ACS' first bug from being too performant

We got several reports recently of a bug in ACS that certain DS Access events, primarily for dnsNode and dnsZone objects, don’t properly get looked up. Some background: the event log in Windows prefers to log invariants such as message IDs, parameter message IDs, SIDs (security IDs which represent users and groups, etc.), and GUIDs (globally…

0

Shameless Self-Promotion

There’s one topic that I know is on everyone’s mind- no, not American Idol- it’s “What’s new in Auditing in Windows Server 2008?” Well, funny that you brought that up.  My friend Jesper Johanssen just wrote a new book, the Windows Server 2008 Security Resource Kit, and he invited me to write a chapter about…

0

ACS Tidbits

Well there has been a lot happening on my old project, ACS (Audit Collection Services, a feature of SystemCenter Operations Manager 2007). Two more of our partners, Enterprise Certified and NetPro, have released compliance solutions on top of ACS. Another of our partners with ACS-based compliance solutions, SecureVantage, has started a new blog where ACS is…

0

German court bans retention of logged IP addresses

A German court has ruled that a government web site may not retain IP addresses and other personally identifiable information (PII) in their logs for any longer than the user is actually using the site. The judges pointed out that in many cases it was simple to map an IP address to an identity with…

1

Ensuring that there's no useful data in your logs...

As I wrote about earlier, TorrentSpy, a file-sharing search engine, was ordered by a U.S. magistrate to enable logging on its servers and to subsequently make those logs available to the MPAA, the plaintiff in an illegal file-sharing lawsuit against TorrentSpy.  They have lost their appeals and as a result have decided to block US…

0

Voting Machine Logs + e-Government Laws = No Secrets When Voting

Researchers in the state of Ohio in the United States have discovered that by analyzing the logs produced (by law) from e-voting machines used in certain counties, they can determine the vote(s) each voter made.  Further, the logs, by law, must be produced on demand, as part of our open elections process. I haven’t read…

0

EZ-Pass Logs Used in Divorce Cases

This one kind of speaks for itself.  I guess this is more of a privacy issue than a logging issue.http://www.msnbc.msn.com/id/20216302/ [Edited 2010-08-06 by EricF- fixing broken link]

2

Draft law in Germany may force telcos & ISPs to gather logs; Gmail Germany may shut down as a result

A draft law (English translation) being proposed in Germany to enforce the European Mandatory Data Retention Directive of 2006 would require telcos, ISPs, and email service providers to track and retain data  necessary to trace and identify the source, destination, date, time, duration, type, and communication device for any fixed network telephony, mobile telephony, Internet access, Internet…

1

*Not* generating logs is not an option... when you're under subpoena

Working as I do for a company that exists because of copyright, I’m not particularly sympathetic to TorrentSpy, a search engine company that is accused by the Motion Picture Association of America (MPAA) of helping to enable copyright infringement by making it easier to find content on the BitTorrent file sharing network. How does this pertain…

1