June 2004 - Posts
As Chris Pels blogs:
For those of you in downtown Boston there is a new Downtown Boston .NET user group starting up that will be holding its first meeting this Thursday 7/1/204 at 5 p.m. Details can be found here. Sam Gentile whom many of you here in the Boston area know is organizing this new group. We, the Boston .NET User Group, which meets out at the MSFT Waltham, MA office, will be working with the new Downtown Boston .NET user group to enhance the .NET community here in the Boston area. I will be attending their first meeting this Thursday and look forward to seeing you there if you can make it.
I plan to be there as well at this very important and historic event.
I finally received my copy of Threat Modeling today! Can't wait to read it ...
Thumbing through, there is a mixture of theory and practical examples (a couple of very good case studies).
Update: The Threat Modeling Tool at MSDN has been updated. Get it here: http://www.microsoft.com/downloads/details.aspx?FamilyID=62830f95-0e61-4f87-88a6-e7c663444ac1&displaylang=en
Finally, finally, finally (in the words of Clemens):
FABRIQ 1.0.4173.4 (http://workspaces.gotdotnet.com/fabriq) has been released!
As Clemens describes it:
FABRIQ is an optimized architecture for fast, one-way, message processing within network-distributed nodes consisting of sequences of dynamically composed primitive processing steps. This isn't even trying to get anywhere near the guidance aspirations of Shadowfax, or let alone all the guidance we're getting from the Indigo team ...
I am looking forward to playing with this over the weekend ...
As mentioned by Michael Howard:
Kevin Lam, David LeBlanc, & Ben Smith have released a new book, “Assessing Network Security” from MSPress. To quote Ben in an email he sent, “The book is primarily aimed at security professionals new to penetration testing and IT professionals and IT managers new to security, although all security professionals will likely benefit from the book.”
That's great that new resources are coming out on pen testing.
If you are new to the subject, here are a few links to get you started:
Penetration Testing Guide
Penetration Testing for Web Applications (Parts One and Two)
I just received my pre-ordered (through Amazon) Code Complete: Second Edition
book. This is another one of those “must have” books that helps the new programmer (as well as the seasoned mentor) understand and apply the best practices for software development. This one has been updated with code examples using C++, Java, and VB. This was one of those books I started reading when my career began, so I am looking forward to reading it again, and gaining fresh perspectives. Check out the web site
associated with the book.
Dave Burke has posted some great notes about the sessions he attended at DevTeach 2004 in Montreal:
He posts these references for himself as well as notes that might help others get the gist of the sessions. Thanks, Dave!
Tim Ewald, famous for the best COM+ book in the world, and now doing an excellent job with XML and WebServices and the MSDN re-organization, as well as being a first-time father (congratulations!), is blogging again (RSS) at Pluralsight. Subscribed!
Dana expresses my thoughts exactly!
Well now... Michael reports that he got his hands on a copy of Frank Swiderski and Window Snyder's Threat Modeling recently. Anyone else able to get it? Amazon isn't showing it available yet.
I have been waiting for this book for some time. Come on amazon... take my money!!!!!
I also have this book pre-ordered through Amazon. Any day now ... waiting, waiting, waiting ....
A few days ago, I noticed Christian Weyer posted information about the a new project created for Web Services (WS-*) plumbers that he, John Bristowe and the Interop Warriors have put together: Plumbwork Orange on the GotDotNet workspaces. I have also joined the effort, partly to follow the progress, but also to learn and contribute as well. I noticed there is some preliminary work done on WS-ReliableMessaging, in which I am particularly interested. I also like that John has been working on WS-Eventing, which is particularly needed.
Update: John writes about the latest updates:
Kapil Sachdeva is making some good progress on a WS-Federation implementation for the Plumbwork Orange workspace on GDN. Meanwhile, Yves Reynhout is moving ahead with an implementation of WS-ReliableMessaging. Very cool! As for me, I've solidified a few things in the implementation of WS-Eventing. Mostly, I've been adding XML documentation but I've been able to conduct some refactoring here & there.
I will be speaking to the Boston .Net Users Group in Waltham, MA (Microsoft offices) on July 14 at 6:30 pm. Also that night, Chris Bowen will be giving an introduction to Test Driven Development (TDD) using NUnit at 5:00pm.
Here is the schedule and topics:
July Meeting-MSFT Waltham
5:00 p.m.: Test Driven Development (Chris Bowen) Register
This session will review the principles of Test Driven Development (TDD) through code examples utilizing NUnit. This session will familiarize developers with the basic constructs of unit testing and the advantages of TDD. This presentation will provide an invaluable background for the forthcoming Visual Studio 2005 Team System
6:30 p.m.: Secure Coding: Best Practices (Robert Hurlbut) Register
Security is important to nearly every company, but security can never be an add-on to an existing product. Developers need to be aware of common security threats, and they need to follow best practices for developing secure code. This presentation will introduce security topics such as checking data input, buffer overruns, Cross-Site Scripting, SQL injection, and the Rule of Least Privilege. The best techniques for secure coding will also be demonstrated.
I will also be providing a snapshot of my upcoming WIN-DEV 2004 topic: Writing Least Privileged Applications.
Update: The correct date for the next meeting is July 14, 2004.
More Posts Next page »