Tag | Security Posts

Seems to me I once heard that too much of a good thing can be bad. Does that apply when considering how much connectivity can be achieved on your phone? VISA is apparently trying to get apps that allow for all sort of transactions to be performed on the Android-based phones. This seems like a security nightmare waiting to happen.... Read more here ...
I was recently asked by a client to test whether a WCF based service could be implemented behind ISA Server (2006) whilst using netTcpBinding . I knew nothing about configuring ISA Server, so I worked in this with an ISA Server SME within my company on this. We set up 3 virtual servers : one client, one running ISA Server and one hosting the WCF service. I configured the client to be able to use wsHttpBinding and netTcpBinding just for comparison. The security mode was explictly set to "none" for ...
The last half of this year is being completely focused on cloud computing. Microsoft is focusing a lot of attention in this space and are focusing on setting up development centers around the world to assist customers in hosting logic and data centrally in the cloud to make use of for your global applications. It really is the next step in expansion of the Internet and is something that will be greatly adopted by organizations all over the world. There are some tricky areas that still have to be ...
We cleared Montana and ~ 70 miles of Idaho (way up there at the top). Marc did get a speeding ticket in Idaho 4 miles from the WA border. We both had to give up our ID’s for a check. it is 8:51 EDT (5:51 Seattle Time). I can only deive~ 100 mi at a time at this point. We have been on the road almost 52 hours. It’s not that I'm really tired but my eyes glaze over, especially in the dark. Had a little incident getting gas a few minutes ago. American Express decided to trigger a security alert so i ...
I can describe my feeling of mgration from TFS 2005 to TFS 2008 in one word-NIGHTMARE. Summary of recommendations. 1.Create combined TFS 2008+SP1 setup as described in http://www.woodwardweb.com/... and in the latest Team Foundation Installation Guide 2. Read Team Foundation Installation Guide ,Upgrade TFS 2005 to 2008 , Tips for upgrading from TFS2005 to TFS2008 3. If you are using fully-qualified domain names (FQDN, e.g., tfsserver.mycompany.com) , replace the FQDN with NetBios ...
I was using VPC 2007 on Windows Vista Ultimate 32 bit for the first time last week. I was creating some user documentation for my new job. I noticed that even with sharing turned on for my C Drive I could not save any files from the VPC to my C Drive. I heard there was really no Vista and VPC 2007 support, so I decided to start experimenting as per usual (don't try this at home I have broken more VPC's than anyone within the SharePoint Community I bet). So I found this Public area on the C Drive ...
Article Source: http://geekswithblogs.net/m... Following a recent post about the different approaches to caching you might consider when implementing reference data mapping in BizTalk one of the things that stands out most was that the solutions where a team had used a caching approach often resulted in them not using the BizTalk Cross Referencing features. As I've mentioned many times I prefer to use this unless there is good cause not to (there are reasons where you might not want ...
What a glorious little library from some sharp guys. We've been able to use the Framework 3.5 for back end processing, but have about 4,000 tablet PCs in the field infrequently connected by the most anachronistic, bandwith-challenged 56k modem, proprietary dial up hell you can imagine. Of course, these machines aren't allowed on the internet at all by the lockdown imposed by the security gestapo..their only connectivity is the sluggish modem. No matter how I break down the framework 3.5 silent install, ...
I found a great series of on demand webcasts on the MSDN website. It took me a while to track down the full series but here are the links: MSDN Webcast: Windows Communication Foundation Top to Bottom (Part 01 of 15): Overview (Level 100) MSDN Webcast: Windows Communication Foundation Top to Bottom (Part 02 of 15): Contracts (Level 200) MSDN Webcast: Windows Communication Foundation Top to Bottom (Part 03 of 15): Contract Versioning (Level 200) MSDN Webcast: Windows Communication Foundation Top to ...
Last week I delivered a 5 day course on WCF/WF and Bizalk (http://www.ordina.be/SOA) About 25 students where introduced to the world of SOA with Microsoft technologies. Thanks to all of them, I had a great time ! Hope you enjoyed it. Many asked me for links to resources on WCF. Here's a compilation of the best : Dasblonde Webcast series : http://www.dasblonde.net/20... Microsoft Nuggets by Mike Taulty : http://www.microsoft.com/uk... ...
