Tuesday, November 30, 2004

Reading Blogs

Offlate, I've been reading blogs, and to be frank.
t'waz a bit weird to notice that important stuffs get-into blogs, and sit happy there !!!! Often, when to google on some terms, hits rate would be less for blogs, (Dan Appleman, Eric, Don Box) and to be frank, would miss some of the importants musings out there in blogs !!!!

Would that be fair enough to prioritize blogs and then regular stuff while reading ???

happy blogging !!!

Friday, November 26, 2004

How to build Secure applications - Introduction (Excerpts from a security bulletin)

"Gartner analyst John Pescatore estimates that 75% of attacks against Web servers are entering through applications and not at the network level. And, adds Pescatore, when a company makes even subtle changes on its Web sites and applications, new vulnerabilities can arise."

Web applications are insecure for three main reasons:

1. There is always a requirement. Hence, web-site code is frequently up-dated with new features and enhancements. Every new line of code has the potential to introduce new security weaknesses. No matter how insignificant a new feature may seem, its important that, potential impact on security must be considered.

2. Traditional security solutions, such as firewalls and secure socket layer (SSL), do not protect a Web site from being compromised. A firewall is used to separate the outside world from a protected network. A firewall has no idea what visitors are doing once they are past the gate and on the inside. The firewall cannot determine whether a visitor is buying a CD or stealing credit-card numbers. SSL is a misunderstood security measure. It normally serves two functions: The first is to determine if the server being connected to is what it claims to be and not some imposter in the middle; the second is making sure the information the Web site is given (credit-card numbers, Social Security numbers, etc.) is not stolen in transit. However, SSL has no control over how secure the Web site actually is or how it safeguards that data.

3. Automated security-testing tools only solve half the problem. For the average corporate network, there is a collection of familiar hardware and software installations. There are firewalls, Windows machines, Linux boxes, SQL servers, print servers and a handful of other garden-variety devices. With minor configuration changes, these products fulfill the basic needs of almost every company.

Wednesday, November 17, 2004

Top 5 reasons to choose whidbey

1. More feature rich CLR - More efficient garbage collection, on-the-fly rendering
2. Introducing Generics - Generics are like C++ templates. Allow more managed structures, with single/custom datatypes.
3. Introducing Partial Class - Partial class allow to have more control over code as well as design. (HTML versus .cs/.vb)
4. On-the-fly compilation - VB like edit and continue
5. More key-words and resources - C# 2.0 is out with more key words and resources for happy programming !!!!

New blog at last !!!

Being tech-geek, has always been challenge, maintaining status-quo on latest trends and techniques. This blog initiative is one such. I keep posting (I have resolved to do at-least once a week), and always open on the responses to my blogs.

Blogs shall be having interesting links to articles, some new articles by me, and some reproduced articles. Under the hood, i would keep straight the stick of knowledge, and inform about the knowledge i have gained after all these programming skills !!!

My prime interest is .NET and its programming flavours.

Keep visting !!!