Windows Certificate Services
Hi: I was recently handed our existing certificate infrastructure and told that I now manage it. The guy who used to manage it has left the company and didn’t really leave any documentation behind so I have no clue how things are set up beyond knowing we have three cert servers in the environment and what they do (on paper.) Anyone out there have some good resources for getting started with the Windows Cert environment and learning how Microsoft organized their UI? It seems simple and all MMC-based, so in theory shouldn’t be a big deal, but I’m seeing some odd things, like only 40 issued certificates when I should be seeing over 500, etc. This is all Windows 2012 BTW. Thanks. Ryan
Dear Ryan: Here is the first site I start with http://social.technet.microsoft.com/wiki/contents/articles/701.wiki-platform s-portal.aspx Then I post questions to the following site: http://technet.microsoft.com/en-us/default.aspx CHRISTOPHER MCMILLAN CHIEF OPERATING OFFICER, CEEKTECHNOLOGY 980-333-7400(w) | 980-333-7400(m) christophermcmillan@outlook.com @CEEKTechnology www.linkedin.com/in/christophermcmillan/ Microsoft Partner for Accessibility -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Friday, October 17, 2014 9:22 AM To: Blind sysadmins list Subject: [Blind-sysadmins] Windows Certificate Services Hi: I was recently handed our existing certificate infrastructure and told that I now manage it. The guy who used to manage it has left the company and didnt really leave any documentation behind so I have no clue how things are set up beyond knowing we have three cert servers in the environment and what they do (on paper.) Anyone out there have some good resources for getting started with the Windows Cert environment and learning how Microsoft organized their UI? It seems simple and all MMC-based, so in theory shouldnt be a big deal, but Im seeing some odd things, like only 40 issued certificates when I should be seeing over 500, etc. This is all Windows 2012 BTW. Thanks. Ryan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Thanks Chris, I did read some stuff on the Wiki and its helped get me started, At this point its doing a very good job at making me ask questions about our specific environment that no one has the answers to. Ah well. Thanks again. Ryan On Oct 17, 2014, at 7:40 AM, Christopher McMillan <christophermcmillan@hotmail.com> wrote:
Dear Ryan:
Here is the first site I start with
http://social.technet.microsoft.com/wiki/contents/articles/701.wiki-platform s-portal.aspx
Then I post questions to the following site:
http://technet.microsoft.com/en-us/default.aspx
CHRISTOPHER MCMILLAN CHIEF OPERATING OFFICER, CEEKTECHNOLOGY
980-333-7400(w) | 980-333-7400(m) christophermcmillan@outlook.com @CEEKTechnology www.linkedin.com/in/christophermcmillan/
Microsoft Partner for Accessibility
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Friday, October 17, 2014 9:22 AM To: Blind sysadmins list Subject: [Blind-sysadmins] Windows Certificate Services
Hi: I was recently handed our existing certificate infrastructure and told that I now manage it. The guy who used to manage it has left the company and didn't really leave any documentation behind so I have no clue how things are set up beyond knowing we have three cert servers in the environment and what they do (on paper.) Anyone out there have some good resources for getting started with the Windows Cert environment and learning how Microsoft organized their UI? It seems simple and all MMC-based, so in theory shouldn't be a big deal, but I'm seeing some odd things, like only 40 issued certificates when I should be seeing over 500, etc. This is all Windows 2012 BTW. Thanks. Ryan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Hi, Are you using an offline root cert or did they just install the cert services in AD and let everything rip from there? What are you using cert services for specificly? I find that certs are quite often cheap these days, and for most of what you want some good wildcard certs are better than investing in a proper cert infrastructure. Of course if using digital certs or smartcards then that is different Andrew. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 18 October 2014 00:33 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services Thanks Chris, I did read some stuff on the Wiki and its helped get me started, At this point its doing a very good job at making me ask questions about our specific environment that no one has the answers to. Ah well. Thanks again. Ryan On Oct 17, 2014, at 7:40 AM, Christopher McMillan <christophermcmillan@hotmail.com> wrote:
Dear Ryan:
Here is the first site I start with
http://social.technet.microsoft.com/wiki/contents/articles/701.wiki-pl atform s-portal.aspx
Then I post questions to the following site:
http://technet.microsoft.com/en-us/default.aspx
CHRISTOPHER MCMILLAN CHIEF OPERATING OFFICER, CEEKTECHNOLOGY
980-333-7400(w) | 980-333-7400(m) christophermcmillan@outlook.com @CEEKTechnology www.linkedin.com/in/christophermcmillan/
Microsoft Partner for Accessibility
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Friday, October 17, 2014 9:22 AM To: Blind sysadmins list Subject: [Blind-sysadmins] Windows Certificate Services
Hi: I was recently handed our existing certificate infrastructure and told that I now manage it. The guy who used to manage it has left the company and didn't really leave any documentation behind so I have no clue how things are set up beyond knowing we have three cert servers in the environment and what they do (on paper.) Anyone out there have some good resources for getting started with the Windows Cert environment and learning how Microsoft organized their UI? It seems simple and all MMC-based, so in theory shouldn't be a big deal, but I'm seeing some odd things, like only 40 issued certificates when I should be seeing over 500, etc. This is all Windows 2012 BTW. Thanks. Ryan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Hi Andrew: I don’t know if we’re using an offline CA or not for sure, so far it looks like they just installed them in AD and didn’t worry about an offline CA. Certs are mainly used for our VPN, we don’t use smart cards or anything like that. We have an auto-enrolled computer cert and user cert for each user, and I’ve found three cert servers so far, one root CA (which is why I don’t think there’s an offline CA) and two issuing servers (one of which I ran into by chance as it wasn’t documented to exist anywhere.) If I look in enrolled certificates, one issuing server has about 40 certs, the other 60. Since we have over 2000 devices and a similar number of users, I think I’m missing something as I should be seeing more than that. On a more random note, one thing that really annoys me about the cert console is it appears to show the binary hash of the certificate in the list view. Ugg. Try listening to that, its really annoying. And if you turn that column off from the view menu, the list then doesn’t read properly at all for some reason, and that setting isn’t remembered when the console is restarted. Anyone know how to get the MMC console’s view settings to stick? That makes the cert console really difficult to work with. Ryan
On Oct 18, 2014, at 4:08 AM, Andrew Hodgson <andrew@hodgsonfamily.org> wrote:
Hi,
Are you using an offline root cert or did they just install the cert services in AD and let everything rip from there?
What are you using cert services for specificly? I find that certs are quite often cheap these days, and for most of what you want some good wildcard certs are better than investing in a proper cert infrastructure. Of course if using digital certs or smartcards then that is different
Andrew.
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 18 October 2014 00:33 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services
Thanks Chris, I did read some stuff on the Wiki and its helped get me started, At this point its doing a very good job at making me ask questions about our specific environment that no one has the answers to. Ah well. Thanks again. Ryan On Oct 17, 2014, at 7:40 AM, Christopher McMillan <christophermcmillan@hotmail.com> wrote:
Dear Ryan:
Here is the first site I start with
http://social.technet.microsoft.com/wiki/contents/articles/701.wiki-pl atform s-portal.aspx
Then I post questions to the following site:
http://technet.microsoft.com/en-us/default.aspx
CHRISTOPHER MCMILLAN CHIEF OPERATING OFFICER, CEEKTECHNOLOGY
980-333-7400(w) | 980-333-7400(m) christophermcmillan@outlook.com @CEEKTechnology www.linkedin.com/in/christophermcmillan/
Microsoft Partner for Accessibility
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Friday, October 17, 2014 9:22 AM To: Blind sysadmins list Subject: [Blind-sysadmins] Windows Certificate Services
Hi: I was recently handed our existing certificate infrastructure and told that I now manage it. The guy who used to manage it has left the company and didn't really leave any documentation behind so I have no clue how things are set up beyond knowing we have three cert servers in the environment and what they do (on paper.) Anyone out there have some good resources for getting started with the Windows Cert environment and learning how Microsoft organized their UI? It seems simple and all MMC-based, so in theory shouldn't be a big deal, but I'm seeing some odd things, like only 40 issued certificates when I should be seeing over 500, etc. This is all Windows 2012 BTW. Thanks. Ryan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Hi, If you have a root CA and issuing servers then the root CA is usually not integrated into AD and is known as an offline CA. There should only be a limited number of certs on the root CA, which are then used for the issuing CA. The root CA can be turned off and only used when reissuing certs for the issuing CAs. Do you have different CAs for different purposes? Andrew. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 19 October 2014 18:41 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services Hi Andrew: I don’t know if we’re using an offline CA or not for sure, so far it looks like they just installed them in AD and didn’t worry about an offline CA. Certs are mainly used for our VPN, we don’t use smart cards or anything like that. We have an auto-enrolled computer cert and user cert for each user, and I’ve found three cert servers so far, one root CA (which is why I don’t think there’s an offline CA) and two issuing servers (one of which I ran into by chance as it wasn’t documented to exist anywhere.) If I look in enrolled certificates, one issuing server has about 40 certs, the other 60. Since we have over 2000 devices and a similar number of users, I think I’m missing something as I should be seeing more than that. On a more random note, one thing that really annoys me about the cert console is it appears to show the binary hash of the certificate in the list view. Ugg. Try listening to that, its really annoying. And if you turn that column off from the view menu, the list then doesn’t read properly at all for some reason, and that setting isn’t remembered when the console is restarted. Anyone know how to get the MMC console’s view settings to stick? That makes the cert console really difficult to work with. Ryan
On Oct 18, 2014, at 4:08 AM, Andrew Hodgson <andrew@hodgsonfamily.org> wrote:
Hi,
Are you using an offline root cert or did they just install the cert services in AD and let everything rip from there?
