Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » Security   (RSS)

Solving Confusing Browser Security Prompts with Protocol-Relative Hyperlinks

If you’ve ever been in the situation where you’re visiting a site where some of the content is delivered via http, and some via https, you may have seen the following security dialog (this is the IE version, but Firefox has a similar dialog): It’s not Read More...
Posted Wednesday, November 04, 2009 9:04 AM by gduthie | 0 Comments

New Windows 7 Blog Series

Denny Boynton , a fellow Microsoft Evangelist, has started a new blog series on Windows 7 that looks interesting, starting with a post on locking down which apps can be installed on your PC : I’ve been running Windows 7 Beta on all of my machines, work Read More...
Posted Friday, February 20, 2009 3:18 PM by gduthie | 0 Comments

Managing SSL Transitions

While getting ready to roll out some new functionality for Community Megaphone , I decided to go ahead and add an SSL cert to the site to support SSL encryption of credentials used by event approvers and other site features. Although it had been almost Read More...
Posted Monday, February 16, 2009 9:03 AM by gduthie | 0 Comments

Don’t use Delete Links

So says Stephen Walther (who recently keynoted the Reston MSDN Developer Conference ). Why not use Delete links in an MVC app? I’ll let Stephen tell you : I created a sample ASP.NET MVC application that I plan to post at the http://www.ASP.net/mvc website. Read More...
Posted Friday, January 23, 2009 12:04 PM by gduthie | 0 Comments
Filed under: , ,

MSDN Event Resources

[bumped and updated] For folks who attended my MSDN Event yesterday in Reston, covering WPF, Windows Vista Security, and .NET 3.5 SP1, here’s where you can get the decks and some of the code from those talks ( I’m seeing if we can get the rest of the Read More...
Posted Friday, September 26, 2008 11:28 AM by gduthie | 0 Comments

Events this Week – September 22nd, 2008

Here are the events listed in Community Megaphone for the next week (or so) for the Mid-Atlantic area: Monday, September 22, 2008 7:00 PM: DC-MD-VA Microsoft Robotics Studio Group - MRDS Workshop 2. We all know there is some complexity using Microsoft Read More...
Posted Monday, September 22, 2008 2:45 PM by gduthie | 1 Comments

Events this Week – September 15th, 2008

Here are the events listed in Community Megaphone for the next week (or so) for the Mid-Atlantic area…note that the MSDN Events in Reston (9/16) and Richmond (9/18) are being presented by yours truly, as is the presentation on AJAX at the Charlottesville Read More...
Posted Monday, September 15, 2008 10:04 AM by gduthie | 1 Comments

Identity Blogger's Blog Hacked

Sounds like one of those stories with a predictable punchline. But there's a surprise and I won't spoil it: My blog was hacked over the weekend. ... ZDNet broke the news on Monday - I was awakened by PR people. The headline read, “Microsoft privacy guru’s Read More...
Posted Thursday, November 01, 2007 9:26 AM by gduthie | 0 Comments
Filed under:

Download the XSSDetect Public Beta

This is definitely one tool you should be trying if you're writing web apps with Visual Studio. Cross-site scripting bugs are one of the most frequent classes of security issues in web apps, and as such any tool that can help you identify and remove these Read More...
Posted Wednesday, October 24, 2007 3:16 PM by gduthie | 1 Comments
Filed under:

"A la Vista" : Windows Live ID Web Authentication and the ASP.NET Development Server

Catherine Heller has posted a very detailed how-to on implementing the new web-auth for Windows Live ID ...as soon as I have a little extra time, I'm going to play around with this, in case I need it for http://www.madcodecamp.com/ . Windows Live ID Web Read More...
Posted Thursday, August 30, 2007 9:08 AM by gduthie | 0 Comments

ars technica on Windows Live ID

Some interesting info on the what, how and why of the Windows Live ID SDK : Microsoft recently opened up its Windows Live ID service to third-party web developers. Windows Live ID—formerly known as Microsoft Passport—is a web-based authentication service Read More...
Posted Sunday, August 26, 2007 12:15 PM by gduthie | 0 Comments
Filed under: ,

Windows Live ID - Platform Neutral

I know there are probably some folks who roll their eyes when Microsoft uses the term "platform-neutral" : Windows Live ID Web Authentication 1.0 SDK Brief Description The Windows Live™ ID Web Authentication 1.0 software development kit (SDK) gives you Read More...
Posted Friday, August 17, 2007 9:04 AM by gduthie | 1 Comments

New version of Anti-XSS library for ASP.NET

There's an updated version of the Anti-XSS (cross-site scripting) library that I blogged about a while back. Check it out here: http://msdn2.microsoft.com/en-us/security/aa973814.aspx Read More...
Posted Friday, April 20, 2007 9:41 AM by gduthie | 0 Comments
Filed under: ,

Interesting Security Article

It only covers a six-month snapshot, but the conclusions run counter to popular wisdom: http://www.internetnews.com/security/article.php/3667201 Read More...
Posted Thursday, March 22, 2007 11:39 AM by gduthie | 0 Comments
Filed under:

P&P Security WIKI

Looking for developer security info? Check out the Patterns & Practices Security WIKI on Channel 9 . Read More...
Posted Tuesday, November 14, 2006 12:13 PM by gduthie | 0 Comments
Filed under:
More Posts Next page »
 
Page view tracker