Tag | Security Posts

Register Now: $299 rate through May 8, 2009 Students attend for only $50. (Must be enrolled full time and present valid ID) Check with UMSA member and affiliate organizations for a discount code! Conference DVD Special Offer: Register by April 30 and you can purchase the 2009 conference DVD with PPTs /audio presentations for just $69. (Regularly $129; a 45% discount!) Order DVDs at the conference. See Pre-Conference events for additional professional development opportunities Keynotes: Howard Schmidt ...
When we started WCFing in my current project, the first challenge that we had was to get the WCF Services to impersonate the callers, I had burned a lot of mid night oil trying to figure out the right configuration that would make this happen. Till that time I had not gone through the WCF Security Guidance on CodePlex. The Guidance turned out to be quite helpful and very comprehensive. If you have not gone though that yet, I strongly recommend going to CodePlex and reading it right away. For those ...
If you recently faced any security alert showing MS AntiSpyware 2009 and possible messages of your computer security being compromised, take a deep breath and cool down. It is a fake program (spyware) and installs itself with some codec's into your system. It keeps popping up from your Tray Icon saying that your computer system’s privacy is compromised and you would need to activate the trial version by purchasing the licensed version. In fact this one keeps alerting every 5 minutes and shows fake ...
I need to pass an xml document to a SQL 2005 stored procedure as a parameter with a XML data type. I'm using VBScript with ADODB. I was getting the error of "Bad variable type." The problem is the Provider. The SQL Native Client provider uses an Xml type ( 141) that ADODB doesn't recognize. The OLEDB provider converts the xml type to varWChar. To set things up here's a sample sql stored proc create proc stor_PassXml @xmlVar xml as select @xmlVar end So here's the VBScript to call it Dim conStr Dim ...
Cloud computing holds great promise to the next evolution of business and consumer computing. Amazon has been in the cloud computing game for a while now. In addition to their Azure platform for hosting cloud applications, Microsoft also has online services for pictures, blogs, videos, and files. Google has similar software-as-a-service offerings as well. As other companies bring their offerings to the market, we’ll see more and more options to store our data and files “in the cloud”. But in our ...
I've been using and teaching the ASP.NET Provider Model for some time now so I always felt quite well versed on the topic, specially in the context of membership and security. I thought I understood the "order of operation" in ASP.NET membership pretty well so every time I found the need to write a custom membership provider, I approached the task with confidence. However, I have noticed that everytime I needed to write a custom membership provider, it has been for reasons of extending Microsoft's ...
Cloud computing is a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet. Users need not have knowledge of, expertise in, or control over the technology infrastructure "in the cloud" that supports them. (Wikipedia) According to the official definition of the cloud, it’s an abstract environment which has the ability to dynamically scale and virtualized resources creating a self-managed deployment platform for applications which ...
Let’s play a game of “What if…”. What if you were a Canadian flying from Toronto to Vancouver. The only piece of luggage you had was a metal case containing $5000.00. When you went through security, the officers noticed that you were carrying a large sum of money with you. Now what is the acceptable response from the security officers? Should they be allowed to question you about the money? How about your job, what you were doing in Toronto, what you’ll be doing in Vancouver? Realize that while carrying ...
To resolve this issue, you must change your development machine .net security configuration since you are accessing items across the network. In the event that you need this ability at runtime, you must change the trust level in your config file to full. However, since this is only in development, I can change my local PC's security by going to Start > Control Panel > Administrative Tools > Microsoft .NET Framework 2.0 Configuration. After it fully loads (sometimes takes a bit), fully expand ...
First of all, thanks to all those brilliant people who made the long arduous journey to the UK (and to all those who just happened to be near by). I know it must have killed you to be so far away for so long. I can only imagine how hard it was for you. All of us that couldn’t go really feel for you and feel your pain. Okay! So, for those of us that couldn’t go, some of these guys really did a tremendous job of twittering what was going on during the conference. They absolutely did not have to do ...
