Tag | Surface Posts

Recently I decided to check out the beta version of Agile Web Development with Rails book, which is targeted to be released this fall. It is very interesting that the authors also brought agility into book writing. It allows readers to provide feedback to new material during the development of the book. I am also glad to see that the migration part of the framework has become a big part of the book, even having a separate chapter dedicated to it. It uses migration instead of DDL in the entire demo ...
So I've heard some rumour that this is one of Citrix's next project ideas? On the surface of it, it makes good sense because it will also cause (by default) the very integration between the various product lines that exist today after the recent acquasitions, not to mention that it will also provide a potential revenue stream to help fund this integration. I'd imagine that if it gains traction, both internally and with customers feedback, then the more successful it is then this will be the start ...
Just spotted in Engadget, as a Sailor I really do appreciate the idea that you can add a real "Safety Net" to your keys - mind you I wonder how that Remote Central-locking key fob is going to come out? No, not key as in keyboard, but rather as in, "Dude, where's my (bump) keys?" or more accurately, "Holy crap, I just dropped my keys into the ocean." Fear not, because for the low price of $7 you can now buy a new keychain fob that promises to save your keychain from maritime disaster. When your keys ...
Did you know that there's no grid-like control in WPF 1.0? This post will show you how to get around that limitation. But first, may I say that the recently-released Orcas September CTP bits offers a great improvement at design-time when writing WPF applications. Instead of those three clunky tabs for .xaml, [Designer], and .xaml.cs that we had back in the June CTP, you now get the first glimpse of Microsoft's new cool “Split” view, which will become a part of ASP.NET in the Orcas timeframe! Very ...
RSSBus beta 2 was announced this week. If you are interested in RSS, and leveraging RSS to create your own feeds - you have got to check this out. Download here. Creating feeds is just scratching the surface of what RSSBus can do. IMO, the coolest thing is mixing and pipelining feeds and operations, and then pushing item data out as a new feed or in any other format like HTML, iCal, text, etc. I personally suggest checking out the script and template demos that come installed with RSSBus first - ...
SQL Server 2000 Performance Tuning Tools original article: http://www.sqlteam.com/item... This article comes to us from Brad McGehee at www.sql-server-performance.... SQL Server 2000 includes several tools you may find useful when performance tuning your SQL Server applications. Query Analyzer Profiler Index Wizard Performance Monitor SQL Server 2000 Query Analyzer for developing and debugging Transact-SQL code for performance tuning Transact-SQL code. Show Execution Plan Whenever you ...
In my opinion the last two versions of Visual WebGui including this one shows why it's a killer environment. When building super complex apps comes to dragging three components to a design surface and writing a few lines of code to bind them together this sounds like a RAD product. But Visual WebGui does not assume what you want to do. It just takes care of the “how” and leaves you only with the “what”. You see I have recently learned that modeless dialogs in IE are working ...
I suppose cracks are an occupational hazard. Sooner or later someone is going to crack your software. It is just a fact of life. There's actually no way to prevent it. Some protection methods are better than others but the best hackers will always find a way round them. There's a limit to how much time should be spent on beefing up protection that can never be 100% secure anyway. But cracks can be dangerous. Many contain viruses or Trojans. The hacker will insert malicious code and the cracked software ...
Here's a project for those of you who dislike functionality love iPods want a Zune, but are cursed with PocketPC ownership. You can convert your Pocket PC into an iPod a Zune in just a few simple steps. I am going to walk you through it. Introduction: Convenience, mobility, and function. Nice, but unnecessary. You know, there are times when you just don't need bluetooth. There are times when you don't need wifi. There are times when you don't need a phone. After all, these features are really just ...
Thought some of you might liek to check this out. Great info from the Microsoft Team. Security Development Lifecycle – Best Practices Leadership and Education · Get management and executive buy in and spread awareness. · All developers, testers and project/program managers must train for security and SDL. · Threat modeling training should be incorporated in security training. Product inception · Identify the team that will be responsible for tracking and managing ...