Website: http://www.nhmn.com/Courses... Class Overview This three-day, instructor-led course provides students with the knowledge and skills to write MDX expressions, calculations and queries for Microsoft SQL Server 2005 Analysis Services in order to implement the most demanding requirements for a Business Intelligence project. This course was written by Chris Webb, a mentor with Solid Quality Learning. He is a specialist in Analysis Services and MDX, is a co-author of the ...
week3 - Making SharePoint Work for You Start Date: 17 September 2008, Wednesday Start Time: 09:00 AM End Date: End Time: 11:00 AM Location: Maple Grove Community Center - Banquet Room Payment: Free Join Joel Baglien & Jason McKinney from High Monkey Consulting for this month's Week3 topic. Based on requests from attendees at previous Week3 sessions, we are presenting a hands-on demonstration to show how any organization can improve information availability, productivity and processes, and communication ...
Productivity Tip Series from Murray Gordon, Architect Evangelist at Microsoft. Recently lots of folks have been asking me how I expose my calendar to folks on the Internet. So I thought I would give everyone a little how to. First you need to open outlook. Then go to to the calendar view Click the calendar you are trying to share In this case it's just "Calendar" Then you should click "Share My Calendar…" This is how you share your calendar with someone you work with. This is NOT how you share your ...
Article Source: http://geekswithblogs.net/m... I've recently been reviewing some BizTalk setups for various reasons. These include: Is the setup correct Performance analysis and issues General troubleshooting I thought it would be useful for me and others who might want to look at doing a review of a BizTalk setup to make some notes on some of the activities you might want to do. Comparing Servers I've come across a couple of instances previously when servers had been setup incorrectly ...
PeoplePC is a great service for those who can not afford a broadband connection, or for those where broadband is currently not available. I recently discovered a PeoplePC security threat that really should not even exist. The PeoplePC software was built on Python 2.4. Great development language for seasoned devs. who are not quite yet ready for the big change. This is how this security leak can affect your data: Access to credit card information Access to home address (exposure to stalkers and criminals, ...
"Good morning everybody, you're tuned to Computers 2K8 on sports radio 850 The Buzz" and so began today's show as we do every Sunday morning from 8am - 10am here in Raleigh, NC. You can download the show from the show's website or you can listen do us live as we stream the show across the web. Here a few of the topics discussed on this week's show... Need Money For College? We had Ben Kaplan, a leading expert on college scholarships, admissions, financial aid, etc., on the show as a call-in interview ...
Event Name: Week3 - Making SharePoint Work for You Date: September 17, 2009 Time: 9-11 AM Location: Maple Grove Community Center Click here to register <registration includes a location map link> Join Joel Baglien & Jason McKinney from High Monkey Consulting for this month's Week3 topic. Based on requests from attendees at previous Week3 sessions, we are presenting a hands-on demonstration to show how any organization can improve information availability, productivity and processes, and ...
I have been monitoring the site www.x-tensive.com for a while, waiting to see the new release of DataObjects.NET because i have been looking for a very good ORM for .NET, something that would be better than ADO.NET Entity Framework and better than Developer Express XPO and better than CSLA by Rockford Lhotka. One of the main problems i found by using stored procedures (used by Lhotka) as part of the architecture is that they are very limited in the number of parameters they can take. Especially in ...
It’s been almost an year, The "Houston Tech Fest" came again! Contrary to last year, this year there are several Non-Microsoft tracks added to the event. Overall there are 1) 3 .NET tracks 2) 3 Java tracks 3) 2 General tracks 4) a special Silverlight track 5) 1 Security track 6) Alt.net track If you are nearby Houston, this is one of the cool event to attend to know your community. Register now, if you haven't so far! Looking at the agenda, you can see SOGETI presenting in every time slot 11:30 AM ...
My company recently had a number of offshore contractors leave the company, to a direct competitor, possibly taking a decent amount of source code with them. This has caused the company leadership to be very scared about IP protection, and have asked me to investigate improving the security of our code. Unfortunately I am of the belief that trying to protect code, from programmers is pretty much impossible, since the whole point is for the programmers to read/write the code. however, for the sake ...
