August 2007 Archives
2. Writing Secure Code, by Michael Howard and David LeBlanc
3. The Security Development Lifecycle, by Michael Howard and Steve Lipner
4. 19 Deadly Sins of Software Security, by Michael Howard, David LeBlanc and John Viega
5. Threat Modeling (Microsoft Professional), by Frank Swiderski and Window Snyder
Before your PC goes to the web to look up a URL to resolve it into a 32-bit address, it performs a lookup in hosts.txt. Putting known spammers and the like into your hosts.txt and having them resolve to the local host cause these sites to be unreachable from your machine -- a good thing.
How to use this:
- Download hosts.txt from www.mvps.org/
- Copy file to %windir%\system32\drivers\etc\
One of my favorite collections of fascinating social commentary videos from current thinkers.
"We believe passionately in the power of ideas to change attitudes, lives and ultimately, the world. So we're building here a clearinghouse that offers free knowledge and inspiration from the world's most inspired thinkers, and also a community of curious souls to engage with ideas and each other."
[How to ask smart questions]
"You might use imperative syntax for demands and overrides instead of declarative syntax when information that you need in order to initialize the permission state becomes known only at run time. For example, if you want to ensure that callers have permission to read a certain file, but you do not know the name of that file until run time, use an imperative demand. You might also choose to use imperative checks instead of declarative checks when you need to determine at run time whether a condition holds and, based on the result of the test, make a security demand (or not)."
IE control in .NET app
- To see what's missing
msiexec /i someinstaller.msi /L*v msi.log
- To decompile an MSI
Three reasons to use NCover:
- Use NCover to show you where the gaps are. NCover helps you test intelligently by revealing which tests haven't been written yet.
- Keeping code coverage high with NCover reduces time-to-market and helps find problems early, preventing buggy releases.
- Increase confidence in your project by using NCover to drive code coverage higher. Then ship without worries and on time.
Download the Office XP PIAs and use them to develop Office XP solutions with Visual Studio .NET.
The Microsoft Office 2003 Primary Interop Assemblies (PIAs) redistributable is a Microsoft Windows Installer package that contains the Primary Interop Assemblies for Microsoft Office 2003 products.
TrendAlyzer is a data visualization tool that Google has hidden away. It's really cool. It shows animations of world data by country/year/region with zillions of measures: GDP, life expectancy, child mortality, urban population, etc. Recommended.
Project Euler is a website dedicated to the fascinating world of mathematics and programming.
Lots of cool math problems. Challenges you to solve math problems, typically by writing computer programs (unless you've memorized the first one million primes -- then you could do these in your head). I've done 70 or so and am trying to stay in the top 500 problem solvers.