Thought some of you might like to check this out. Great info from the Microsoft Team. Security Development Lifecycle - Overview The goals of Security Development Lifecycle (SDL) is to reduce the number of security related design and coding defects and to minimize the severity of defects that are undetected. SDL mainly focuses on first two elements of Secure by Design, Secure by Default, Secure by Deployment + Communication Process1 ( SD3+C) . SDL is software methodology agnostic. SDL enhances the ...
From the Microsoft TechNet Security newsletter! For more detail on each item, read the full post here from an article by Sean Deuby. The enlightening tidbits below are my own two cents … 1. Document What You Have – you will forget it or leave the company!2. Control Your Administration – a solid foundation makes everything more secure.3. Limit the Number of Administrators – the fewer the chefs the better the dish.4. Test Group Policy Settings – it does what you wanted ...
Reader J.Pickens replied to yesteday's post on Are Hybrids Really Green?, with some followup items for debate. I think I shall indulge him! ... the comment that solar cells being "just near the point of breakeven" has been claimed for at least the last thirty years. I'm sorry, but photovoltaic electric power generation just isn't the answer. I personally was a member of a team which produced the first thin film photovoltaic cells able to get greater than 10% energy conversion in large area cells. ...
Two decades ago as a young teenager I was intrigued when I dropped a single M&M into a 2 liter of Sprite and saw it quickly overflow. After some brief thought, I figured the CO2 previously dissolved into the soda was being rapidly displaced by the sugar on the coating of the M&M, since sugar is much preferred to go into solution in water compared with CO2. These guys at eepybird.com are taking that same soda experiment to a new level, creating a small-scale Bellagio fountain. And they seem to think ...
More: BizTalk 2006 R2 - RFID Support The Microsoft RFID Infrastructure Services in BizTalk 2006 R2 provide device abstraction and manageability to RFID-based solutions. An integrated engine for rich data filtering, enrichment, and transformation allows for sophisticated applications for different automation scenarios. Application developers can also integrate with advance technologies such the as the Business Rules Engine, Windows Workflow Foundation, and Windows Communication Framework to create ...
Developers will create Windows Forms applications much like they do Visual Basic-based forms today (although with Windows Forms, they get the same level of productivity in all of the languages in Visual Studio, not just Visual Basic). In the following image, you can see that a design surface is used to visually lay out the form with rich controls. To edit source code, developers simply double-click a control and the source editor will appear, enabling quick access to the full event model for the ...
In previous posts, I talked about designing your classes with security in mind. Designing assemblies is no different when it comes to keeping security in mind at all times. Today I will cover what things to keep in mind when designing secure assemblies. The basic points we will be covering today with regards to assembly security is: * Who is the target for the assembly * Identify Potentially Sensitive Code * Identify the Resources Needed * Explore Trust Levels * Abstract or Sandbox Highly Privileged ...
The ACE Team at Microsoft has released Microsoft Threat Analysis & Modeling v2.0 RC1 this week. Talhah Mir and his team have done a great job with this product. The new features include the following: New Tutorials Auto-generation of use cases Threats sortable by attributes Import Component definitions from Visual Studio Team System for Software Architects (VSTA) SDM Deployment Report Export Countermeasures and Test Cases as Work Items for Team Foundation Server (TFS) Improved Graph and Attack ...
In previous days I have talked about other ways to make your application secure. All of these lessons come down to a basic set of points: 1. Never trust user input 2. Use least privileged accounts What SQL Injection Is Today we will cover SQL injection, what it means and how to protect against this attack. SQL injection is a security vulnerability in an application that calls the database with SQL with unescaped characters which can lead to malicious data manipulation. This can be even more dangerous ...
As secure developers, we must take into account our class designs. We need to reduce the attack surface available to potential to attackers. We can do this by limiting inheritance, and limit users or groups or even code that can call the secure code. Today we will concentrate on five major topics: * Limit class or member visibility * Seal non-base classes * Restrict callers of your code * Restrict inheritance with keys * Limit the set modifier on properties Limit class or member visitbility When ...
If you're developing WinForm applications, generally at some point in the project you develop an Exception Dialog box that provides a user friendly interface for error messages. Usually, it's a generic box that displays parts of the exception stack and perhaps a way to log or allow users to initiate some other action such as proceeding, ignoring, or even reporting the error. Usually the solution hooks in as the Application or AppDomain unhandled exception handler at startup. Thing is, I don't see ...
