Archives / 2004 / May
  • Hacking the Code

    The other day I received my copy of Hacking the Code and so far I'm enjoying it quite a bit. On the cover it says, “ASP.NET Web Application Security” but let me tell you, the ideas and topics discussed go far beyond just ASP.NET and web applications. I just finished reading the first chapter, “Managing Users” which was about 50 pages and went very deep into implementing secure password schemes. I had heard some of the advice before but, also picked up a few things I hadn't thought about before, which is always good. I like coming away from reading security books aware of some new security issues I didn't know about before. So far, it seems like a book I would definitely recommend , in addition to Writing Secure Code, 2nd Edition to anyone interested in learning more about coding and security. I'd also recommend Dana Epp's Security Blog.

  • Database Naming Conventions, Part Deux

    A couple of weeks ago I posted about database naming conventions, asking if anyone knew of a good website or resource that detailed naming conventions for database objects. Since I didn't receive much feedback, I decided to strike out on my own in search of something. Even with help from Google, I found less than half a dozen “good” resources that discussed naming database objects. In each case, the convention seemed skewed towards SQL Server, Oracle, or some other database system. So, I decided to aggregate what I found and add some of my own opinions, to produce my own naming convention. I've come to the conclusion that there can't be a single naming convention that can be taken as pure gospel. There's just too many ways to come up with good names. Having said that, I think what I've come up with makes good logical sense and will raise very few problems, if any.

  • Awesome collection of Web UI Widgets

    I just received word today from Ed Boelzner that his collection of Web UI widgets are now available for purchase at his website, He's now made them available as ASP.NET controls that you can bind to XML data so you can drag n drop them from the toolbar. Trust me, they're very cool - you owe it to yourself to at least check them out if you're doing any kind of web application projects.