Application Security - each one, teach one

Lesser known feature of SSL validation overrides in .NET

During setup of an SSL connection, the client validates the server's digital certificate. This is done automatically when the HttpWebRequest class is used with the https protocol. Now, consider the following scenarios: Custom Security Lesser-than-normal Read More...

by richardl | 0 Comments

Providing entry points for handling errors in VC++ 2005

The previous version of the C runtime had many flaws in its design. For example, the functions in the older C runtime performed poor or no validation to detect overwriting memory locations. Also, there was no easy way of validating input parameters such Read More...

by richardl | 0 Comments

My first assignment at Microsoft

I recently completed my first security assignment at Microsoft. The customer needed specific guidance in the use of CryptoAPI. Please visit this link for details. Read More...

by richardl | 0 Comments