May, 2004

  • .NET Security Blog

    Making Strings More Secure

    The standard System.String has never been a very secure solution for storing sensitive strings such as passwords or credit card numbers. Using a string for this purpose has numerous problems, including: It's not pinned, so the garbage collector can move...
  • .NET Security Blog

    Managed DPAPI Part I: ProtectedData

    Overview of DPAPI Although APIs such as CAPI and the .NET System.Security.Cryptography classes make using cryptography relatively easy, one of the hardest things to do when implementing a secure cryptographic system is key management. In order to help...
  • .NET Security Blog

    Managed DPAPI Part II: ProtectedMemory

    Last week (ok, really two weeks ago ....), I wrote about using DPAPI with Whidbey. (You can find that post here: Managed DPAPI Part I: ProtectedData ). In addition to the ProtectedData class, Whidbey will also expose DPAPI through the ProtectedMemory...
  • .NET Security Blog

    A .NET Developer's Guide to Windows Security

    Keith Brown has made avaiable an online version of his book, The .NET Developer's Guide to Windows Security . You can browse the book for free, with a slightly modified title: A .NET Developer's Guide to Windows Security . I haven't had time to look through...
  • .NET Security Blog

    Using the XSLT Transform with XML Signatures

    One of the transforms that ships with the .Net framework is the XmlDsigXsltTransform, which implements the XSLT transform specified in the W3C recommendation. A few people have asked me to write a bit on how to use this transform, so here's a brief explanation...
  • .NET Security Blog

    New Microsoft Crypto Newsgroup

    We've just launched a brand new newsgroup,, for questions and issues on all crypto related items (such as CAPI, CAPICOM, X509, etc). It was launched at about 11:00am this morning, so it may be some time before your news...
  • .NET Security Blog

    Programming Language Evolution and Text on Potato Chips

    I ran across Eric Levenez's Programming Language History page , its pretty fun to check out. He's got 50 programming languages starting from Fortran in 1954, going through PHP 4.36 in May 2004 plotted according to release dates and languages they evolved...
Page 1 of 1 (7 items)