What are you using cert services for specificly? I find that certs are quite often cheap these days, and for most of what you want some good wildcard certs are better than investing in a proper cert infrastructure. Of course if using digital certs or smartcards then that is different
Andrew.
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 18 October 2014 00:33 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services
Thanks Chris, I did read some stuff on the Wiki and its helped get me started, At this point its doing a very good job at making me ask questions about our specific environment that no one has the answers to. Ah well. Thanks again. Ryan On Oct 17, 2014, at 7:40 AM, Christopher McMillan <christophermcmillan@hotmail.com> wrote:
Dear Ryan:
Here is the first site I start with
http://social.technet.microsoft.com/wiki/contents/articles/701.wiki-p l atform s-portal.aspx
Then I post questions to the following site:
http://technet.microsoft.com/en-us/default.aspx
CHRISTOPHER MCMILLAN CHIEF OPERATING OFFICER, CEEKTECHNOLOGY
980-333-7400(w) | 980-333-7400(m) christophermcmillan@outlook.com @CEEKTechnology www.linkedin.com/in/christophermcmillan/
Microsoft Partner for Accessibility
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Friday, October 17, 2014 9:22 AM To: Blind sysadmins list Subject: [Blind-sysadmins] Windows Certificate Services
Hi: I was recently handed our existing certificate infrastructure and told that I now manage it. The guy who used to manage it has left the company and didn't really leave any documentation behind so I have no clue how things are set up beyond knowing we have three cert servers in the environment and what they do (on paper.) Anyone out there have some good resources for getting started with the Windows Cert environment and learning how Microsoft organized their UI? It seems simple and all MMC-based, so in theory shouldn't be a big deal, but I'm seeing some odd things, like only 40 issued certificates when I should be seeing over 500, etc. This is all Windows 2012 BTW. Thanks. Ryan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Hi, If you have a root CA and issuing servers then the root CA is usually not integrated into AD and is known as an offline CA. There should only be a limited number of certs on the root CA, which are then used for the issuing CA. The root CA can be turned off and only used when reissuing certs for the issuing CAs. Do you have different CAs for different purposes? Andrew. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 19 October 2014 18:41 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services Hi Andrew: I don’t know if we’re using an offline CA or not for sure, so far it looks like they just installed them in AD and didn’t worry about an offline CA. Certs are mainly used for our VPN, we don’t use smart cards or anything like that. We have an auto-enrolled computer cert and user cert for each user, and I’ve found three cert servers so far, one root CA (which is why I don’t think there’s an offline CA) and two issuing servers (one of which I ran into by chance as it wasn’t documented to exist anywhere.) If I look in enrolled certificates, one issuing server has about 40 certs, the other 60. Since we have over 2000 devices and a similar number of users, I think I’m missing something as I should be seeing more than that. On a more random note, one thing that really annoys me about the cert console is it appears to show the binary hash of the certificate in the list view. Ugg. Try listening to that, its really annoying. And if you turn that column off from the view menu, the list then doesn’t read properly at all for some reason, and that setting isn’t remembered when the console is restarted. Anyone know how to get the MMC console’s view settings to stick? That makes the cert console really difficult to work with. Ryan
On Oct 18, 2014, at 4:08 AM, Andrew Hodgson <andrew@hodgsonfamily.org> wrote:
Hi,
Are you using an offline root cert or did they just install the cert services in AD and let everything rip from there?
What are you using cert services for specificly? I find that certs are quite often cheap these days, and for most of what you want some good wildcard certs are better than investing in a proper cert infrastructure. Of course if using digital certs or smartcards then that is different
Andrew.
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 18 October 2014 00:33 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services
Thanks Chris, I did read some stuff on the Wiki and its helped get me started, At this point its doing a very good job at making me ask questions about our specific environment that no one has the answers to. Ah well. Thanks again. Ryan On Oct 17, 2014, at 7:40 AM, Christopher McMillan <christophermcmillan@hotmail.com> wrote:
Dear Ryan:
Here is the first site I start with
http://social.technet.microsoft.com/wiki/contents/articles/701.wiki-p l atform s-portal.aspx
Then I post questions to the following site:
http://technet.microsoft.com/en-us/default.aspx
CHRISTOPHER MCMILLAN CHIEF OPERATING OFFICER, CEEKTECHNOLOGY
980-333-7400(w) | 980-333-7400(m) christophermcmillan@outlook.com @CEEKTechnology www.linkedin.com/in/christophermcmillan/
Microsoft Partner for Accessibility
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Friday, October 17, 2014 9:22 AM To: Blind sysadmins list Subject: [Blind-sysadmins] Windows Certificate Services
Hi: I was recently handed our existing certificate infrastructure and told that I now manage it. The guy who used to manage it has left the company and didn't really leave any documentation behind so I have no clue how things are set up beyond knowing we have three cert servers in the environment and what they do (on paper.) Anyone out there have some good resources for getting started with the Windows Cert environment and learning how Microsoft organized their UI? It seems simple and all MMC-based, so in theory shouldn't be a big deal, but I'm seeing some odd things, like only 40 issued certificates when I should be seeing over 500, etc. This is all Windows 2012 BTW. Thanks. Ryan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Hi Andrew: Hmm, interesting. All three of these servers are on and on the domain at all times. We only have one CA that’s used for everything, again assuming there is no offline CA no one has told me about. We’ve contacted the old admin to find out, so far haven’t heard back. Thanks. Ryan
On Oct 19, 2014, at 12:43 PM, Andrew Hodgson <andrew@hodgsonfamily.org> wrote:
Hi,
If you have a root CA and issuing servers then the root CA is usually not integrated into AD and is known as an offline CA. There should only be a limited number of certs on the root CA, which are then used for the issuing CA. The root CA can be turned off and only used when reissuing certs for the issuing CAs.
Do you have different CAs for different purposes?
Andrew.
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 19 October 2014 18:41 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services
Hi Andrew: I don’t know if we’re using an offline CA or not for sure, so far it looks like they just installed them in AD and didn’t worry about an offline CA. Certs are mainly used for our VPN, we don’t use smart cards or anything like that. We have an auto-enrolled computer cert and user cert for each user, and I’ve found three cert servers so far, one root CA (which is why I don’t think there’s an offline CA) and two issuing servers (one of which I ran into by chance as it wasn’t documented to exist anywhere.) If I look in enrolled certificates, one issuing server has about 40 certs, the other 60. Since we have over 2000 devices and a similar number of users, I think I’m missing something as I should be seeing more than that. On a more random note, one thing that really annoys me about the cert console is it appears to show the binary hash of the certificate in the list view. Ugg. Try listening to that, its really annoying. And if you turn that column off from the view menu, the list then doesn’t read properly at all for some reason, and that setting isn’t remembered when the console is restarted. Anyone know how to get the MMC console’s view settings to stick? That makes the cert console really difficult to work with. Ryan
On Oct 18, 2014, at 4:08 AM, Andrew Hodgson <andrew@hodgsonfamily.org> wrote:
Hi,
Are you using an offline root cert or did they just install the cert services in AD and let everything rip from there?
What are you using cert services for specificly? I find that certs are quite often cheap these days, and for most of what you want some good wildcard certs are better than investing in a proper cert infrastructure. Of course if using digital certs or smartcards then that is different
Andrew.
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 18 October 2014 00:33 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services
Thanks Chris, I did read some stuff on the Wiki and its helped get me started, At this point its doing a very good job at making me ask questions about our specific environment that no one has the answers to. Ah well. Thanks again. Ryan On Oct 17, 2014, at 7:40 AM, Christopher McMillan <christophermcmillan@hotmail.com> wrote:
Dear Ryan:
Here is the first site I start with
http://social.technet.microsoft.com/wiki/contents/articles/701.wiki-p l atform s-portal.aspx
Then I post questions to the following site:
http://technet.microsoft.com/en-us/default.aspx
CHRISTOPHER MCMILLAN CHIEF OPERATING OFFICER, CEEKTECHNOLOGY
980-333-7400(w) | 980-333-7400(m) christophermcmillan@outlook.com @CEEKTechnology www.linkedin.com/in/christophermcmillan/
Microsoft Partner for Accessibility
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Friday, October 17, 2014 9:22 AM To: Blind sysadmins list Subject: [Blind-sysadmins] Windows Certificate Services
Hi: I was recently handed our existing certificate infrastructure and told that I now manage it. The guy who used to manage it has left the company and didn't really leave any documentation behind so I have no clue how things are set up beyond knowing we have three cert servers in the environment and what they do (on paper.) Anyone out there have some good resources for getting started with the Windows Cert environment and learning how Microsoft organized their UI? It seems simple and all MMC-based, so in theory shouldn't be a big deal, but I'm seeing some odd things, like only 40 issued certificates when I should be seeing over 500, etc. This is all Windows 2012 BTW. Thanks. Ryan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Hi, I would be interested to know if you got this sorted in the end and whether you found those missing certs. I want to deploy in production for VPN eventually and want to get the topology right. I have done it in the lab and believe I know what I'm doing but your message made me wonder if it was correct. Thanks. Andrew. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 19 October 2014 23:28 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services Hi Andrew: Hmm, interesting. All three of these servers are on and on the domain at all times. We only have one CA that’s used for everything, again assuming there is no offline CA no one has told me about. We’ve contacted the old admin to find out, so far haven’t heard back. Thanks. Ryan
On Oct 19, 2014, at 12:43 PM, Andrew Hodgson <andrew@hodgsonfamily.org> wrote:
Hi,
If you have a root CA and issuing servers then the root CA is usually not integrated into AD and is known as an offline CA. There should only be a limited number of certs on the root CA, which are then used for the issuing CA. The root CA can be turned off and only used when reissuing certs for the issuing CAs.