Today we finished our 4th web cast, and we topped 1000 attendees for the series so far. Another stellar performance by Dan Sellers. Boelow are some questions I captured. The recording will be available at http://msdn.microsoft.com/c... tomorrow. Question: What is SSB? Answer: SQL Sever Service Broker Question: Can any user execute as another user? Answer: No, if they are not a sysadmin they need to be granted impersonation on the user who they are executing as Question: HOw ...
So last couple of days I spent at a client playing around with WSE 2.0 SP3 and getting it to work with X 509 Certificates for signing. On the surface it looks simple. Why on earth has Microsoft not put out any samples anywhere. I found some really old stuff that was based on the beta product on Scott Woodgates blog and it really did not cut it as the product itself has changed a lot since beta. I will be uploading some samples of the code that I used to finally get this to work. I also have a question ...
Verify your User Agent string detection detects Internet Explorer 7 per the procedure outlined on the Internet Explorer blog. Check your website for the use of CSS hacks that may have been turned off in Internet Explorer 7 per the procedure outlined on the Internet Explorer blog. Verify that transparent images on your website are rendered correctly?alpha transparency PNG is now supported in Internet Explorer 7. Verify that your website hasn't been adversely affected by IE7 Security changes: a. SSL ...
The ListView control has a flicker issue. The problem appears to be that the control's Update overload is improperly implemented such that it acts like a Refresh. An Update should cause the control to redraw only its invalid regions whereas a Refresh redraws the control’s entire client area. So if you were to change, say, the background color of one item in the list then only that particular item should need to be repainted. Unfortunately, the ListView control seems to be of a different opinion ...
In application I write actually there is a requirement that end-user should have ability to change the UI look. My strange-user can design ui elements on each form and user control in the application. He also 'needs' to add new controls to the UI. Let's not discuss sense of the requirement as I don't like it anyway. I didn't implement the feature yet but I found in the MSDN Magazine an artcile about hosting VS designers in .NET application (The Perfect Host: Create And Host Custom Designers With ...
A quick tour to Visual Studio 2005 IDE. Start Page – is the first page that you will see when you pull up VS2005 for the first time. If you close the start page, you can reactive it by View->Start Page. Views in the Document window – VS2005 offers two views of a page. Design and Source. Source view is the default view in VS2005. By using options dialog you can change the default view visual studio uses when a page is opend for the first time. Choose Tools -> Options and navigate to the ...
Almost two years ago, I posted the answers to a private trivia challenge I was involved in. In the interim, the US Navy has intentionally sunk the ex-USS AMERICA (Hull #66). That ship was subject to a series of real-world tests you rarely get to do -- survivability of a modern aircraft carrier when hit with modern weapons. The details and results are classified, but in the end the ex-AMERICA slipped quietly beneath the surface having survived the weapons, but not the scuttling charges. Another carrier ...
Thanks to Michel at ThinComputing.net This paper written by Randy Perry of IDC sponsored by Wyse on the return on investment (ROI) of Thin Computing (Server Based Computing) environments: "Latest research from IDC, the leading global technology analyst firm, reveals that enterprises adopting thin computing achieve an average Return on Investment of 421% and pay back the cost in less than 11 months once their thin client solution is deployed. Thin computing also releases IT staff from the time-consuming ...
Had this question posed from a friend in my last London post: What do you think of AJAX? Do you know of security concerns? Since you asked... Security concerns with AJAXAJAX is a very straightforward way to increase the dynamic feel of any site. But we're talking about Javascript calling almost directly into server-side code, so there are some big security concerns to be worried about with this architecture. What was once one door into the server, a URL to retrieve the web page, is now accompanied ...
I got this error immediately after installing VS2005 & SQL Server 2005 Express and trying to establish my first connection using the new server - not a good start at all - and by the looks of it, it's happened to many hundreds, if not thousands, of others too. Generally this error occurs if you cannot connect to the SQL server - as the message says (no sh*t). However, what's not obvious is why... First suggestion is to make sure that you specifiy the instance name as well as the server name (christ ...
