Browse by Tags - Systems, architecture and engineering solutions! - Site Home - MSDN Blogs

Systems, architecture and engineering solutions!

This site will do in depth analysis of subjects such as service oriented architecture, software engineering and technologies such as Exchange and Sharepoint.

Browse by Tags

Tagged Content List
  • Blog Post: 10 Questions to ask when Outsourcing to Azure

      Top ten questions Which process, application and information can be moved to the cloud to gain efficiency and cost benefits while satisfying the organization's security and compliance requirements? How can the organization be harmed if systems, applications, services or information are accessed...
  • Blog Post: List of four Kinect Security items

    For a device that should be all about games, people are sure thinking up ways to use the Kinect for things like medicine and security.  With security you might want to take a look at the following URLs: In home paranoia: Kinect Long Term Privacy Issues Daunting? A cover for your Kinect: Address...
  • Blog Post: Pretty as a Picture Password, is it secure, really? How do you know? How can anyone know?

    There are few things in life that are just freaking awesome!  Having baby like the Egan’s just have (I guess), getting a degree in Computer Science, Engineering, Math or Science.  A little further down the list is logging into your computer using a picture!  This does mean that you will...
  • Blog Post: 5 top links: Security in Windows 8

    Wow, Security in Windows 8 is going to move the needle. Here are 5 of the links I Protecting you from malware Protecting your digital identity Signing in with a picture password Optimizing picture password security (Keep your screen clean if you use this one!) http://code.msdn.microsoft...
  • Blog Post: 5 Links for Securing Silverlight

    When my page views are extremely positive, it is time to discuss security, why? Because security is always a way to drive the numbers down.  Let’s face it, no one wants to face the world of security or the discipline.  Tell a potential “partner” that you do software security and it is likely...
  • Blog Post: Free NSA Guidance for Addressing Malicious Code Risk and vocabulary list

    Yep, that’s NSA as in National Security Agency, and you don’t have to burn it after reading!  This is a great way to get up to speed on code risks.  Zoom over to GUIDANCE FOR ADDRESSING MALICIOUS CODE RISK (you tell it is serious because it is all caps) So act now for this publication paid...
  • Blog Post: OS Command Injection

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') See this previous blog for this subject: Software insecurity: Insecure Interaction Between Components So what is an “OS Command Injection”? (From: The software constructs all or part...
  • Blog Post: Software Insecurity: SQL Injection code example

    Code example of a bad example: SQL Injection using C# Code Snippet string userName = connection.getAuthenticatedUserName(); string query = "SELECT * FROM items WHERE owner = '" + userName + "' AND item = '" + ItemName.Text + "'" ; sda = new SqlDataAdapter...
  • Blog Post: Software Insecurity: Risky Resource Management

    The weaknesses in this category are related to ways in which software does not properly manage the creation, usage, transfer, or destruction of important system resources. CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-22 Improper Limitation of a Pathname to a Restricted...
  • Blog Post: Software insecurity: Insecure Interaction Between Components

    The top 6 software insecurities, with links. CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-79 Improper Neutralization of Input During Web Page Generation...
  • Blog Post: Costa Concordia: Mathematical Model of the Submarine

    Hopefully the Costa Concordia won’t become a submarine, but the only ready control system design document that I could find easily was from MIT. Multivariable control system design for a submarine The copy isn’t printable since the document was generated in 1976, here is the diagram...
  • Blog Post: Browser security: Chrome has the most security vulnerabilities

    Well, I did my occasional checking up on browser security over the past three months with the various browsers. Graphs and a better post can be seen at Jerry Nixon's blog, leave nice comments there, bad comments here. :) http://jerrytech.blogspot.com/2011/10/browser-security-vulnerabilities.html...
Page 1 of 1 (12 items)