Category Archives: Uncategorized

Just found this (scroll down to “.NET Framework 2.0 Security Hole”) via Marc’s Blog. Not sure if this is true – but it sounds scary…this brings me back to an old point – don’t run untrusted apps off the Internet – and be … Continue reading →

A while ago I wrote how to set ACLs on a private key container. Today I spotted a new context menu item in the “Certificates” MMC snap-in on Vista. Right-click a certificate and select “All Actions->Manage Private Key” to get … Continue reading →

Thanks to everyone who attended the Connected Systems Roadshow this week in Reading! We had great fun. You can find the slides and the architecture sample I wrote during the talk here. Mike – who did a great talk on hosting … Continue reading →

A (kind of) polished version of my HTTP.SYS ACL/SSL helper tool can be found on the thinktecture tools page.  

Finally…the new version of the AntiXss library is now available for download. Go get it! New features include: support for partial trust :) more encoding functions tutorials Happy encoding!  

Joe sent me a new version of his AzMan bulk importer – in the .zip is a changes document. enjoy! AzManBulkImport123.zip (6.25 KB)  

Read more over at Shawn’s http://blogs.msdn.com/shawnfa/archive/2006/11/01/securestring-redux.aspx  

Ich habe total vergessen die versprochenen Samples für den CAS & ClickOnce Webcast hochzuladen (danke Andreas für die Erinnerung). ClickOnce und NoTouch.zip (873.58 KB)  

Mike Downen ist der Security Program Manager der CLR – dieses Interview habe ich im Sommer für das Reach Magazine geführt, und ist jetzt online auf MSDN. http://www.microsoft.com/germany/msdn/security/interview27102006.mspx

Every once in a while questions come up regarding the usefulness of SecureString. StaceyW posted this link today…:O Interestingly, Ian told me that the latest build of WPF also removed the SecureString functionality from the PasswordBox and replaced it with an … Continue reading →