Supremes shun RIM - again The US Supreme Court has rejected Research in Motion's latest request that it weigh in on the Blackberry maker's battle with US intellectual property holding company NTP. The Court this week said it would not review the US Court of Appeals' August 2005 verdict that RIM had indeed infringed NTP's patents and which sent the case back to the District Court where RIM now faces the prospect of being told to stop offering its service to US users. More at TheRegister.co.uk So does ...
Here's a project for those of you who dislike functionality love iPods, but are cursed with PocketPC ownership. You can convert your Pocket PC into an iPod in just a few simple steps. I am going to walk you through it. Introduction: Convenience, mobility, and function. Nice, but unnecessary. You know, there are times when you just don't need bluetooth. There are times when you don't need wifi. There are times when you don't need a phone. After all, these features are really just the lazy-mans alternative ...
To quote Microsoft: The Microsoft Visual Studio Code Name “Orcas” Community Technology Preview - Development Tools for WinFX® (CTP) provides developers with support for building WinFX applications using the final released version of Visual Studio 2005. This support includes XAML Intellisense support through schema extensions for the editor, project templates for the Windows Presentation Foundation (formerly code named “Avalon”) and the Windows Communication Foundation (formerly code named “Indigo”), ...
I can't remember why it came up again today, but I was reminded of an article Brian Madden did back at the start of the year (also based on Thomas's earlier comments on what *should* be added to WI) on Security regarding the use of the "robots.txt" in an NFuse / Web Interface installations. Now just a quick review of these google searches:"MetaFrame Presentation Server Login", was 70, now 241"MetaFrame XP Login", was 300, now 335"/MetaFrame/default/login", was ??, now 133 So on the surface of it, ...
Back in high school, while many were playing Dungeons and Dragons, I was playing a series of games put out by Palladium Books . I spent much time with friends plaing TMNT and Robotech. But the most beloved RPG from Palladium was RIfts. Rifts melded technology and modern weapons with magic and the arcane, all dumped into a future post-apocalyptic setting. There was a big war, all the nukes exploding caused lines of magic called ley-lines to surface which opened doors to other dimensions, which were ...
ASP.NET Collapsible Draggable Panel Server Control - The collapsible panel extends the WebControl and it provides: A designer where users can place other controls inside (using the default ReadWriteControlDesigner), the collapsible panel can be nested and the panel is draggable. Building Client/Server applications with VB.NET for secure private file sharing - In this article, a simple client/server solution is presented for secure private file sharing. The security is provided through a symmetric ...
Today I decided that I was going to attempt an install of the Team Foundation server beta 3 refresh. I decided, as always. to start with a fresh VPC image running Windows 2003 server. I followed the instal guide for a single server deployment. The guide really was good for me and I followed it word for word hoping that if I did so all would go well. I also decided that I was going to install the RTM of SQL Developer Edition instead of the Enterprise or Standard. All went well until I ran the Team ...
Update: My presenations are now up on the NJ Code Camp Site. I don't really think the Power Point does the presentation justice, but it's there. Thanks to the many talented and wonderful people that attended NJ Code Camp 2005 this Saturday. This was my first time presenting at a Code Camp and the experience exceeded my every expectation. I came away with a lot of new ideas and I'm really excited to continue working with the NJ developer community. A special thanks to Rob Jackson (Microsoft), Scott ...
Well this is interesting, and on the surface of it, it would certainly appear that Citrix is working their relationship with MS pretty hard? It will be interesting to see what other *rabbits* get pulled out of the hat this week? I wonder how much of this is Citrix or MS developed technology? 10/10/2005 » Today at its 8th annual business and technology conference, Citrix iForum™ Global 2005, Citrix President and CEO Mark Templeton announced a major technology development initiative, codenamed ...
As you venture into this aspect of development, you will likely use 1 of 2 assemblies to provide you access to Active Directory (AD) or other directory services providers (DSP's). Microsoft's System.DirectoryServices is the most fundamental - providing core LDAP (lightweight directory access protocol) access to AD and its schema/components. The other is Microsoft's Active Directory Services Interface assembly (ADSI) - the ActiveDs.DLL - which is not so documented but provides a hoard of features ...
