glad to receive the ability to use them both. To sum up: we have excellent products, which aren’t exploitable in the most of the cases through … Continue reading Trustworthy computing: non-SDL view. Part 2: non-corporate.

Trustworthy computing: non-SDL view

Take notice: My new feed address is now Please re-subscribe. Well, finally it is my time to scold Microsoft. I’m not a fun of this type of self-promotion, still I believe that the only way to move forward is to receive, process and answer some constructive criticism. So let’s begin: Several years ago Microsoft announced its widely-known Trustworthy Computing initiative (actually they just celebrated its 10 years). I probably don’t have to remind you the goals and means for the initiative to you, they all can be found without any problems. Anyway, this letter doesn’t pretend to be some … Continue reading Trustworthy computing: non-SDL view

Freebies: books

Take notice: My new feed address is now Please re-subscribe.   A couple of books I believe are worth at least stealing a look at. Free books, of course. 1) The book has been advertised in almost every Windows-related blog for several days. I believe that you couldn’t have missed it but just in case you haven’t read about it I give you the link. Introducing Windows Server 2012 is quite small and cannot cover all I would want to know, but it is named “Introducing…”. It’s definitely the place to start if you haven’t been tracking news all … Continue reading Freebies: books

MS SIR #12

Okay, better late than never. I finally got to the latest Microsoft Security Intelligence Report. While usually there is not much unexpected this time I was almost shocked with the first section of the document. And I believe it’s excusable, because it is named… How Conflicker CONTINUES to propagate. Conflicker! The three-years-old malware! CONTINUES to be a THREAT! Are we going nuts? =) 60% of people who could have got it (if not for antivirus) have weak admin’s passwords. Also 17 to 42% (XP only) have the vulnerability which is used by the worm. Three years after the patch was … Continue reading MS SIR #12