Recently I was asked to describe what is understood by Software + Services. To make a big story short, I hereby summarize the key facts about this concept. Not a deep dive article for the hard core developers amongst us, but more a short, kind of elevator-story, summary on the executive level. Software + Services is the combination of running software at the enterprise (also called on-premises software) and using services (with functionality or for data-storage) that are published on the internet ...
Stages of Grief and SharePoint Development I have been teaching SharePoint 2007 (WSS and MOSS) Development courses for over a year now! Both the excellent Ted Pattison materials and the (getting better) Microsoft Official Cirriculum courses surrounding SharePoint. The development model for SharePoint customizations using Visual Studio is.... How can we say? "non optimal". We are coding web pages inside of a class library project. That's right. Just sit back and think about that for a minute or two ...
With the RNC rapidly approaching, Minneapolis cops have gone nuts. So far there have been at least two reported incidents with cops jumping out of vans and seizing photographers and equipment, but not actually arresting them in at least one case. Regardless of the ethical issues its not a matter of principal at this point. It's a matter of not getting your ass kicked over something stupid while everyone gets accused of being a would be terrorist. No need to turn a simple trespassing charge into a ...
Blogging so that I can find these again when I have time to watch them...:) Ø Introduction to Microsoft Dynamics CRM, Susan Sauls Ø Intro to SQL Server Data Services, Soumitra Sengupta Ø The Spy Who Hacked Me! , Alex Smolen, Rudolph Araujo Ø How Microsoft SQL Server Helps You to Lower Your Cost of Storage, Torsten Grabs Ø Microsoft System Centre Virtual Machine Manager 2008: Overview, Edwin Yeun Ø A Hackers Diary: How I Can Hack Your Vulnerable Services and How You Can Stop Me, Marcus Murray Ø Advances ...
Live Mesh seems like a simple thing, perhaps that is the point? But what 'Mesh offers me is of great personal value in that it gives me is a little part of my day back and one less complication in my life. So what is so great about it? Well I can work on documents, blog posts, spreadsheets, any file, from work or working from home, seamlessly without having to transport them via USB key or emailing them to a home or work account and run the gauntlet of quotas and cumbersome filters. Live Mesh is ...
\I keep forgetting how to do this so I'm blogging it to help me remember. Back in the days of WSS v2 and SPS 2003, one could use some handy URL parameter passing to edit web pages and browse for or search web parts. My three favorite parameters for WSS v2 and SPS2003 were: To Correct or Remove Misbehaving Web Parts http://server/default.aspx?... To Open the Page in Web Part Design Mode http://server/default.aspx?... To Open the Search Web Part Zone http://server/default.aspx?... ...
http://www.infoq.com/news/2... In the past, one could not run managed code from network shares due to security reasons. That feature was introduced in .NET from the beginning to prevent security attacks coming from network locations. The feature did not resolve the respective security threats because unmanaged code always was allowed to run in such a circumstance. A pool organized by Brad Adams, Program Manager at Microsoft, shows that many people would like to have ...
Ok, so here’s the situation: Application calls a web service over SSL. Here’s the question: Do you use WSE to perform authorization, or do you roll your own auth mechanism (i.e. send a GUID down and pass it back and forth with the server managing the GUID list?) I looked at the WSE samples from MSDN, and it just looked like way too much overhead for a message that is going to travel point to point and compared to how simple it would be to create, send, and manage a GUID list on the server for authentication…all ...
I never learned to type properly. To me, a keyboard always was a straightforward tool I used everyday, without questioning my proficiency at it. I'm starting to realize that my typing technique is far below par. I started looking around me recently. I noticed some developers in the team who were able to watch the screen while typing. Some of them were amazingly fast typers. This made me realize something very basic: I can't type. I always look at my keyboard while typing.Then I look up to check what ...
One my colleague got a new PC and had a problem opening file using simple code(just from MSDN example ): FileInfo fi1 = new FileInfo(relativePath); if (!fi1.Exists) .... It showed that file doesn't exist. We've tried also File.Exists(relativePath), changed the path to absolule- the same result- file is visible in Windows Explorer, but doesn't exist in code. Note that directory was shown in debugger as existing. We've created(using Windows Explorer) a new Text file, named "test.txt" and tried to open ...