April 30th Microsoft Office - Minneapolis LOW I and II 8300 Norman Center Drive - Suite 950 Bloomington, Minnesota 55437 Microsoft ArcReady 9:00am - 11:45 pm WHAT IS ARCREADY? A forum for aspiring and practicing architects to discuss industry trends An overview of Microsoft’s roadmap as it relates to software architecture A mechanism to solicit your feedback An opportunity to showcase the work you do! WHO SHOULD ATTEND? Architects and Senior Developers who are interested in becoming an architect. ...
Cloud computing is the buzzword of the moment . It seems that applying the "cloud" label is a real desire for a lot of people out there in the marketplace. This of course leads to the arguments about whether the "cloud" label is appropriate or just marketing spin. Why on earth is Cloud Computing so appealing? I think there are a lot of factors. I'll outline a few of the main ones below … Trendy To a certain extent delivering a cloud solution suggests that organisations are on the cutting edge of ...
When I was working in VC++, it was relatively easy to include a win32 API function. All we did was include the header file and then made a call to a function like so: #include <Mailbox.h> CMailbox::MbxStatus CMailbox::iCreateMbx() { MbxStatus iStatus = mbxSuccess; switch ( m_iType ) { case mbxReceiver: case mbxBoth: // for receive type mailboxes we need to create a // space for the reception of data /* if ( m_hRecvMbx ) CloseHandle( m_hRecvMbx ); */ m_hRecvMbx = ::CreateMailslot( m_strInName, ...
I will explain how to develop a simple application in ASP.NET using a three-tier architecture. The presentation tier The business tier The data tier Concepts: The presentation tier contains the UI (User Interface) elements of the site, and includes all the logic that manages the interaction between the visitor and the client’s business. (ASP.NET Web Forms,Web User Controls,ASP.NET Master Pages) The business tier receives requests from the presentation tier and returns a result to the presentation ...
I noticed the following behavior during synchronization 1. I have a SSAS database with multiple cubes and shared dimensions 2. One of the cubes is not processed but some of it's shared dimensions are processed 3. When one of these shared dimensions are updated(or the unprocessed cube's non-shared dimensions are processed) and a sync happen with security setting IGNORE ALL, the destination cubes are corrupted. (i,e) when ever a sync tries to update an unprocessed cube's dimensions with securty setting ...
Have you ever tried signing up on a website and ended up chasing your tail. Here is one from one of the security experts. Recently I tried signing up at sophos.com. I filled out the biref request form and clicked the continue button. I then got the following screen Yea me! I then logged into my email account and did find the email (as promised by spohos) I clicked the link and got the webpage with the following message I was like...duhhh.."Already Activated?"....mmmm..maybe I needed some sleep, I ...
Join Visual WebGui's live session during Microsoft Techdays 2009 taking place on April 1st at 7:30am GMT The session: MBL305 Security is enterprise RIA show stopper will discuss the new web 2.0 AJAX, Silverlight and Flash development nature are rapidly puling developers to develop fat clients downloading the entire application to the client. Enterprises cannot live with the huge hidden security compromise they do when using such technologies and this fact becomes a major show stopper for creating ...
Last week I gave this workshop/presentation for the syntrawest ITClub on Data Access with ADO.NET 3.5. You can have get a printout of the slides here. Content of the presentation : LINQ as query language LINQ to SQL LINQ to Entities (=ADO.NET Entity Framework) ENTITY SQL ADO.NET DataServices ASP.NET Dynamic Data More workshops are planned : 26/05/09: Windows Communication Foundation (WCF) - A deep dive on Security 16/06/09: Windows Workflow Foundation (WF) - A deep dive on Workflow Services september/october ...
Maybe not the most "INTERESTING" topic for my first post, but I am sure it will help someone somewhere. I've had this problem several times, and it has always been hard to remember what to do, and the documentation around the web is not as helpful as it can be. I'm sure this has happened to many of us that work in an environment of mixed cultures. It is not uncommon to find installations with servers that have been configured with different languages. A typical example is a web server that was installed ...
