http://blogs.msdn.com/b/secureapps/Richard Lewis&#39; application security notes for the software designer, developer and testeren-USTelligent Evolution Platform Developer Build (Build: 5.6.50428.7875)http://blogs.msdn.com/b/secureapps/archive/2007/01/30/writing-to-registry-some-best-practices.aspx#10116435Mon, 17 Jan 2011 04:29:30 GMT91d46819-8472-40ad-a661-2c78acb4018c:10116435Rodolfo OP<p>I had an UnauthorizedAccessException when starting a WinForms application. I tried to start the application as an administrator but that didn&#39;t worked. I even added a App.manifest with requestedExecutionLevel as requireAdministrator or highestAvailable and when using Microsoft.Win32.Registry.CurrentUser.OpenSubKey( key, writeToKey ) the exception was thrown.</p> <p> The program wanted to read a HKLM (HKEY_LOCAL_MACHINE) key. I changed for HKEY_CURRENT_USER and now the aplication runs smotthly.</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=10116435" width="1" height="1">http://blogs.msdn.com/b/secureapps/archive/2007/01/25/code-signing.aspx#9928140Tue, 24 Nov 2009 18:18:47 GMT91d46819-8472-40ad-a661-2c78acb4018c:9928140Bernard Woods<p>This is the best artical I have read on using digtial signitures for sofware publishers- thank you</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=9928140" width="1" height="1">http://blogs.msdn.com/b/secureapps/archive/2007/04/13/2108343.aspx#9774888Thu, 18 Jun 2009 12:06:01 GMT91d46819-8472-40ad-a661-2c78acb4018c:9774888 Application Security each one teach one IIS 6 0 General | pool toys<p>PingBack from <a rel="nofollow" target="_new" href="http://pooltoysite.info/story.php?id=7107">http://pooltoysite.info/story.php?id=7107</a></p> <img src="http://blogs.msdn.com/aggbug.aspx?PostID=9774888" width="1" height="1">http://blogs.msdn.com/b/secureapps/archive/2007/04/13/2108343.aspx#9669666Sun, 31 May 2009 17:20:13 GMT91d46819-8472-40ad-a661-2c78acb4018c:9669666 Application Security each one teach one IIS 6 0 General | Outdoor Ceiling Fans<p>PingBack from <a rel="nofollow" target="_new" href="http://outdoorceilingfansite.info/story.php?id=1326">http://outdoorceilingfansite.info/story.php?id=1326</a></p> <img src="http://blogs.msdn.com/aggbug.aspx?PostID=9669666" width="1" height="1">http://blogs.msdn.com/b/secureapps/archive/2007/01/24/cryptography-cognizance-for-application-designers-and-developers.aspx#8898549Wed, 27 Aug 2008 02:44:00 GMT91d46819-8472-40ad-a661-2c78acb4018c:8898549eduardna<p>Hi, I am interested in reading this whitepaper if you have it available!</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=8898549" width="1" height="1">http://blogs.msdn.com/b/secureapps/archive/2007/01/25/code-signing.aspx#5938135Tue, 06 Nov 2007 18:33:49 GMT91d46819-8472-40ad-a661-2c78acb4018c:5938135KT<p>excellent..makes it very clear</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=5938135" width="1" height="1">http://blogs.msdn.com/b/secureapps/archive/2007/01/30/writing-to-registry-some-best-practices.aspx#5460014Mon, 15 Oct 2007 11:50:26 GMT91d46819-8472-40ad-a661-2c78acb4018c:5460014maltwhiskman<p>Can IE extensions get read only access to HKLM or HKCU?</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=5460014" width="1" height="1">http://blogs.msdn.com/b/secureapps/archive/2007/01/30/writing-to-registry-some-best-practices.aspx#4907954Fri, 14 Sep 2007 12:11:08 GMT91d46819-8472-40ad-a661-2c78acb4018c:4907954John Irvine<p>Writing to the registry in Vista... prob. The purpose of the HKLM is to store data to all users (Machine specific)? Yes this could be stored in an INI file but I thought the registry was the replacement of INI files. The actual problem is that the Install prog appears to be a user, not administrator. If this is right then, either the program needs administrative rights or you give user rights to the specific hive of a HKLM key say SOFTWARE/.... (No Way..) So the issue is in the install. The registry is a wonderfull way to store user specific and machine specific data, is Microsoft locking it down so only Windows has access?</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=4907954" width="1" height="1">http://blogs.msdn.com/b/secureapps/archive/2007/01/23/understanding-padding-in-symmetric-key-cryptography.aspx#3715760Fri, 06 Jul 2007 02:40:38 GMT91d46819-8472-40ad-a661-2c78acb4018c:3715760richardl<p>Not the encryption keys, but the plain text itself.</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=3715760" width="1" height="1">http://blogs.msdn.com/b/secureapps/archive/2007/01/23/understanding-padding-in-symmetric-key-cryptography.aspx#3710684Thu, 05 Jul 2007 22:07:33 GMT91d46819-8472-40ad-a661-2c78acb4018c:3710684Sagar<p>Are encryption keys padded at times? If yes, why and where is it used?</p> <div style="clear:both;"></div><img src="http://blogs.msdn.com/aggbug.aspx?PostID=3710684" width="1" height="1">