Brian Johnson's Startup Developer Blog

May, 2004


    New Car, Virtual Shopping

    Last week I went out and bought a new car. It's our second car, so I didn't have a huge budget for the thing and I was pretty much sure I wanted to buy a Jeep Liberty. I also had it in my head that for the same price I might be able to pick up something really interesting like a Mustang. We shopped around a bit and to my dismay I discovered that I couldn't fit three kids into the back of the Mustang. So the woman showing us cars suggest a Ford Focus. I didn't think that sounded the least bit interesting, but I drove it around and it was fun. I didn't buy it but I decided to do a little research that night.

    What I found when researching the Focus was a really active online community; very helpful people and some great online forums. The Focus it seemed had a serious fan base. It didn't hurt to see pictures of Colin McRae driving the thing around either. So it's got a great fan base and it's a cool rally car, what's left? How about a few test drives on Project Gotham Racing 2 and RalliSport Challenge? Yes, it's definatly a fun car there too.

    So the next morning we headed to the Jeep dealer to buy the Liberty. At the very last second I decided to go back to the Ford dealership and buy the Focus. I mentioned to the people selling me the car that I did some test driving on the Xbox and they thought that sounded pretty cool, though I'm not sure they understood what I was talking about.

    The two big takeways for me in this were that community made a difference in my buying decision, and that having the car available in a video game gave me a chance to really play with the car before I bought it. After a week I'm really quite happy with my decision.


    What You Should Know About the Sasser Worm

    We're currently tracking the Sasser worm and we're posting updated information on as we get it. Check out the following page for information related to this worm:
    What You Should Know About the Sasser Worm
    Microsoft teams and law enforcement authorities are investigating reports of a worm, identified as W32.Sasser.worm, that is currently circulating on the Internet. Microsoft has verified that the worm exploits the Local Security Authority Subsystem Service (LSASS) issue fixed in Microsoft Security Update MS04-011 on April 13, 2004.
    We're linking to the TechNet page on the MSDN Developer Centers

    Visual C++ Team in the Cabana


    Members of the Visual C++ team are in Cabana 5/6 answering questions about Visual C++. Stop by if you're here at TechEd in San Diego and say hi.


    Windows XP Service Pack 2 Weblog

    Tony Goodhew has been publishing a Weblog about Windows XP Service Pack 2 that I wasn't aware of. Tony knows more about the changes that XPSP2 brings for developers than anybody else on the planet. So this is a must subscribe for developers who are tracking and keeping ahead of the changes that this service pack is going to bring:

    Tony Goodhew: Windows XP Service Pack 2
    My name is Tony Goodhew and I'm the Developer Division Product Manager for Windows XP Service Pack 2.

    What is Windows XP Service Pack 2?

    With Windows XP Service Pack 2 (SP2), Microsoft is introducing a set of security technologies that will help improve Windows XP-based computers' ability to withstand malicious attacks from viruses and worms. These technologies include:

    Network protection
    Memory protection
    Improved email security
    Safer browsing


    MSN Messenger IM Status


    Datagrid Girl says that MSN Messenger should have more IM status icons. I agree.  

    [Datagrid Girl]

    • Stewing (ask me why I am mad)
    • Thinking (go away unless you agree with my ideas)
    • Be nice to me (sad)
    • Playing (it's only Tetris, feel free to bug me)


    I would add…


    • Coding (If you’re going to bug me, this better be good.)
    • Starbucks (If you want me, call the cell.)
    • Hiding (I’m not answering your e-mail, so why do you think I want to talk to you?)

    WTL on SourceForge

    The Windows Template Library (WTL) is now available on SourceForge. If you're not familiar with this library, it extends ATL and it's great for building Windows applications. A couple of things to note about the WTL. It requires ATL, so you'll need to be running at least the standard version of Visual C++ to get that. Here's the link:
    Project: Windows Template Library (WTL)
    Windows Template Library (WTL) is a C++ library for developing Windows applications and UI components. It extends ATL (Active Template Library) and provides a set of classes for controls, dialogs, frame windows, GDI objects, and more.
    The Code Project has a great WTL Page that has tons of examples.

    You don't want to miss this...

    Jesper Johansson's latest column on TechNet. The title says it all:
    Help: I Got Hacked. Now What Do I Do?
    Let’s just say you did not install the patches like we discussed last month. Now you got hacked. What to do?
    After you read that, go back and look at Oh Patch How I Hate Thee; Let Me Count the Ways.

    Threat Modeling Tool Posted

    Yesterday, we posted Frank Swiderski's excellent Threat Modeling Tool. We've been using this internally to do threat models for several months and now the tool is out of beta and ready for the world. Frank's new book, Threat Modeling should be out soon.
    Threat Modeling Tool
    The Threat Modeling Tool allows users to create threat model documents for applications. It organizes relevant data points, such as entry points, assets, trust levels, data flow diagrams, threats, threat trees, and vulnerabilities into an easy-to-use tree-based view. The tool saves the document as XML, and will export to HTML and MHT using the included XSLTs, or a custom transform supplied by the user.

    If you're new to threat modeling, check out the Threat Modeling Chapter from Improving Web Application Security: Threats and Countermeasures. You'll also want to check out Chatper 4 of Writing Secure Code, Second Edition. Mike has a post on this as well.

    Antivirus Defense-in-Depth

    Yesterday, Microsoft Solutions for Security published a guide dealing with viruses and malware. This is good stuff. Check it out here:
    The Antivirus Defense-in-Depth Guide
    Microsoft Solutions for Security: The Antivirus Defense-in-Depth Guide provides an easy to understand overview of the assorted types of malware, their risks, characteristics, means of replication and payloads. The solution also details the considerations for implementing a comprehensive antivirus defense for your network, servers and clients which goes beyond simply installing antivirus software into the related tools which will help reduce your risk of infection.
    Just what I was looking for, some good weekend reading for the flight to TechEd in San Diego. :)

    MSN Messenger Xbox Live Alerts

    This was a great surprise to find when I got back from TechEd. You can now sign up for Xbox live alerts that get sent to your MSN Messenger account as a popup, or to your cell phone if you so choose, when you're not logged in. This is absolutely awesome because my buddies spend a lot of time on PC's and relatively little time on Xbox Live. Using alerts, I can try to track them down to whatever Counter-Strike game they're in and have a little fun.
    MSN Messenger and Xbox Live Alerts
    Imagine being able to get a game invite on your cell phone, as well as news about new games and downloads. How about being able to get the latest Xbox news and see which of your friends are signed into Xbox Live right in your MSN Messenger? It’s not a dream, it’s real, and it’s happening right now.
    Of course, you might need to be a little careful with these capabilities. If your boss is one of your buddies, it's easy for them to keep track of your Xbox Live usage. We have an internal Xbox discussion where somebody mentioned that a couple of his friends were logging in between 3:00 and 3:30 in the afternoon. I pointed out that I have a couple of boys who hit the Xbox first thing after school.
Page 1 of 3 (22 items) 123