I just ran across this error while using the Team Foundation Server Power Tools to import a work item template XML document into a TFS instance: Error 0x8013150A: An error relating to security occurred. So it’s a security issue, right? No. As it turns out, I had edited the XML file in Notepad and added values to a field definition with the ALLOWEDVALUES rule. In my over-zealous copy-and-paste efforts, I had added a few of the allowable values in more than one place: <FIELD reportable="dimension" ...
Asynchronous (or multi-threaded) applications are common place on the desktop and have been for decades. Without this ability, most of our favorite productivity tools would be non-existent. As soon as one moves off the desktop and onto the Internet, the standard changes to one that is highly, if not exclusively synchronous (or single-threaded). Of course, since Internet-based applications have historically served as simple content delivery mechanisms, the need for more robust, asynchronous-based ...
I was building a Silverlight 2.0 application for a Tricension client and determined that it was appropriate to utilize SSL to secure the site. In particular, to secure communications back-and-forth between the WCF services which were handling a lot of sensitive financial data. Although I had setup SSL on several sites before, I didn't realize how difficult it was to find a good reference on how to do this for WCF. After a very long day, thought I'd share how I got this to work. Of course, now that ...
I would like to try and better explain the Visual WebGui 'empty client' approach and how Visual WebGui runs applications on the server. Think of a bitmap based virtualization solution such as Citrix or Remote-desktop, even though highly optimized it is still transferring a picture; the client plays the minor part of showing a bitmap and replacing it when necessary. Now, the natural evolving paradigm would be having the client “understand” better in terms of UI yet having the application perform the ...
Interest to ADO.NET Data Services platform obviously is growing up among developers of web-services. It also confirmed when I receive e-mail letters with questions about different problems. As a rule these questions are reduced to serivce error after some actions, when serivce say about general error and not takes details. In this case services say that he stored information about error in logs. Whether familiarly to you the given message? I think yes, if you had time to try ADO.NET Data Services ...
By default comments are disabled on SharePoint blogs. Here’s how you enabled them: Go to your blog page and click the Manage Comments link under the Admin links. Expand the settings menu and select List Settings. Click on “Permissions for this List”. Click on the NT Authority\authenticated users. Now here’s the part I think is sort of screwy. Out of the box, you can grant people full, design, contribute, and read permissions. The closes that you’d want is contribute. However, this still gives your ...
The compiled help files (*.CHM) continued to irritate me with Page cannot be displayed. This never used to be problem for me in XP SP1. Seems this starts from XP SP2. Problem: When I open .chm files - it shows "Page cannot be displayed" on every page. This is on a Windows Server 2003 SP1 machine. I added certain extensions in the explorer --> Tools --> Folder Options --> File types with no luck. Solution: Its rather silly that I never right clicked on the .chm file and saw its properties. ...
By default IE7 does not allow the prompt() method to be executed. But you can enable this again. In IE go to the menubar, select "Extra", "Options". Take the tab page "Security". Click the customize button at the security zone part. Look for "Websites are allowed to use scripts to prompt for information" and enable it. (screenshot on Dutch Vista) Clikc "Ok" twice. Close your browser and open it again. The pompt() function should now work ...
How to Install and configure MS Office SharePoint Server 2007 in the Production and development Environment Welcome to setup SharePoint Environment and to read my eBook. This tutorial Book is for the administrator and also developer who are interested to build a stand-alone development environment to build SharePoint web application. I will show here step by step the complete installation procedure of MOSS and pre-requisites installation. I only attached the most important screen shots for installation ...
Download Sample Code The Problem Chances are that if you’ve done much Silverlight development you’ve worked with a few web services. In most cases, they are the primary channel for getting data in and out of your application. Fortunately, the Silverlight runtime has a scaled down implementation of the client-side WCF framework that allows us to perform most simple web service operations fairly easy. However, it is important to note that when I say the WCF stack is scaled down, I mean it is really ...
FileStream data type is a very important feature of SQL Server 2008 and gradually getting popular amongst developer for it’s feasibility. And in the past few days specially after “Configure SQL Server 2008 for File Stream” post. I received several feedbacks regarding the usage of FileStream with Ado.net and Frankly there is not much stuff available on Google for this topic. In this post, I will guide you to use FileStream Data type in Ado.net. But before we start make sure you have configure your ...