Do you have different CAs for different purposes?
Andrew.
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 19 October 2014 18:41 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services
Hi Andrew: I don’t know if we’re using an offline CA or not for sure, so far it looks like they just installed them in AD and didn’t worry about an offline CA. Certs are mainly used for our VPN, we don’t use smart cards or anything like that. We have an auto-enrolled computer cert and user cert for each user, and I’ve found three cert servers so far, one root CA (which is why I don’t think there’s an offline CA) and two issuing servers (one of which I ran into by chance as it wasn’t documented to exist anywhere.) If I look in enrolled certificates, one issuing server has about 40 certs, the other 60. Since we have over 2000 devices and a similar number of users, I think I’m missing something as I should be seeing more than that. On a more random note, one thing that really annoys me about the cert console is it appears to show the binary hash of the certificate in the list view. Ugg. Try listening to that, its really annoying. And if you turn that column off from the view menu, the list then doesn’t read properly at all for some reason, and that setting isn’t remembered when the console is restarted. Anyone know how to get the MMC console’s view settings to stick? That makes the cert console really difficult to work with. Ryan
On Oct 18, 2014, at 4:08 AM, Andrew Hodgson <andrew@hodgsonfamily.org> wrote:
Hi,
Are you using an offline root cert or did they just install the cert services in AD and let everything rip from there?
What are you using cert services for specificly? I find that certs are quite often cheap these days, and for most of what you want some good wildcard certs are better than investing in a proper cert infrastructure. Of course if using digital certs or smartcards then that is different
Andrew.
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 18 October 2014 00:33 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services
Thanks Chris, I did read some stuff on the Wiki and its helped get me started, At this point its doing a very good job at making me ask questions about our specific environment that no one has the answers to. Ah well. Thanks again. Ryan On Oct 17, 2014, at 7:40 AM, Christopher McMillan <christophermcmillan@hotmail.com> wrote:
Dear Ryan:
Here is the first site I start with
http://social.technet.microsoft.com/wiki/contents/articles/701.wiki- p l atform s-portal.aspx
Then I post questions to the following site:
http://technet.microsoft.com/en-us/default.aspx
CHRISTOPHER MCMILLAN CHIEF OPERATING OFFICER, CEEKTECHNOLOGY
980-333-7400(w) | 980-333-7400(m) christophermcmillan@outlook.com @CEEKTechnology www.linkedin.com/in/christophermcmillan/
Microsoft Partner for Accessibility
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Friday, October 17, 2014 9:22 AM To: Blind sysadmins list Subject: [Blind-sysadmins] Windows Certificate Services
Hi: I was recently handed our existing certificate infrastructure and told that I now manage it. The guy who used to manage it has left the company and didn't really leave any documentation behind so I have no clue how things are set up beyond knowing we have three cert servers in the environment and what they do (on paper.) Anyone out there have some good resources for getting started with the Windows Cert environment and learning how Microsoft organized their UI? It seems simple and all MMC-based, so in theory shouldn't be a big deal, but I'm seeing some odd things, like only 40 issued certificates when I should be seeing over 500, etc. This is all Windows 2012 BTW. Thanks. Ryan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Hello all, My partner and I are working on a graduate project that details some of the problems that accessibility poses to information security. This is a small class level project meant for educational purposes only and will not be presented in a wider market. We are looking for examples, anecdotal or sourced, of situations you have come across where accessibility has been a threat to information security or the other way around. Your name can be included in the project, or not, as you see fit. Please email either myself at mebening@gmail.com <mailto:mebening@gmail.com> or my research partner at flint.million@mnsu.edu <mailto:flint.million@mnsu.edu> with details, questions, or concerns. Thanks very much, Megan
Megan, are you blind or do you use any assistive technologies? This seems to be your first message to this list if I'm not mistaken. IT's an unusual query. I cant speak for anyone else but I'd want a lot more information regarding your motives before I answered any of your questions. Darragh -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: 18 November 2014 16:20 To: Blind sysadmins list Cc: Flint D Million Subject: [Blind-sysadmins] Looking for feedback on a grad project Hello all, My partner and I are working on a graduate project that details some of the problems that accessibility poses to information security. This is a small class level project meant for educational purposes only and will not be presented in a wider market. We are looking for examples, anecdotal or sourced, of situations you have come across where accessibility has been a threat to information security or the other way around. Your name can be included in the project, or not, as you see fit. Please email either myself at mebening@gmail.com <mailto:mebening@gmail.com> or my research partner at flint.million@mnsu.edu <mailto:flint.million@mnsu.edu> with details, questions, or concerns. Thanks very much, Megan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Megan, are you blind or do you use any assistive technologies? This seems to be your first message to this list if I'm not mistaken. IT's an unusual query. I cant speak for anyone else but I'd want a lot more information regarding your motives before I answered any of your questions. Darragh -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: 18 November 2014 16:20 To: Blind sysadmins list Cc: Flint D Million Subject: [Blind-sysadmins] Looking for feedback on a grad project Hello all, My partner and I are working on a graduate project that details some of the problems that accessibility poses to information security. This is a small class level project meant for educational purposes only and will not be presented in a wider market. We are looking for examples, anecdotal or sourced, of situations you have come across where accessibility has been a threat to information security or the other way around. Your name can be included in the project, or not, as you see fit. Please email either myself at mebening@gmail.com <mailto:mebening@gmail.com> or my research partner at flint.million@mnsu.edu <mailto:flint.million@mnsu.edu> with details, questions, or concerns. Thanks very much, Megan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Hello Vic, This is a great point! I’m sorry I neglected to mention this. I am a blind information technology student specializing in information security. I joined the SysAdmins list a few months back to broaden my horizons, but have mostly been sitting back and watching it until now. I am a user of Voiceover, NVDA, System Access, JAWS, and TalkBack. My research partner is visually impaired and does assistive technology training for our state, as wel as using screenreaders extensively himself and is an NVDA developer. Our main objective here is simply to educate our classmates and professor on possible security implications that screenreaders pose and to explain to them how those issues can be worked around or planned for and why they should be. I am seeing that there has been very little research on this topic and am interested, just for my own sake, in the information as well. We don’t plan to publish any of this information more widely and are really just interested in fleshing out our own research and conceptual ideas. Thanks for the question. Again, I apologize for the omission. Please email again with any further questions! Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Megan, are you blind or do you use any assistive technologies?
This seems to be your first message to this list if I'm not mistaken. IT's an unusual query. I cant speak for anyone else but I'd want a lot more information regarding your motives before I answered any of your questions.
Darragh
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: 18 November 2014 16:20 To: Blind sysadmins list Cc: Flint D Million Subject: [Blind-sysadmins] Looking for feedback on a grad project
Hello all, My partner and I are working on a graduate project that details some of the problems that accessibility poses to information security. This is a small class level project meant for educational purposes only and will not be presented in a wider market. We are looking for examples, anecdotal or sourced, of situations you have come across where accessibility has been a threat to information security or the other way around. Your name can be included in the project, or not, as you see fit. Please email either myself at mebening@gmail.com <mailto:mebening@gmail.com> or my research partner at flint.million@mnsu.edu <mailto:flint.million@mnsu.edu> with details, questions, or concerns. Thanks very much, Megan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Hi, I've always been a bit warey about captcha solvers like Webvism. Given that most of the time that a captcha will need to be solved a user will be filling in a form, it's surely the perfect time to send a bit more than the captcha image to the server. The plugin will be accessing the DOM to get the image anyway, so from a development point of view I see no reason why it can't itterate through the form fields & harvist any data that has been entered already. Obviously you can mitigate this by having the captcha filled in before you enter anything, but I'm sure that the majority of blind people (maybe people on this list will be different) won't do this. I'd like to sniff Webvism to find out once and for all if it's doing anything evil, but it's fairly far down on the to do list at the moment. Cheers, Ben. On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello Vic, This is a great point! I’m sorry I neglected to mention this. I am a blind information technology student specializing in information security. I joined the SysAdmins list a few months back to broaden my horizons, but have mostly been sitting back and watching it until now. I am a user of Voiceover, NVDA, System Access, JAWS, and TalkBack. My research partner is visually impaired and does assistive technology training for our state, as wel as using screenreaders extensively himself and is an NVDA developer. Our main objective here is simply to educate our classmates and professor on possible security implications that screenreaders pose and to explain to them how those issues can be worked around or planned for and why they should be. I am seeing that there has been very little research on this topic and am interested, just for my own sake, in the information as well. We don’t plan to publish any of this information more widely and are really just interested in fleshing out our own research and conceptual ideas. Thanks for the question. Again, I apologize for the omission. Please email again with any further questions! Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Megan, are you blind or do you use any assistive technologies?
This seems to be your first message to this list if I'm not mistaken. IT's an unusual query. I cant speak for anyone else but I'd want a lot more information regarding your motives before I answered any of your questions.
