June, 2004

  • .NET Security Blog

    Checking For A Valid Strong Name Signature

    • 9 Comments
    Recently a question came up from someone who was trying to have a plugin architecture for their application, but wanted to do some checks before loading a plugin. Specifically, they wanted to ensure that the plugin was signed with a specific public key...
  • .NET Security Blog

    Running Processes as a Different User

    • 14 Comments
    Before Whidbey, if you wanted to run code as a different user, you needed to use impersonation. There was no easy solution for starting a new process and having it run with a different user's credentaials. Probably the best solution in v1.0 and 1.1 of...
  • .NET Security Blog

    Calli is not Verifiable

    • 3 Comments
    This entry probably doesn't pertain to very many people, but I got bit by this the other day, and thought I'd at least document it to prevent some future google user from having the same problem. In the ECMA CLI specification, the calli instruction...
  • .NET Security Blog

    What's in a Name

    • 0 Comments
    With the beta 1 release of Whidbey, you'll start to see that many of the ClickOnce APIs require an application name. This application name isn't a simple name, like “Microsoft Word” or “HelloWorld”. Instead it is made up of three...
  • .NET Security Blog

    WinDbg 6.3.17 Released

    • 3 Comments
    The debugging team has just released the Debugging Tools for Windows version 6.3.17. There are several new improvements in this release, the most obvious of which is the new UI enhancements which allows you to dock windows, window tabs, and tear window...
  • .NET Security Blog

    Managed StrongName API

    • 5 Comments
    About a week ago, I wrote about verifying strong name signatures from managed code . There are also several other strong name APIs exposed to unmanged code that don't have any managed equivilent, so I thought it might be a good idea to turn that post...
  • .NET Security Blog

    What's the Deal with the ECMA Key?

    • 3 Comments
    The libraries laid out in the ECMA spec are all signed with a public key that looks pretty strange. If you ildasm mscorlib.dll, System.dll, or any of the other framework libraries that are defined in the ECMA specs (see partition IV: Library if you're...
  • .NET Security Blog

    Managed Strong Names: Verification and the msn.exe tool

    • 1 Comments
    (Updated 12/03/2004 to point to refactored code .. see that article for a more accurate description of the current structure of the project) I've posted the first bit of code for the managed strong name implementation . So far, it only does strong name...
  • .NET Security Blog

    Chat with the Crypto API Team

    • 3 Comments
    The CAPI team that delivers the Microsoft Cryptography SDK (the unmanaged crypto API, not System.Security.Crytpography), will be having an online chat where they'll answer questions about using Crypto API. They'll also take suggestions for changes to...
  • .NET Security Blog

    Whidbey Beta 1 Ships

    • 7 Comments
    Well, we've finally released beta 1 of .NET 2.0 and Visual Studio 2005 . In adition to the beta 1 release, we've also announced Express SKUs for Visual C++, Visual Basic, Visual C#, Visual J#, and SQL Server (as well as a web developer express SKU). The...
  • .NET Security Blog

    A Code Snippet Before The Weekend

    • 2 Comments
    Just a quick post for today. I needed to use the LPPROCESS_INFORMATION C type from managed code today, so I poped over to PInvoke.net to see if there was any information on it. There was a definition for PROCESS_INFORMATION , but nothing on LPPROCESS_INFORMATION...
Page 1 of 1 (11 items)