Beijing 2008 Olympic has started with a magnificent opening ceremony. All the doubt about the aggressive construction projects suddenly disappear like Beijing’s smog. An article ‘(Projects) Made In China’ by Janet Carmosky and Bill Lonergan on March 13, 2008 describes how the projects were managed by Chinese project managers. They also state that the leaders of China’s major projects are “the world’s most intuitive managers.” Chinese are definitely falling behind westerns at scientific management. ...
It is important to note that the adaptability of interfaces is only one facet that dynamic systems must deal with. Wherever possible I wish to illustrate the use of functional programming in the web domain. In this domain, expressions that involve mirrors of HTML and XML elements are the key constituents. Microsoft has confirmed that socket support and a rich control set will be added in a future release of Silverlight. Software reverse engineering is done to retrieve the source code of a program ...
I've seen a lot of developers clueless when it comes to UAC in Vista. The whole point to UAC is give your application the minimum amount of privileges required for it to run. If you wrote your application, you should have a pretty good idea of what system resources your application needs to access. The solution here is not to require your users to "turn off UAC", or to set your application to run in compatibility mode. This is the biggest reason UAC has gotten such a bad reputation.. its our fault! ...
Small Business Server MN User Group August 12th Meeting Registration link: http://www.digitalconcourse... Location: Microsoft Office In Bloomington Date: Tuesday, August 12, 2008 Time: 5:00 - 9:00 P.M. Topics and Presenters: SYNNEX and HP Frank Gross from SYNNEX Corporation will share the benefits of doing business with the 3rd largest IT distributor in the nation. Established in 1980, SYNNEX is a Fortune 350 company offering computer systems, ...
I was commissioned recently on making a Product Key system for a shrink wrap piece of software. And my first thought was: there must be some sort of best practice or pattern language for this. I mean, many people sell shrink wrap software every day, and inventing the procedure each time is just to costly and error probe. Turns out, I was wrong. There is no pattern or best practice for product keys (at least none that I could find in the internet, forums or books). It makes sense, though, for several ...
One of my colleagues tried to work with a new database from DevServer and got an error "Login failed for user". We checked everything related to security and permissions, but it didn't help. After a while we recognize that there was spelling mistake in the name of the database in connection string. In this case "Login failed for user" error actually meant "database name is invalid" Why it wasn't shown as a reason in plain English? Other possible reason for the errors are described in multiple articles, ...
I've tried Use Cases and seen them not work. The main reason? They are really heavy handed and developers hate updating them. Customers don't even want to see them. A manager telling me to update the use cases or the functional spec is akin in my mind to someone I don't know telling me to take my medicine. I am one of those annoying developers who is going to ask, "Why am I doing this?" And bad news, if you don't have a good answer, I am going to look at you cross-eyed. Developers in general (especially ...
Biding one GridView with Different tables from the database based on user selection By: Vincent Maverick Durano This article demonstrates on how are we going to bind a GridView with different data from different tables based from the selection in the RadioButonList.. In-order to achieve this functionality then we need to dynamically generates a boundfield columns because the GridView will have different datafields to display. Also note that Im using the Northwind database here just for demo. STEP ...
“Zermatt” is the codename of a .NET framework that helps developers build claims-aware applications to address challenging application security requirements using a simplified application access model. It is currently in beta, and the first final version is expected towards the end of this year. This framework consists of a comprehensive set of libraries that facilitate the use of "claims" in applications - in Microsoft's words: make them "claims-aware". This greatly simplifies the development of ...
Considerations of Using Excel Data Sources in SSIS 2005 & Designing a Secure SQL Server 2008 Solution Date: August 19, 2008 Time: 4:30 PM - 7:30 PM Visit www.mnssug.org to register Topic One: Considerations of Using Excel Data Sources in SSIS 2005 Speaker: Mark Vaillancourt, Digineer When connecting to Excel, SSIS uses the Jet provider, which expects an Access database by default. Since Excel is not a database, nor does it tend to act like one, particularly with respect to data type consistency ...