Darragh
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: 18 November 2014 16:20 To: Blind sysadmins list Cc: Flint D Million Subject: [Blind-sysadmins] Looking for feedback on a grad project
Hello all, My partner and I are working on a graduate project that details some of the problems that accessibility poses to information security. This is a small class level project meant for educational purposes only and will not be presented in a wider market. We are looking for examples, anecdotal or sourced, of situations you have come across where accessibility has been a threat to information security or the other way around. Your name can be included in the project, or not, as you see fit. Please email either myself at mebening@gmail.com <mailto:mebening@gmail.com> or my research partner at flint.million@mnsu.edu <mailto:flint.million@mnsu.edu> with details, questions, or concerns. Thanks very much, Megan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Hi, I've always been a bit warey about captcha solvers like Webvism. Given that most of the time that a captcha will need to be solved a user will be filling in a form, it's surely the perfect time to send a bit more than the captcha image to the server. The plugin will be accessing the DOM to get the image anyway, so from a development point of view I see no reason why it can't itterate through the form fields & harvist any data that has been entered already. Obviously you can mitigate this by having the captcha filled in before you enter anything, but I'm sure that the majority of blind people (maybe people on this list will be different) won't do this. I'd like to sniff Webvism to find out once and for all if it's doing anything evil, but it's fairly far down on the to do list at the moment. Cheers, Ben. On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello Vic, This is a great point! I’m sorry I neglected to mention this. I am a blind information technology student specializing in information security. I joined the SysAdmins list a few months back to broaden my horizons, but have mostly been sitting back and watching it until now. I am a user of Voiceover, NVDA, System Access, JAWS, and TalkBack. My research partner is visually impaired and does assistive technology training for our state, as wel as using screenreaders extensively himself and is an NVDA developer. Our main objective here is simply to educate our classmates and professor on possible security implications that screenreaders pose and to explain to them how those issues can be worked around or planned for and why they should be. I am seeing that there has been very little research on this topic and am interested, just for my own sake, in the information as well. We don’t plan to publish any of this information more widely and are really just interested in fleshing out our own research and conceptual ideas. Thanks for the question. Again, I apologize for the omission. Please email again with any further questions! Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Megan, are you blind or do you use any assistive technologies?
This seems to be your first message to this list if I'm not mistaken. IT's an unusual query. I cant speak for anyone else but I'd want a lot more information regarding your motives before I answered any of your questions.
Darragh
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: 18 November 2014 16:20 To: Blind sysadmins list Cc: Flint D Million Subject: [Blind-sysadmins] Looking for feedback on a grad project
Hello all, My partner and I are working on a graduate project that details some of the problems that accessibility poses to information security. This is a small class level project meant for educational purposes only and will not be presented in a wider market. We are looking for examples, anecdotal or sourced, of situations you have come across where accessibility has been a threat to information security or the other way around. Your name can be included in the project, or not, as you see fit. Please email either myself at mebening@gmail.com <mailto:mebening@gmail.com> or my research partner at flint.million@mnsu.edu <mailto:flint.million@mnsu.edu> with details, questions, or concerns. Thanks very much, Megan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
My apologies, My last email was addressed to http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is... <http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>, not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Darragh
Hi, Is there any reason you aren't planning to publish an article on this, or present it at conferences? I think people might be more inclined to participate if the reach of your research will be broader? You might also think about presenting your findings at conferences like CSUN or info security conferences. Best, Mika @pyyhkala -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: Tuesday, November 18, 2014 11:51 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project My apologies, My last email was addressed to http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is... <http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>, not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Darragh
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins This message contains information from Neighborhood Health Plan that may be confidential or privileged. This message is directed only to the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution, or use of the contents of this email is prohibited. If you have received this email in error, please notify the sender immediately and delete the message and any attachments.
Hello all, The reason I didn't want to publish this widely at this Time is because I am worried about it having adverse effects on employment of blind people. Later on I would love to expand this and at that time present at CSUN or such as my thesis. I just wanted to make everyone aware of the plan as it stands because others who agreed to work with us on this project were very apprehensive about adding their $0.02 if the study was going to be published widely. Thanks, Megan Sent from my iPhone
On Nov 18, 2014, at 10:53 AM, Mika Pyyhkala <Mika_Pyyhkala@nhp.org> wrote:
Hi,
Is there any reason you aren't planning to publish an article on this, or present it at conferences?
I think people might be more inclined to participate if the reach of your research will be broader?
You might also think about presenting your findings at conferences like CSUN or info security conferences.
Best, Mika @pyyhkala
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: Tuesday, November 18, 2014 11:51 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
My apologies, My last email was addressed to http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is... <http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>, not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Darragh
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
This message contains information from Neighborhood Health Plan that may be confidential or privileged. This message is directed only to the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution, or use of the contents of this email is prohibited. If you have received this email in error, please notify the sender immediately and delete the message and any attachments. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
There are a lot of implications regarding the queries you pose, Megan. This has been a concern for a very long time now, talked about very quietly by those who are cognizant of this topic. Not only does it have implications for employment of blind people, but, of course, it has implications for the security of every blind computer user. I would state pretty categorically that a public forum of any sort would not be the proper place for this sort of discussion, & I have really mixed emotions about whether or not discussion of the topic in any sort of venue, be it public or private, would serve any real purpose. Disabled people rely on their computers to assist them w/life activities that would either be difficult or impossible to do w/o the aid of a computer, as you very well know. This ksort of discussion could give bad actors all sorts of clues as to how they might compromise blind peoples' machines. There was already 1 incident where a cybercriminal targeted blind users w/some sort of audio program which turned out to be nothing of the sort. I really think if you're going to pursue this, you should seriously consider how to keep both the input & the results from falling into the wrong hands, cuz believe me, Webvisum is child's play compared to the havoc that can be wrought by means of malicious scripts or even a malicious adaptive technology vendor. On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello all, The reason I didn't want to publish this widely at this Time is because I am worried about it having adverse effects on employment of blind people. Later on I would love to expand this and at that time present at CSUN or such as my thesis. I just wanted to make everyone aware of the plan as it stands because others who agreed to work with us on this project were very apprehensive about adding their $0.02 if the study was going to be published widely. Thanks, Megan
Sent from my iPhone
On Nov 18, 2014, at 10:53 AM, Mika Pyyhkala <Mika_Pyyhkala@nhp.org> wrote:
Hi,
Is there any reason you aren't planning to publish an article on this, or present it at conferences?
I think people might be more inclined to participate if the reach of your research will be broader?
You might also think about presenting your findings at conferences like CSUN or info security conferences.
Best, Mika @pyyhkala
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: Tuesday, November 18, 2014 11:51 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
My apologies, My last email was addressed to http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is... <http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>, not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Darragh
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
This message contains information from Neighborhood Health Plan that may be confidential or privileged. This message is directed only to the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution, or use of the contents of this email is prohibited. If you have received this email in error, please notify the sender immediately and delete the message and any attachments. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
There are a lot of implications regarding the queries you pose, Megan. This has been a concern for a very long time now, talked about very quietly by those who are cognizant of this topic. Not only does it have implications for employment of blind people, but, of course, it has implications for the security of every blind computer user. I would state pretty categorically that a public forum of any sort would not be the proper place for this sort of discussion, & I have really mixed emotions about whether or not discussion of the topic in any sort of venue, be it public or private, would serve any real purpose. Disabled people rely on their computers to assist them w/life activities that would either be difficult or impossible to do w/o the aid of a computer, as you very well know. This ksort of discussion could give bad actors all sorts of clues as to how they might compromise blind peoples' machines. There was already 1 incident where a cybercriminal targeted blind users w/some sort of audio program which turned out to be nothing of the sort. I really think if you're going to pursue this, you should seriously consider how to keep both the input & the results from falling into the wrong hands, cuz believe me, Webvisum is child's play compared to the havoc that can be wrought by means of malicious scripts or even a malicious adaptive technology vendor. On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello all, The reason I didn't want to publish this widely at this Time is because I am worried about it having adverse effects on employment of blind people. Later on I would love to expand this and at that time present at CSUN or such as my thesis. I just wanted to make everyone aware of the plan as it stands because others who agreed to work with us on this project were very apprehensive about adding their $0.02 if the study was going to be published widely. Thanks, Megan
Sent from my iPhone
On Nov 18, 2014, at 10:53 AM, Mika Pyyhkala <Mika_Pyyhkala@nhp.org> wrote:
Hi,
Is there any reason you aren't planning to publish an article on this, or present it at conferences?
I think people might be more inclined to participate if the reach of your research will be broader?
You might also think about presenting your findings at conferences like CSUN or info security conferences.
Best, Mika @pyyhkala
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: Tuesday, November 18, 2014 11:51 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
My apologies, My last email was addressed to http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is... <http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>, not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Darragh
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
This message contains information from Neighborhood Health Plan that may be confidential or privileged. This message is directed only to the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution, or use of the contents of this email is prohibited. If you have received this email in error, please notify the sender immediately and delete the message and any attachments. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
Jackie: While I agree this is a conversation that needs to happen carefully, and may or may not be the right place for a grad project (not my place to say,) it shouldn’t be just shoved under the rug either. The issues here are important, and as you said, blind and other disabled people do depend on their computers and technology. Screen readers do hook into the operating system at a pretty deep level in multiple areas, so could possibly represent a good attack venue. Video drivers, MSAA hooks, etc. So there is a responsibility among the screen reader vendors to do some security checking. That being said, I know of no vulnerability that’s introduced through a screen reader, so this checking is probably happening at some level, and good if it is. If its not and we’ve just been lucky, a fair question is why not. So yes, this does need to be on our minds, and at a high level at least shouldn’t be shoved into a quiet corner. Ryan
On Nov 18, 2014, at 8:32 PM, Jackie McBride <abletec@gmail.com> wrote:
There are a lot of implications regarding the queries you pose, Megan. This has been a concern for a very long time now, talked about very quietly by those who are cognizant of this topic. Not only does it have implications for employment of blind people, but, of course, it has implications for the security of every blind computer user. I would state pretty categorically that a public forum of any sort would not be the proper place for this sort of discussion, & I have really mixed emotions about whether or not discussion of the topic in any sort of venue, be it public or private, would serve any real purpose.