We are using InfoPath with SharePoint more and more in our organization. Anyone who has dealt with InfoPath knows there’s a lot of nice functionality there, but it can also be a pain to work with. I ran across a couple of issues I was finally able to resolve and wanted to spare you guys the same pain I went through. 1. Installing a Code Signing Certificate on an InfoPath form If you want to really take advantage of what InfoPath can do (get user information, pre-populate fields with external data, ...
Here's what's happening: Attendees: 428 Sessions: 73 Speakers: 49 Tracks: 15 Sessions: ASP.NET Make your Data Dance with ASP.NET Dynamic Databy Shawn Weisfeld + Show Description ASP.NET Dynamic Data is a framework that lets you create data-driven ASP.NET Web applications easily. It does this by automatically discovering data-model metadata at run time and deriving UI behavior from it. A scaffolding framework provides a functional Web site for viewing and editing data. You can easily customize the ...
In this post I’ll discuss, creation of a simple Customer Report, as and when it is time to introduce new concepts I will add more to this report. Creating a Reporting Project 1) Open Visual Studio 2) Click on File –> New –> Project –> <Select your preferred language C# or VB.NET> –> Dynamics –> Dynamics AX Reporting Project Note: You should have Reporting Extensions installed on your system. Reporting Extensions will install a Visual Studio plug-in which enables you to create ...
In this issue: Jobi Joy, Andy Beaulieu, Rishi, Nikhil Kothari, Pete Brown, Fredrik Normén, Tim Heuer, Kirupa Chinnathambi, Cameron Albert, Shawn Wildermuth, Jeff Wilcox, Terence Tsang, Andrej Tozon, and Somasegar. Shoutouts: First a big congratulations to Bill Reiss for becoming the very first official Silverlight MVP: I'm just speechless… What an honor to be the first Silverlight MVP Want a sneak peek into LOB apps by the guys on the product team? Tim Heuer gave this link: Silverlight Sneak Peek: ...
Disclaimer: I don't intend for this blog to be a giant Norton ad, but when the products I work on get released I am really proud of them and want to talk about them.Here is a great review of N360 v3.0. Prior to shipping Norton Internet Security 2009 HardwareGeeks were pretty Anti-Symantec. It's great to see that turning around. Kudos to all of my fellow engineers who are making this happen!I have worked extremely hard on the N360 product over the last 3 versions (mostly in backup) so i'm really happy ...
I know how these guys feel. I've been doing a lot of application compatibility work lately myself on Norton Online Family. It's really important that the software works well and interacts well with other Symantec software as well as other software including IM clients, web browsers, internet security suites, personal firewalls, etc. The interplay and intertwining of these applications can get really interesting when you start getting into API hooking and driver level code where IO requests are being ...
I have to admit that when I heard there was a keynote this morning, I was somewhat taken about. The very notion seems to be antithetical to the notion of Open Spaces. On the other hand, getting the chance to hear Ward Cunningham speak was well worth the "architectural purity" of the organizational principles. Intro (Alan Stevens) referred to Channel 9 video with Ward Cunningham being interviewed by Scoble WC: "the only thing I'm sure of is that [the future] will involve cloud computing" AboutUs.org ...
I ran into a really annoying scenario that took me a while to figure out (figure out = scour the net until I found the answer). I was getting this error because I was using the loopback address (127.0.0.1) in my hosts file for a website, where the name didn’t match the machine name. Microsoft implemented some security around this in IE8, which was blocking me from using my test SharePoint site. Anyway, I found the answer here: http://www.21apps.com/share... ...
[Source: http://geekswithblogs.net/E... We had an issue with one of our BizTalk estates with incoming messages being suspended if they were bigger than the large message threshold: A response message sent to adapter "WCF-BasicHttp" on Receive Location: "x" with URI:"y" is suspended. Error details: There was a failure executing the response(receive) pipeline: "z" Source: "Unknown " Send Port: "x" URI: "y" Reason: 0x8004d027 The error message wasn't particularly helpful but the reason code ...
