|
|
|
|
|
|
|
March 2005 - Security Briefs
-
Shawn Farkas recently posted an interesting note about impersonation. He points out that the following code... WindowsImpersonationContext ctx = identity.Impersonate(); try { DoWork(); } finally { ctx.Undo(); } ... has a subtle hole - if an untrusted...
-
Have you seen the BlueSniper rifle ? The design is pretty goofy IMHO; clearly meant to impress audiences at DefCon, etc. But it is an impressive demonstration of how “short range” wireless devices don't provide any sort of implicit perimeter...
-
Two-factor authentication vital to future of e-commerce, claims Redmond. Interesting to read this , on the heels of Schneier's insightful commentary on how two-factor authentication really doesn't solve today's problems. But it's not surprising to see...
-
As an MVP, I've been hearing some rumblings from the CLR team lately - they are interested in learning more about real applications that are being built (or are already shipping) today. And honestly, I think a lot of us who are building (or thinking of...
-
Someone pointed me to a new site on Kerberos in W2K3. This pulls together a lot of great documentation on how Kerb works in Windows, including an article on constrained delegation and protocol transition by Frederick Chong, who actually worked on that...
-
Seeing as I'll be doing a Tech Ed preconference session this year and perhaps some talks during the week, I went ahead and submitted some BOF suggestions. The first is called Writing Secure Code, and it's all about developers getting together and sharing...
|
|
|
|
|
|