Disabled people rely on their computers to assist them w/life activities that would either be difficult or impossible to do w/o the aid of a computer, as you very well know. This ksort of discussion could give bad actors all sorts of clues as to how they might compromise blind peoples' machines. There was already 1 incident where a cybercriminal targeted blind users w/some sort of audio program which turned out to be nothing of the sort.
I really think if you're going to pursue this, you should seriously consider how to keep both the input & the results from falling into the wrong hands, cuz believe me, Webvisum is child's play compared to the havoc that can be wrought by means of malicious scripts or even a malicious adaptive technology vendor.
On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello all, The reason I didn't want to publish this widely at this Time is because I am worried about it having adverse effects on employment of blind people. Later on I would love to expand this and at that time present at CSUN or such as my thesis. I just wanted to make everyone aware of the plan as it stands because others who agreed to work with us on this project were very apprehensive about adding their $0.02 if the study was going to be published widely. Thanks, Megan
Sent from my iPhone
On Nov 18, 2014, at 10:53 AM, Mika Pyyhkala <Mika_Pyyhkala@nhp.org> wrote:
Hi,
Is there any reason you aren't planning to publish an article on this, or present it at conferences?
I think people might be more inclined to participate if the reach of your research will be broader?
You might also think about presenting your findings at conferences like CSUN or info security conferences.
Best, Mika @pyyhkala
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: Tuesday, November 18, 2014 11:51 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
My apologies, My last email was addressed to http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is... <http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>, not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Darragh
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
This message contains information from Neighborhood Health Plan that may be confidential or privileged. This message is directed only to the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution, or use of the contents of this email is prohibited. If you have received this email in error, please notify the sender immediately and delete the message and any attachments. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Hay, Ryan--I'm really not saying it should be shoved into a corner exactly. What I am saying, though, is that I'm not sure it should be happening in the confines of a classroom, in a thesis that has the potential at least of being publicly available, & definitively not on a public mailing list or forum. If/when it happens (& it is), it needs to at least include the folks who have the power to affect change, i.e., the adaptive technology vendors. Thus far, thank God, not many bad actors have taken advantage of those facets of adaptive technology that could prove a security nightmare. Part of it may be because of ignorance of the technologies employed, &, in that sense, that's a good thing, & it's that aspect that I think needs to be protected. Another reason could be the low numbers involved, though having said that, if they found a way to compromise a llot of our computers, they could build a fairly respectable botnet. Hope that clarifies? On 11/18/14, Ryan Shugart <rshugart@pcisys.net> wrote:
Jackie: While I agree this is a conversation that needs to happen carefully, and may or may not be the right place for a grad project (not my place to say,) it shouldn't be just shoved under the rug either. The issues here are important, and as you said, blind and other disabled people do depend on their computers and technology. Screen readers do hook into the operating system at a pretty deep level in multiple areas, so could possibly represent a good attack venue. Video drivers, MSAA hooks, etc. So there is a responsibility among the screen reader vendors to do some security checking. That being said, I know of no vulnerability that's introduced through a screen reader, so this checking is probably happening at some level, and good if it is. If its not and we've just been lucky, a fair question is why not. So yes, this does need to be on our minds, and at a high level at least shouldn't be shoved into a quiet corner. Ryan
On Nov 18, 2014, at 8:32 PM, Jackie McBride <abletec@gmail.com> wrote:
There are a lot of implications regarding the queries you pose, Megan. This has been a concern for a very long time now, talked about very quietly by those who are cognizant of this topic. Not only does it have implications for employment of blind people, but, of course, it has implications for the security of every blind computer user. I would state pretty categorically that a public forum of any sort would not be the proper place for this sort of discussion, & I have really mixed emotions about whether or not discussion of the topic in any sort of venue, be it public or private, would serve any real purpose.
Disabled people rely on their computers to assist them w/life activities that would either be difficult or impossible to do w/o the aid of a computer, as you very well know. This ksort of discussion could give bad actors all sorts of clues as to how they might compromise blind peoples' machines. There was already 1 incident where a cybercriminal targeted blind users w/some sort of audio program which turned out to be nothing of the sort.
I really think if you're going to pursue this, you should seriously consider how to keep both the input & the results from falling into the wrong hands, cuz believe me, Webvisum is child's play compared to the havoc that can be wrought by means of malicious scripts or even a malicious adaptive technology vendor.
On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello all, The reason I didn't want to publish this widely at this Time is because I am worried about it having adverse effects on employment of blind people. Later on I would love to expand this and at that time present at CSUN or such as my thesis. I just wanted to make everyone aware of the plan as it stands because others who agreed to work with us on this project were very apprehensive about adding their $0.02 if the study was going to be published widely. Thanks, Megan
Sent from my iPhone
On Nov 18, 2014, at 10:53 AM, Mika Pyyhkala <Mika_Pyyhkala@nhp.org> wrote:
Hi,
Is there any reason you aren't planning to publish an article on this, or present it at conferences?
I think people might be more inclined to participate if the reach of your research will be broader?
You might also think about presenting your findings at conferences like CSUN or info security conferences.
Best, Mika @pyyhkala
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: Tuesday, November 18, 2014 11:51 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
My apologies, My last email was addressed to http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is... <http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>, not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Darragh
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
This message contains information from Neighborhood Health Plan that may be confidential or privileged. This message is directed only to the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution, or use of the contents of this email is prohibited. If you have received this email in error, please notify the sender immediately and delete the message and any attachments. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
Hay, Ryan--I'm really not saying it should be shoved into a corner exactly. What I am saying, though, is that I'm not sure it should be happening in the confines of a classroom, in a thesis that has the potential at least of being publicly available, & definitively not on a public mailing list or forum. If/when it happens (& it is), it needs to at least include the folks who have the power to affect change, i.e., the adaptive technology vendors. Thus far, thank God, not many bad actors have taken advantage of those facets of adaptive technology that could prove a security nightmare. Part of it may be because of ignorance of the technologies employed, &, in that sense, that's a good thing, & it's that aspect that I think needs to be protected. Another reason could be the low numbers involved, though having said that, if they found a way to compromise a llot of our computers, they could build a fairly respectable botnet. Hope that clarifies? On 11/18/14, Ryan Shugart <rshugart@pcisys.net> wrote:
Jackie: While I agree this is a conversation that needs to happen carefully, and may or may not be the right place for a grad project (not my place to say,) it shouldn't be just shoved under the rug either. The issues here are important, and as you said, blind and other disabled people do depend on their computers and technology. Screen readers do hook into the operating system at a pretty deep level in multiple areas, so could possibly represent a good attack venue. Video drivers, MSAA hooks, etc. So there is a responsibility among the screen reader vendors to do some security checking. That being said, I know of no vulnerability that's introduced through a screen reader, so this checking is probably happening at some level, and good if it is. If its not and we've just been lucky, a fair question is why not. So yes, this does need to be on our minds, and at a high level at least shouldn't be shoved into a quiet corner. Ryan
On Nov 18, 2014, at 8:32 PM, Jackie McBride <abletec@gmail.com> wrote:
There are a lot of implications regarding the queries you pose, Megan. This has been a concern for a very long time now, talked about very quietly by those who are cognizant of this topic. Not only does it have implications for employment of blind people, but, of course, it has implications for the security of every blind computer user. I would state pretty categorically that a public forum of any sort would not be the proper place for this sort of discussion, & I have really mixed emotions about whether or not discussion of the topic in any sort of venue, be it public or private, would serve any real purpose.
Disabled people rely on their computers to assist them w/life activities that would either be difficult or impossible to do w/o the aid of a computer, as you very well know. This ksort of discussion could give bad actors all sorts of clues as to how they might compromise blind peoples' machines. There was already 1 incident where a cybercriminal targeted blind users w/some sort of audio program which turned out to be nothing of the sort.
I really think if you're going to pursue this, you should seriously consider how to keep both the input & the results from falling into the wrong hands, cuz believe me, Webvisum is child's play compared to the havoc that can be wrought by means of malicious scripts or even a malicious adaptive technology vendor.
On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello all, The reason I didn't want to publish this widely at this Time is because I am worried about it having adverse effects on employment of blind people. Later on I would love to expand this and at that time present at CSUN or such as my thesis. I just wanted to make everyone aware of the plan as it stands because others who agreed to work with us on this project were very apprehensive about adding their $0.02 if the study was going to be published widely. Thanks, Megan
Sent from my iPhone
On Nov 18, 2014, at 10:53 AM, Mika Pyyhkala <Mika_Pyyhkala@nhp.org> wrote:
Hi,
Is there any reason you aren't planning to publish an article on this, or present it at conferences?
I think people might be more inclined to participate if the reach of your research will be broader?
