Even though we (kinda) promised our wives we wouldn’t do it, David LeBlanc and I have just wrapped up another book, Writing Secure Code for Windows Vista. (ISBN: 9780735623934, ISBN-10: 0-7356-2393-7.)
It should be available around mid-April 2007.
It’s a short book, around 230pp, and covers many of the defenses we built into Windows Vista and explains how you can take advantage of them in your own software. I think everyone knows that security is as strong as the weakest link, and it’s critical that applications that run on Windows Vista be as secure as possible, and that means taking advantage of the defenses we offer.
It’ always a pleasure working with David and this is the fourth book we’ve written together. First, he’s a great writer and produces quality prose (most of the time!) on time (sometimes :) and high-quality code samples. Second, we counter-balance each other, David works in the Office team, so he’s a Windows consumer, and I work in the Windows division. This means David can see things I just don’t see because I’m so close to the product – after all, Windows components only run on one Windows version at a time, and Office typically runs on three different versions of Windows - I believe that both viewpoints are critical for readers of the book. He also catches most of the bugs in my code.
Here’s the table of contents.
Chapter 1 Code QualityChapter 2 User Account Control, Integrity Levels, and Tokens Chapter 3 Buffer Overrun Defenses Chapter 4 Taking Advantage of Network Security Features and Defenses Chapter 5 Creating Secure and Resilient Services Chapter 6 Taking Advantage of Internet Explorer Defenses Chapter 7 Cryptographic Changes in Windows Vista Chapter 8 Authentication and Authorization Chapter 9 Miscellaneous Defenses
I think most of the ToC is self-explanatory, except for the first and last chapters. The first one covers how we implemented the “Security Quality Gates” in Windows Vista to help catch security bugs early; in my opinion, and I think y’all agree, it’s most important to get the quality right rather than rely on a defense saving you. That’s why it’s the first chapter. The last chapter is a grab-bag of stuff that doesn’t fit well in other chapters, including: Adding Windows Parental Controls support to your application
Note, this book is not a replacement for Writing Secure Code 2nd Edition; the new book focuses solely on building applications that take advantage of Windows Vista defenses and does not dwell on secure design, threat modeling, testing or the myriad of coding best practices we covered in the earlier book.
We also did a lot of work to go deeper than just what’s documented in the SDK – we wrote code to make these features work, and show how you can use them. In many cases, we ran into previously unknown gotchas, and we explain how you can avoid the same problems. In the code samples we’re shipping with the book, you’ll find not just the usual snippets that show a minor detail, but a lot of code you can use yourself – including a complete Windows service that communicates securely with the desktop.
I believe we have written an important book, because for Windows Vista customers to be more secure, everything on top of the OS must be more secure too. Oh, and it’s code heavy and an easy and actionable read, too!