I started doing these a few years ago for Tech·Ed (2008 and 2007) and received a lot of good feedback so I decided to continue the series for PDC as well. Session Types This year PDC is offering a slightly different mix of session types with what they are calling “UnSessions”. The bottom line is that UnSessions are everything that isn’t an official breakout session. If you’re still a bit confused, keep reading to see the differences. There may be some other session types once the schedule has been ...
Solving Business Problems in MDX http://www.nhmn.com/Courses... November 10-12 Location: New Horizons of MN (www.nhmn.com) based in Edina MN Class Overview This three-day, instructor-led course provides students with the knowledge and skills to write MDX expressions, calculations and queries for Microsoft SQL Server 2005 Analysis Services in order to implement the most demanding requirements for a Business Intelligence project. This course was written by Chris Webb, a mentor ...
Vmware currently is going through the wars. A change of CEO, a plunging share-price and a competitor getting alot of attention with their new product, that being Microsoft with Hyper-V. However, I just don't get it!? ESX Enterprise is still out in front in terms of features and pricing is very competitive. Any organisation performing their own unbiased product comparison evaluations is going to be hard pushed to discount Vmware's flagship product. The killer feature for many is ofcourse Vmotion that ...
To the readers of Vitamin CH: Larry Pond sits behind some very good friends of mine at Phoenix Mercury games. Over the last week, I have gotten the joy of attending two games thanks to those same friends. Now, I love the Mercury. They are a great team and they work well together. I also love women’s sports of all kinds. But, I don’t like when women’s sports teams are put at a disadvantage because of a problem outside of their control. Right now, the officiating in the WNBA is causing disadvantages ...
I've been listening to the StackOverflow podcasts recently—not as polished as some. Still, I enjoy the content. During episode #12, Jeff complained about the lack of specific criticism. My main point of disagreement is with his need to re-invent the wheel. Specifically, when he said he wanted to rewrite the login functionality for the stackoverflow site. I'm a pretty selective developer and I like to find places where I can refactor code to the point of removing as many lines as possible. But, I ...
"Good morning everybody, you're tuned to Computers 2K8 on sports radio 850 The Buzz" and so began today's show as we do every Sunday morning from 8am - 10am here in Raleigh, NC. You can download the show from the show's website or you can listen do us live as we stream the show across the web. Here a few of the topics discussed on this week's show... Survey: More than 10,000 laptops lost each week at airports! Holy cow! 10,000 a week??? This is what a story on Computerworld reported on June 30th. ...
Michael Washington on SL Security, Jesse LIberty on Styles & Templates, Koen Zwikstra on Tweening, Pete Brown on sizing SL, Peter Bromberg Part III of Data, and Tim Heuer on SL and S3. Nothing obvious to do with Silverlight, but this looks to be a great FREE eBook by Karl Seguin. Exceptionally well-done considering it's being given away, thanks Karl! Jesse Liberty has adjusted his Live From Redmond schedule... take note and take part! Updated 7/7/2008 to correct the spelling on Koen Zwikstra's ...
New Release of "The Bloggers Guide to BizTalk V1.9" is on codeplex site. You are all aware of the Bloggers Guide V1.8 was released on June 2006 with 39 contributers, 357 articles. After 2 years Alan Smith Released "The Bloggers Guide to BizTalk V1.9" on June 19th, 2008. In this release 39 contirbuters contributed 429 articles. Information: Unblocking CHM File to View Content When you download the CHM file, you may notice that none of the pages are visible. This is due to the security restrictions ...
Starting in mid July, Microsoft will be selling Office by subscription. Including Office will be a security software program called Live One Care. The costs will be $70 a year. Even though Google has free web based programs that compete with Office, many students and teachers still prefer to use Office. This announcement is a win win and you can purchase the product at Circuit City. Technorati Tags: Office,Microsoft,Circuit City ...
I have decided to start a blog, I plan on posting solutions & tips for other developers to use in all things .NET and also post any other interesting facts and activities that I feel would be of importance to others. I also hope that readers of this blog may be able to help with providing answers to my questions too. Anyway, I am currently working on 2 projects over on Code Plex (there is a 3rd in the pipeline-that uses these 2 libraries): www.codeplex.com/DotNetLibrary The Dot Net Library contains ...