You might also think about presenting your findings at conferences like CSUN or info security conferences.
Best, Mika @pyyhkala
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: Tuesday, November 18, 2014 11:51 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
My apologies, My last email was addressed to http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is... <http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>, not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Darragh
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
This message contains information from Neighborhood Health Plan that may be confidential or privileged. This message is directed only to the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution, or use of the contents of this email is prohibited. If you have received this email in error, please notify the sender immediately and delete the message and any attachments. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
Let me clarify a few things, as I see where both Jackie and Ryan are coming from. At this point in time, we are only doing this presentation for one class, not as a broader thesis. Because it is a graduate level class and because there is very little research having been done in this area, I felt that it was important. If we were ever to expand this project into a graduate level thesis, I would of course make sure that it was being presented to adaptive technology vendors, etc first. I am currently working with my university to see what options were there and, if I were to use it as a thesis, would strongly consider presenting at a conference like CSUN at that time. Thanks for your consideration and feedback! I will share the paper with anyone who wants to see it, off list, just let me know. Megan
On Nov 19, 2014, at 9:07 AM, Jackie McBride <abletec@gmail.com> wrote:
Hay, Ryan--I'm really not saying it should be shoved into a corner exactly. What I am saying, though, is that I'm not sure it should be happening in the confines of a classroom, in a thesis that has the potential at least of being publicly available, & definitively not on a public mailing list or forum. If/when it happens (& it is), it needs to at least include the folks who have the power to affect change, i.e., the adaptive technology vendors.
Thus far, thank God, not many bad actors have taken advantage of those facets of adaptive technology that could prove a security nightmare. Part of it may be because of ignorance of the technologies employed, &, in that sense, that's a good thing, & it's that aspect that I think needs to be protected. Another reason could be the low numbers involved, though having said that, if they found a way to compromise a llot of our computers, they could build a fairly respectable botnet.
Hope that clarifies?
On 11/18/14, Ryan Shugart <rshugart@pcisys.net> wrote:
Jackie: While I agree this is a conversation that needs to happen carefully, and may or may not be the right place for a grad project (not my place to say,) it shouldn't be just shoved under the rug either. The issues here are important, and as you said, blind and other disabled people do depend on their computers and technology. Screen readers do hook into the operating system at a pretty deep level in multiple areas, so could possibly represent a good attack venue. Video drivers, MSAA hooks, etc. So there is a responsibility among the screen reader vendors to do some security checking. That being said, I know of no vulnerability that's introduced through a screen reader, so this checking is probably happening at some level, and good if it is. If its not and we've just been lucky, a fair question is why not. So yes, this does need to be on our minds, and at a high level at least shouldn't be shoved into a quiet corner. Ryan
On Nov 18, 2014, at 8:32 PM, Jackie McBride <abletec@gmail.com> wrote:
There are a lot of implications regarding the queries you pose, Megan. This has been a concern for a very long time now, talked about very quietly by those who are cognizant of this topic. Not only does it have implications for employment of blind people, but, of course, it has implications for the security of every blind computer user. I would state pretty categorically that a public forum of any sort would not be the proper place for this sort of discussion, & I have really mixed emotions about whether or not discussion of the topic in any sort of venue, be it public or private, would serve any real purpose.
Disabled people rely on their computers to assist them w/life activities that would either be difficult or impossible to do w/o the aid of a computer, as you very well know. This ksort of discussion could give bad actors all sorts of clues as to how they might compromise blind peoples' machines. There was already 1 incident where a cybercriminal targeted blind users w/some sort of audio program which turned out to be nothing of the sort.
I really think if you're going to pursue this, you should seriously consider how to keep both the input & the results from falling into the wrong hands, cuz believe me, Webvisum is child's play compared to the havoc that can be wrought by means of malicious scripts or even a malicious adaptive technology vendor.
On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello all, The reason I didn't want to publish this widely at this Time is because I am worried about it having adverse effects on employment of blind people. Later on I would love to expand this and at that time present at CSUN or such as my thesis. I just wanted to make everyone aware of the plan as it stands because others who agreed to work with us on this project were very apprehensive about adding their $0.02 if the study was going to be published widely. Thanks, Megan
Sent from my iPhone
On Nov 18, 2014, at 10:53 AM, Mika Pyyhkala <Mika_Pyyhkala@nhp.org> wrote:
Hi,
Is there any reason you aren't planning to publish an article on this, or present it at conferences?
I think people might be more inclined to participate if the reach of your research will be broader?
You might also think about presenting your findings at conferences like CSUN or info security conferences.
Best, Mika @pyyhkala
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: Tuesday, November 18, 2014 11:51 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
My apologies, My last email was addressed to http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is... <http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>, not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Darragh
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
This message contains information from Neighborhood Health Plan that may be confidential or privileged. This message is directed only to the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution, or use of the contents of this email is prohibited. If you have received this email in error, please notify the sender immediately and delete the message and any attachments. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Megan, don't let some people dissuade you from doing this much needed work! At 12:28 PM 11/20/2014, you wrote:
On Nov 19, 2014, at 9:07 AM, Jackie McBride <abletec@gmail.com> wrote:
Hay, Ryan--I'm really not saying it should be shoved into a corner exactly. What I am saying, though, is that I'm not sure it should be happening in the confines of a classroom, in a thesis that has the potential at least of being publicly available, & definitively not on a public mailing list or forum. If/when it happens (& it is), it needs to at least include the folks who have the power to affect change, i.e., the adaptive technology vendors.
Thus far, thank God, not many bad actors have taken advantage of those facets of adaptive technology that could prove a security nightmare. Part of it may be because of ignorance of the technologies employed, &, in that sense, that's a good thing, & it's that aspect that I think needs to be protected. Another reason could be the low numbers involved, though having said that, if they found a way to compromise a llot of our computers, they could build a fairly respectable botnet.
Hope that clarifies?
On 11/18/14, Ryan Shugart <rshugart@pcisys.net> wrote:
Jackie: While I agree this is a conversation
may or may not be the right place for a grad
Let me clarify a few things, as I see where both Jackie and Ryan are coming from. At this point in time, we are only doing this presentation for one class, not as a broader thesis. Because it is a graduate level class and because there is very little research having been done in this area, I felt that it was important. If we were ever to expand this project into a graduate level thesis, I would of course make sure that it was being presented to adaptive technology vendors, etc first. I am currently working with my university to see what options were there and, if I were to use it as a thesis, would strongly consider presenting at a conference like CSUN at that time. Thanks for your consideration and feedback! I will share the paper with anyone who wants to see it, off list, just let me know. Megan that needs to happen carefully, and project (not my place to say,)
it shouldn't be just shoved under the rug either. The issues here are important, and as you said, blind and other disabled people do depend on their computers and technology. Screen readers do hook into the operating system at a pretty deep level in multiple areas, so could possibly represent a good attack venue. Video drivers, MSAA hooks, etc. So there is a responsibility among the screen reader vendors to do some security checking. That being said, I know of no vulnerability that's introduced through a screen reader, so this checking is probably happening at some level, and good if it is. If its not and we've just been lucky, a fair question is why not. So yes, this does need to be on our minds, and at a high level at least shouldn't be shoved into a quiet corner. Ryan
On Nov 18, 2014, at 8:32 PM, Jackie McBride <abletec@gmail.com> wrote:
There are a lot of implications regarding the queries you pose, Megan. This has been a concern for a very long time now, talked about very quietly by those who are cognizant of this topic. Not only does it have implications for employment of blind people, but, of course, it has implications for the security of every blind computer user. I would state pretty categorically that a public forum of any sort would not be the proper place for this sort of discussion, & I have really mixed emotions about whether or not discussion of the topic in any sort of venue, be it public or private, would serve any real purpose.
Disabled people rely on their computers to assist them w/life activities that would either be difficult or impossible to do w/o the aid of a computer, as you very well know. This ksort of discussion could give bad actors all sorts of clues as to how they might compromise blind peoples' machines. There was already 1 incident where a cybercriminal targeted blind users w/some sort of audio program which turned out to be nothing of the sort.
I really think if you're going to pursue this, you should seriously consider how to keep both the input & the results from falling into the wrong hands, cuz believe me, Webvisum is child's play compared to the havoc that can be wrought by means of malicious scripts or even a malicious adaptive technology vendor.
On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello all, The reason I didn't want to publish this widely at this Time is because I am worried about it having adverse effects on employment of blind people. Later on I would love to expand this and at that time present at CSUN or such as my thesis. I just wanted to make everyone aware of the plan as it stands because others who agreed to work with us on this project were very apprehensive about adding their $0.02 if the study was going to be published widely. Thanks, Megan
Sent from my iPhone
On Nov 18, 2014, at 10:53 AM, Mika Pyyhkala <Mika_Pyyhkala@nhp.org> wrote:
Hi,
Is there any reason you aren't planning to publish an article on this, or present it at conferences?
I think people might be more inclined to participate if the reach of your research will be broader?
You might also think about presenting your findings at conferences like CSUN or info security conferences.
Best, Mika @pyyhkala
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: Tuesday, November 18, 2014 11:51 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
My apologies, My last email was addressed to
http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is...