Sometimes it is necessary to import data from Excel file and insert into SQL Server table or building an automated script for inserting data into SQL Server table or building an automated script for inserting data and save into another excel file to insert later. Today I will discuss all the possibilities to solve this kind of problems. You need to follow one or more than one steps of the following depending on your requirement. Step1: How to Import Data from Excel to SQL Server 2005 SQL Server OpenRowSet ...
As I travel around speaking at Code Camps and talking to DotNetNuke users, it amazes me as to what version of DotNetNuke they are running their web portal on. With DotNetNuke version 5 being the future of DotNetNuke, there are many installs that are still running on version 3 and early versions of 4. I took the time to review the documented issues of past versions from the DotNetNuke site and in the future I plan on directing people to that site so they can see why they should upgrade to more current ...
Integrating your project in the PUBLIC tree Introduction Have you ever wondered how you can integrate your code under the PUBLIC tree in Windows Embedded CE 6.0? This can be useful if you want to distribute code/components that are not part of a BSP. In this post I’ll explain how to create a folder/files structure to handle a couple of projects -a sample device driver and a sample application. This should give to the reader even a different insight into Windows CE build system. To perform the various ...
I finally got to cleaning up some my my piles of Information Week magazines. I actually kept a few good ones with some very interesting atricles as well as some funny one. I enjoy reading some of John Soat's articles like the one in issue "March 12, 2007" - "Thoughts On Dealing With Identity Theft", although it sounds funny, I agree with his points Drop the Social Security number. It wasn't intended as a personal identifier; Congress made that clear in 1936 when the system began. Now, everybody knows ...
I have a SSIS package that loads data from a Sharepoint List using s Sharepoint List Source component. When i run the package from V.S NET it works well and the data destination is to a sql table. But when i create a job for it and schedule it i get error: Failed to open package file "Package.dtsx" due to error 0x80070005 "Access is denied." I spent time looking at the history of the job and all i could see is that the job failed saying it was was invoked by me but i noticed its been executed by ...
Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.000... mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans... mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-... ...
The NYC Azure Cloud Computing Group meets again February 23, 2009 Microsoft, 1290 Avenue of the Americas, 6th floor, NYC, NY 6:00 - 8:00 pm http://www.clicktoattend.co... BE SURE TO REGISTER... Space fills up fast and Building Security Requires it. This month... Chris Rolon, Architectural Consultant Neudesic LLC will be presenting on... Azure Cloud Storage When trying to build services that are highly scalable, durable and always available, the storage of data is critical. In this session ...
Different Run Commands useful for time saving while using your computer. To invoke the Run box, hold down the Windows key and hit R (or from the Start Menu, choose "Run.") From there type any one of the keywords listed to launch an app: like calc for Calculator or clpbrd for the Clipboard Viewer or freecell for the card game. Program Run Command Accessibility Controls access.cpl Accessibility Wizard accwiz Add Hardware Wizard hdwwiz.cpl Add/Remove Programs appwiz.cpl Administrative Tools control ...
Article Source: http://geekswithblogs.net/m... I've been wanting to take a deeper look at the WCF LOB SDK for a while. I've read a few things about it, but you can't beat just getting stuck in and writing some code to figure out how it all works. My aims from this exercise were as follows: Start to get an understanding on how to write custom WCF Lob adapters Do something that has some relation to the real world and not just a hello world thing Identify how much further I ...
SAML thoughts by Ken - Federated Security Patterns with SAML (SSO vs. POLA) It was great presentation which I attended in FL code camp ...
I just received an email that there are 72 sessions for this code camp and registrations should break 700. Several years ago, I spoke at this code camp in Ft. Lauderdale, FL and the numbers were very impressive. I remember code camps being small and very intimate but the need for knowledge is there and many people come out for them in recent years. I look forward to seeing the co-authors for the new DotNetNuke version 5 book. Darrell Hardy, Ryan Morgan, and Stan Schultes will be presenting at the ...