January, 2005

  • .NET Security Blog

    Generating Larger Keys with SN

    • 13 Comments
    A while back, I wrote about using the StrongNameKeyGenEx API to generate keys to sign assemblies with. That API lets you pass in a dwKeySize parameter to specify the number of bits to generate in the key. If you're calling the API from your own code,...
  • .NET Security Blog

    Removing Permissions From FullTrust

    • 6 Comments
    Executing the following code: PermissionSet ps = new PermissionSet(PermissionState.Unrestricted); Console.WriteLine("Before Removing Permissions:"); Console.WriteLine(ps.ToXml().ToString()); ps.RemovePermission( typeof (RegistryPermission)); Console.WriteLine...
  • .NET Security Blog

    Running IE with SAFER

    • 6 Comments
    Michael Howard recently did a two part series on MSDN about browsing the web and reading email safely as an Administrator ( part 1 | part 2 ). Today he's got a Quick Start posted on his blog to get IE setup to run with SAFER. Personally, I prefer the...
  • .NET Security Blog

    What Happens When You Sign With A Larger Key

    • 5 Comments
    In response to last Friday's post about creating a key that's longer than 1024 bits, Nicole wondered if anyone had tried doing this, and what the results might be. I just created a 16,384 bit key on beta 1 of the framework (confirming Eugene's time estimate...
  • .NET Security Blog

    Finding the Raw Strong Name Signature

    • 5 Comments
    Wow ... there's been lots of interest in signatures lately :-) In response to my last post about reserving a larger section of the PE file for the signature when you create a signature with a larger key, William wants to know if you can extract the actual...
  • .NET Security Blog

    A Few Observations about Raw Signatures

    • 3 Comments
    Finishing up this week's strong name theme, here's a few observations to make about the raw signatures that we figured out how to dump on Wednesday : You can figure out the size of the key used to sign an assembly based upon the size of the signature...
  • .NET Security Blog

    How to link to an ActiveX Control from a Strongly Named Assembly

    • 3 Comments
    Windows Forms has a feature that allows you to use an ActiveX control on your managed form. All you have to do is add the control to your toolbox, and VS takes care of the rest behind the scenes. But this feature has a bit of a problem when it comes to...
  • .NET Security Blog

    ClickOnce vs MSI on MSDN

    • 2 Comments
    The Smart Client Developer Center on MSDN is running an overview of ClickOnce and comparing it to MSI . One of the areas where ClickOnce comes out on top is security sandboxing (or permission elevation, depending on how you look at it). Looking closely...
  • .NET Security Blog

    Mike Stall on Finding the Real Exception Call stack

    • 1 Comments
    Mike's got an interesting piece up today about using WinDbg to find the actual call stack of an unmanaged (or managed for that matter) exception . It's this kind of power debugging technique that makes WinDbg my all time favorite debugger.
  • .NET Security Blog

    Shri Starts Blogging

    • 0 Comments
    Shri started up a blog today , joining David as members of the JIT team on MSDN blogs. His first post is on how the x86 JIT implements a tail call ... and why its not as fast as it could be. Now that Shri has a blog, the percentage of people in my hallway...
Page 1 of 1 (10 items)