<http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>,
not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan > On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> > wrote: > > Darragh
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
This message contains information from Neighborhood Health Plan that may be confidential or privileged. This message is directed only to the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution, or use of the contents of this email is prohibited. If you have received this email in error, please notify the sender immediately and delete the message and any attachments. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Jackie, You are absolutely right. My intension wasn’t to make this public in any way. This is why I included my personal email and asked that inquiries be directed to me. As Ryan said, I believe that it is an issue that does need to be addressed. I think that if the IT professionals of tomorrow have an understanding of how screenreaders work, that will allow them to be more secure while still accommodating users with special needs. Thanks for your feedback! Megan
On Nov 18, 2014, at 9:32 PM, Jackie McBride <abletec@gmail.com> wrote:
There are a lot of implications regarding the queries you pose, Megan. This has been a concern for a very long time now, talked about very quietly by those who are cognizant of this topic. Not only does it have implications for employment of blind people, but, of course, it has implications for the security of every blind computer user. I would state pretty categorically that a public forum of any sort would not be the proper place for this sort of discussion, & I have really mixed emotions about whether or not discussion of the topic in any sort of venue, be it public or private, would serve any real purpose.
Disabled people rely on their computers to assist them w/life activities that would either be difficult or impossible to do w/o the aid of a computer, as you very well know. This ksort of discussion could give bad actors all sorts of clues as to how they might compromise blind peoples' machines. There was already 1 incident where a cybercriminal targeted blind users w/some sort of audio program which turned out to be nothing of the sort.
I really think if you're going to pursue this, you should seriously consider how to keep both the input & the results from falling into the wrong hands, cuz believe me, Webvisum is child's play compared to the havoc that can be wrought by means of malicious scripts or even a malicious adaptive technology vendor.
On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello all, The reason I didn't want to publish this widely at this Time is because I am worried about it having adverse effects on employment of blind people. Later on I would love to expand this and at that time present at CSUN or such as my thesis. I just wanted to make everyone aware of the plan as it stands because others who agreed to work with us on this project were very apprehensive about adding their $0.02 if the study was going to be published widely. Thanks, Megan
Sent from my iPhone
On Nov 18, 2014, at 10:53 AM, Mika Pyyhkala <Mika_Pyyhkala@nhp.org> wrote:
Hi,
Is there any reason you aren't planning to publish an article on this, or present it at conferences?
I think people might be more inclined to participate if the reach of your research will be broader?
You might also think about presenting your findings at conferences like CSUN or info security conferences.
Best, Mika @pyyhkala
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: Tuesday, November 18, 2014 11:51 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
My apologies, My last email was addressed to http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is... <http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>, not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Darragh
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
This message contains information from Neighborhood Health Plan that may be confidential or privileged. This message is directed only to the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution, or use of the contents of this email is prohibited. If you have received this email in error, please notify the sender immediately and delete the message and any attachments. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Megan: Perhaps a little more info would be helpful, sorry if you’ve already given this and I’ve missed it, but what kind of class is this? Are they looking for this to get really technical or just stay at a high level so we don’t have to talk about any issues in particular, in other words, what’s the target audience? Also, what made this an area you wanted to pursue, what is your experience with this field so far? Again, sorry if I already missed these answers. Ryan
On Nov 20, 2014, at 10:19 AM, Megan Bening <mebening@gmail.com> wrote:
Jackie, You are absolutely right. My intension wasn’t to make this public in any way. This is why I included my personal email and asked that inquiries be directed to me. As Ryan said, I believe that it is an issue that does need to be addressed. I think that if the IT professionals of tomorrow have an understanding of how screenreaders work, that will allow them to be more secure while still accommodating users with special needs. Thanks for your feedback! Megan
On Nov 18, 2014, at 9:32 PM, Jackie McBride <abletec@gmail.com> wrote:
There are a lot of implications regarding the queries you pose, Megan. This has been a concern for a very long time now, talked about very quietly by those who are cognizant of this topic. Not only does it have implications for employment of blind people, but, of course, it has implications for the security of every blind computer user. I would state pretty categorically that a public forum of any sort would not be the proper place for this sort of discussion, & I have really mixed emotions about whether or not discussion of the topic in any sort of venue, be it public or private, would serve any real purpose.
Disabled people rely on their computers to assist them w/life activities that would either be difficult or impossible to do w/o the aid of a computer, as you very well know. This ksort of discussion could give bad actors all sorts of clues as to how they might compromise blind peoples' machines. There was already 1 incident where a cybercriminal targeted blind users w/some sort of audio program which turned out to be nothing of the sort.
I really think if you're going to pursue this, you should seriously consider how to keep both the input & the results from falling into the wrong hands, cuz believe me, Webvisum is child's play compared to the havoc that can be wrought by means of malicious scripts or even a malicious adaptive technology vendor.
On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello all, The reason I didn't want to publish this widely at this Time is because I am worried about it having adverse effects on employment of blind people. Later on I would love to expand this and at that time present at CSUN or such as my thesis. I just wanted to make everyone aware of the plan as it stands because others who agreed to work with us on this project were very apprehensive about adding their $0.02 if the study was going to be published widely. Thanks, Megan
Sent from my iPhone
On Nov 18, 2014, at 10:53 AM, Mika Pyyhkala <Mika_Pyyhkala@nhp.org> wrote:
Hi,
Is there any reason you aren't planning to publish an article on this, or present it at conferences?
I think people might be more inclined to participate if the reach of your research will be broader?
You might also think about presenting your findings at conferences like CSUN or info security conferences.
Best, Mika @pyyhkala
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: Tuesday, November 18, 2014 11:51 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
My apologies, My last email was addressed to http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is... <http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>, not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Darragh
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
This message contains information from Neighborhood Health Plan that may be confidential or privileged. This message is directed only to the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution, or use of the contents of this email is prohibited. If you have received this email in error, please notify the sender immediately and delete the message and any attachments. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Chris, I don't think anyone's trying to discourage her. What I'm saying, & I think others concur, is that the discussion needs to take place in the proper venue & w/the proper people involved, & that it needs to be handled in such a way as to minimize the potential deliterious effects on the end-users of the technology. That's it. On 11/21/14, Ryan Shugart <rshugart@pcisys.net> wrote:
Megan: Perhaps a little more info would be helpful, sorry if you've already given this and I've missed it, but what kind of class is this? Are they looking for this to get really technical or just stay at a high level so we don't have to talk about any issues in particular, in other words, what's the target audience? Also, what made this an area you wanted to pursue, what is your experience with this field so far? Again, sorry if I already missed these answers. Ryan
On Nov 20, 2014, at 10:19 AM, Megan Bening <mebening@gmail.com> wrote:
Jackie, You are absolutely right. My intension wasn't to make this public in any way. This is why I included my personal email and asked that inquiries be directed to me. As Ryan said, I believe that it is an issue that does need to be addressed. I think that if the IT professionals of tomorrow have an understanding of how screenreaders work, that will allow them to be more secure while still accommodating users with special needs. Thanks for your feedback! Megan
On Nov 18, 2014, at 9:32 PM, Jackie McBride <abletec@gmail.com> wrote:
There are a lot of implications regarding the queries you pose, Megan. This has been a concern for a very long time now, talked about very quietly by those who are cognizant of this topic. Not only does it have implications for employment of blind people, but, of course, it has implications for the security of every blind computer user. I would state pretty categorically that a public forum of any sort would not be the proper place for this sort of discussion, & I have really mixed emotions about whether or not discussion of the topic in any sort of venue, be it public or private, would serve any real purpose.
Disabled people rely on their computers to assist them w/life activities that would either be difficult or impossible to do w/o the aid of a computer, as you very well know. This ksort of discussion could give bad actors all sorts of clues as to how they might compromise blind peoples' machines. There was already 1 incident where a cybercriminal targeted blind users w/some sort of audio program which turned out to be nothing of the sort.
I really think if you're going to pursue this, you should seriously consider how to keep both the input & the results from falling into the wrong hands, cuz believe me, Webvisum is child's play compared to the havoc that can be wrought by means of malicious scripts or even a malicious adaptive technology vendor.
On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello all, The reason I didn't want to publish this widely at this Time is because I am worried about it having adverse effects on employment of blind people. Later on I would love to expand this and at that time present at CSUN or such as my thesis. I just wanted to make everyone aware of the plan as it stands because others who agreed to work with us on this project were very apprehensive about adding their $0.02 if the study was going to be published widely. Thanks, Megan
Sent from my iPhone
On Nov 18, 2014, at 10:53 AM, Mika Pyyhkala <Mika_Pyyhkala@nhp.org> wrote:
Hi,
Is there any reason you aren't planning to publish an article on this, or present it at conferences?
I think people might be more inclined to participate if the reach of your research will be broader?
You might also think about presenting your findings at conferences like CSUN or info security conferences.