A report came out today from Symantec (by way of CNET) that says Mozilla browsers are more vulnerable than IE. I'm not here to say they're right or wrong (I think the web browser is the most obvious attack surface for internet-based attackers, and no popular web browser will ever be 100% secure). However, ZDNet just published a response from Mozilla's Tristan Nitot in which Nitot completely missed the point of the article. Symantec used data from the first half of 2005 to demonstrate that because ...
Another interesting day. Have installed Acrylic, and now need to start playing with it. Picked up the VS2005-RC1 (which seems to have a version of SQL server on it, which is good since I use both), which is going onto my laptop this weekend. Also got to log on, to register for beta of Office 12 once it comes out. Finally had some time to have a good walk arround the sponsers, and have a chat with some of the Microsoft people about a couple of issues. The main being one which I found recently, but ...
Just left the Keynote for today. And I’ve finally found something at this PDC that I’m really excited about. Yes, Monad is a great shell. Expression looks fantastic, and I hope that the designer types will love it. Office 12 is the office system we’ve been waiting for since 2000. Windows Vista is very flashy, but while flash is pretty it doesn’t help me do my job (I know there’s a lot in Vista other than just flash). And, of course, I want Visual Studio 2005. But I’ve ...
There is a new update available for the Citrix Access Gateway Also be aware that the Admin Interface does change significantly from 4.0 to 4.1, it would appear on the surface of it that 4.1 was a bit "buggy" so it might be a better idea to try the 4.1.2, although as usual, your mileage may vary ;-)) http://support.citrix.com/k... orhttp://support.citrix.com... Resolved in this Hotfix 1. Cached LDAP user group information was not ...
after about a 16 hour straight coding session, the Tagging control rolls out in its spiffy new suit. It has the same tagging functionality with one key difference. the whole thing is dhtml/ajax.net now. javascript functions on the front and c# on the backend methods. its so cool. well worth the effort i put into it. the more i work with dhtml/ajax.net the more entranced i become with it. I have had my share of difficulties with the model though. The ClientID issue has nailed me a few times. finding ...
My degree is in Aerospace Engineering, so I have followed aviation even as I drove ships around the ocean for a living. I am concerned when planes lose major chunks in flight. AVweb has a story on the Latest Airbus Missing Rudder involving Air Transat, a Canadian charter airline, Airbus A310. The Mail & Guardian story is here and an interesting blog analysis here. Update 1: France Issues Emergency Airworthiness Directive On Airbus Rudders Update 2: US inspections are now required, but Reuters ...
I gave a presentation to the .NET Developers Group in Central Ohio tonight on Visual Studio Tools for Office 2005. It went pretty well, except for two rude<jk> people in the audience (not mentioning any names...uh...Dave Donaldson and Brian Prince). They let me know exactly when I said something very stupid, which actually happens quite often. Tonight it is was me telling people that I had 500mb (instead of 512mb or 1/2gig) of memory in my computer and that someone “more smarter” ...
Swirls in the SouthPossible 'Islands' on a Dark PlainWater Ice and Methane Springs on TitanMosaic of River Channel and Ridge Area on TitanCassini's View of Titan Landing Site (Labeled)Cassini's View of Titan Landing Site (Unlabeled)Rings Around the PoleZooming In on EnceladusLanding with a SplatFirst 'Best-Guess' View of Huygens Landing SiteBattered Icy MimasTitan DescentRhea and Her CratersComposite of Titan's Surface Seen During DescentFirst Color View of Titan's SurfaceTitan's Varied Terrain Click ...
PASADENA, Calif. (Reuters) - The European-built space probe Huygens entered the atmosphere of Saturn's largest moon, Titan, on Friday, sending back indications it was alive and well and leaving scientists eager for its first research data. The Saturn orbiter Cassini, which acted as the relay station for Huygens, sent signals back showing that it had finished its acquisitions from Huygens and had turned toward Earth to begin transmission of a likely three hours of data. Huygens began its two-hour ...