.NET Security Blog

With the beta 1 release of Whidbey, you'll start to see that many of the ClickOnce APIs require an application name. This application name isn't a simple name, like “Microsoft Word” or “HelloWorld”. Instead it is made up of three...

Well, we've finally released beta 1 of .NET 2.0 and Visual Studio 2005 . In adition to the beta 1 release, we've also announced Express SKUs for Visual C++, Visual Basic, Visual C#, Visual J#, and SQL Server (as well as a web developer express SKU). The...

Just a quick post for today. I needed to use the LPPROCESS_INFORMATION C type from managed code today, so I poped over to PInvoke.net to see if there was any information on it. There was a definition for PROCESS_INFORMATION , but nothing on LPPROCESS_INFORMATION...

(Updated 12/03/2004 to point to refactored code .. see that article for a more accurate description of the current structure of the project) I've posted the first bit of code for the managed strong name implementation . So far, it only does strong name...

About a week ago, I wrote about verifying strong name signatures from managed code . There are also several other strong name APIs exposed to unmanged code that don't have any managed equivilent, so I thought it might be a good idea to turn that post...

The CAPI team that delivers the Microsoft Cryptography SDK (the unmanaged crypto API, not System.Security.Crytpography), will be having an online chat where they'll answer questions about using Crypto API. They'll also take suggestions for changes to...

This entry probably doesn't pertain to very many people, but I got bit by this the other day, and thought I'd at least document it to prevent some future google user from having the same problem. In the ECMA CLI specification, the calli instruction...

The libraries laid out in the ECMA spec are all signed with a public key that looks pretty strange. If you ildasm mscorlib.dll, System.dll, or any of the other framework libraries that are defined in the ECMA specs (see partition IV: Library if you're...

Recently a question came up from someone who was trying to have a plugin architecture for their application, but wanted to do some checks before loading a plugin. Specifically, they wanted to ensure that the plugin was signed with a specific public key...

The debugging team has just released the Debugging Tools for Windows version 6.3.17. There are several new improvements in this release, the most obvious of which is the new UI enhancements which allows you to dock windows, window tabs, and tear window...

Before Whidbey, if you wanted to run code as a different user, you needed to use impersonation. There was no easy solution for starting a new process and having it run with a different user's credentaials. Probably the best solution in v1.0 and 1.1 of...