Best, Mika @pyyhkala
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: Tuesday, November 18, 2014 11:51 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
My apologies, My last email was addressed to http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is... <http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>, not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Darragh
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
This message contains information from Neighborhood Health Plan that may be confidential or privileged. This message is directed only to the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution, or use of the contents of this email is prohibited. If you have received this email in error, please notify the sender immediately and delete the message and any attachments. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
Chris, I don't think anyone's trying to discourage her. What I'm saying, & I think others concur, is that the discussion needs to take place in the proper venue & w/the proper people involved, & that it needs to be handled in such a way as to minimize the potential deliterious effects on the end-users of the technology. That's it. On 11/21/14, Ryan Shugart <rshugart@pcisys.net> wrote:
Megan: Perhaps a little more info would be helpful, sorry if you've already given this and I've missed it, but what kind of class is this? Are they looking for this to get really technical or just stay at a high level so we don't have to talk about any issues in particular, in other words, what's the target audience? Also, what made this an area you wanted to pursue, what is your experience with this field so far? Again, sorry if I already missed these answers. Ryan
On Nov 20, 2014, at 10:19 AM, Megan Bening <mebening@gmail.com> wrote:
Jackie, You are absolutely right. My intension wasn't to make this public in any way. This is why I included my personal email and asked that inquiries be directed to me. As Ryan said, I believe that it is an issue that does need to be addressed. I think that if the IT professionals of tomorrow have an understanding of how screenreaders work, that will allow them to be more secure while still accommodating users with special needs. Thanks for your feedback! Megan
On Nov 18, 2014, at 9:32 PM, Jackie McBride <abletec@gmail.com> wrote:
There are a lot of implications regarding the queries you pose, Megan. This has been a concern for a very long time now, talked about very quietly by those who are cognizant of this topic. Not only does it have implications for employment of blind people, but, of course, it has implications for the security of every blind computer user. I would state pretty categorically that a public forum of any sort would not be the proper place for this sort of discussion, & I have really mixed emotions about whether or not discussion of the topic in any sort of venue, be it public or private, would serve any real purpose.
Disabled people rely on their computers to assist them w/life activities that would either be difficult or impossible to do w/o the aid of a computer, as you very well know. This ksort of discussion could give bad actors all sorts of clues as to how they might compromise blind peoples' machines. There was already 1 incident where a cybercriminal targeted blind users w/some sort of audio program which turned out to be nothing of the sort.
I really think if you're going to pursue this, you should seriously consider how to keep both the input & the results from falling into the wrong hands, cuz believe me, Webvisum is child's play compared to the havoc that can be wrought by means of malicious scripts or even a malicious adaptive technology vendor.
On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello all, The reason I didn't want to publish this widely at this Time is because I am worried about it having adverse effects on employment of blind people. Later on I would love to expand this and at that time present at CSUN or such as my thesis. I just wanted to make everyone aware of the plan as it stands because others who agreed to work with us on this project were very apprehensive about adding their $0.02 if the study was going to be published widely. Thanks, Megan
Sent from my iPhone
On Nov 18, 2014, at 10:53 AM, Mika Pyyhkala <Mika_Pyyhkala@nhp.org> wrote:
Hi,
Is there any reason you aren't planning to publish an article on this, or present it at conferences?
I think people might be more inclined to participate if the reach of your research will be broader?
You might also think about presenting your findings at conferences like CSUN or info security conferences.
Best, Mika @pyyhkala
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: Tuesday, November 18, 2014 11:51 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Looking for feedback on a grad project
My apologies, My last email was addressed to http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is... <http://www.marcozehe.de/2014/02/27/why-screen-reader-detection-on-the-web-is-a-bad-thing/>, not Vic, and I only realized I had the salutation wrong after I sent it. Best, Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Darragh
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
This message contains information from Neighborhood Health Plan that may be confidential or privileged. This message is directed only to the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution, or use of the contents of this email is prohibited. If you have received this email in error, please notify the sender immediately and delete the message and any attachments. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Jackie McBride Author of the Upcoming Book "Beyond Baffled: the Technophobe's Guide to Creating a Website" www.brighter-vision.com Where Visionaries & Technology Unite Jaws Scripting training www.screenreaderscripting.com
Hi, I would be interested to know if you got this sorted in the end and whether you found those missing certs. I want to deploy in production for VPN eventually and want to get the topology right. I have done it in the lab and believe I know what I'm doing but your message made me wonder if it was correct. Thanks. Andrew. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 19 October 2014 23:28 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services Hi Andrew: Hmm, interesting. All three of these servers are on and on the domain at all times. We only have one CA that’s used for everything, again assuming there is no offline CA no one has told me about. We’ve contacted the old admin to find out, so far haven’t heard back. Thanks. Ryan
On Oct 19, 2014, at 12:43 PM, Andrew Hodgson <andrew@hodgsonfamily.org> wrote:
Hi,
If you have a root CA and issuing servers then the root CA is usually not integrated into AD and is known as an offline CA. There should only be a limited number of certs on the root CA, which are then used for the issuing CA. The root CA can be turned off and only used when reissuing certs for the issuing CAs.
Do you have different CAs for different purposes?
Andrew.
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 19 October 2014 18:41 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services
Hi Andrew: I don’t know if we’re using an offline CA or not for sure, so far it looks like they just installed them in AD and didn’t worry about an offline CA. Certs are mainly used for our VPN, we don’t use smart cards or anything like that. We have an auto-enrolled computer cert and user cert for each user, and I’ve found three cert servers so far, one root CA (which is why I don’t think there’s an offline CA) and two issuing servers (one of which I ran into by chance as it wasn’t documented to exist anywhere.) If I look in enrolled certificates, one issuing server has about 40 certs, the other 60. Since we have over 2000 devices and a similar number of users, I think I’m missing something as I should be seeing more than that. On a more random note, one thing that really annoys me about the cert console is it appears to show the binary hash of the certificate in the list view. Ugg. Try listening to that, its really annoying. And if you turn that column off from the view menu, the list then doesn’t read properly at all for some reason, and that setting isn’t remembered when the console is restarted. Anyone know how to get the MMC console’s view settings to stick? That makes the cert console really difficult to work with. Ryan
On Oct 18, 2014, at 4:08 AM, Andrew Hodgson <andrew@hodgsonfamily.org> wrote:
Hi,
Are you using an offline root cert or did they just install the cert services in AD and let everything rip from there?
What are you using cert services for specificly? I find that certs are quite often cheap these days, and for most of what you want some good wildcard certs are better than investing in a proper cert infrastructure. Of course if using digital certs or smartcards then that is different
Andrew.
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 18 October 2014 00:33 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services
Thanks Chris, I did read some stuff on the Wiki and its helped get me started, At this point its doing a very good job at making me ask questions about our specific environment that no one has the answers to. Ah well. Thanks again. Ryan On Oct 17, 2014, at 7:40 AM, Christopher McMillan <christophermcmillan@hotmail.com> wrote:
Dear Ryan:
Here is the first site I start with
http://social.technet.microsoft.com/wiki/contents/articles/701.wiki- p l atform s-portal.aspx
Then I post questions to the following site:
http://technet.microsoft.com/en-us/default.aspx
CHRISTOPHER MCMILLAN CHIEF OPERATING OFFICER, CEEKTECHNOLOGY
980-333-7400(w) | 980-333-7400(m) christophermcmillan@outlook.com @CEEKTechnology www.linkedin.com/in/christophermcmillan/
Microsoft Partner for Accessibility
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Friday, October 17, 2014 9:22 AM To: Blind sysadmins list Subject: [Blind-sysadmins] Windows Certificate Services
Hi: I was recently handed our existing certificate infrastructure and told that I now manage it. The guy who used to manage it has left the company and didn't really leave any documentation behind so I have no clue how things are set up beyond knowing we have three cert servers in the environment and what they do (on paper.) Anyone out there have some good resources for getting started with the Windows Cert environment and learning how Microsoft organized their UI? It seems simple and all MMC-based, so in theory shouldn't be a big deal, but I'm seeing some odd things, like only 40 issued certificates when I should be seeing over 500, etc. This is all Windows 2012 BTW. Thanks. Ryan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
Hi, Are you using an offline root cert or did they just install the cert services in AD and let everything rip from there? What are you using cert services for specificly? I find that certs are quite often cheap these days, and for most of what you want some good wildcard certs are better than investing in a proper cert infrastructure. Of course if using digital certs or smartcards then that is different Andrew. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: 18 October 2014 00:33 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Windows Certificate Services Thanks Chris, I did read some stuff on the Wiki and its helped get me started, At this point its doing a very good job at making me ask questions about our specific environment that no one has the answers to. Ah well. Thanks again. Ryan On Oct 17, 2014, at 7:40 AM, Christopher McMillan <christophermcmillan@hotmail.com> wrote:
Dear Ryan:
Here is the first site I start with
http://social.technet.microsoft.com/wiki/contents/articles/701.wiki-pl atform s-portal.aspx
Then I post questions to the following site:
http://technet.microsoft.com/en-us/default.aspx
CHRISTOPHER MCMILLAN CHIEF OPERATING OFFICER, CEEKTECHNOLOGY
980-333-7400(w) | 980-333-7400(m) christophermcmillan@outlook.com @CEEKTechnology www.linkedin.com/in/christophermcmillan/
Microsoft Partner for Accessibility
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Ryan Shugart Sent: Friday, October 17, 2014 9:22 AM To: Blind sysadmins list Subject: [Blind-sysadmins] Windows Certificate Services
Hi: I was recently handed our existing certificate infrastructure and told that I now manage it. The guy who used to manage it has left the company and didn't really leave any documentation behind so I have no clue how things are set up beyond knowing we have three cert servers in the environment and what they do (on paper.) Anyone out there have some good resources for getting started with the Windows Cert environment and learning how Microsoft organized their UI? It seems simple and all MMC-based, so in theory shouldn't be a big deal, but I'm seeing some odd things, like only 40 issued certificates when I should be seeing over 500, etc. This is all Windows 2012 BTW. Thanks. Ryan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
participants (9)
-
Andrew Hodgson -
Ben Mustill-Rose -
Chris Smart -
Christopher McMillan -
Darragh Ó Héiligh -
Jackie McBride -
Megan Bening -
Mika Pyyhkala -
Ryan Shugart