Don Kiely was featured on Dot Net Rocks last week talking about one of my favorite topics:  Programming with Least Privilege.

Looking for some fun reading today? Brian Johnson has posted a link to the latest Windows XP Security Guide documents and tools from Microsoft: The Windows XP Security Guide has been updated with new information about Windows XP Service Pack 2. The overview page provides a content roadmap and a link to the complete paper on the download...

Over the last few months, I have seen my company's web site domain used as the originator of a lot of spam. I know this because I get the spam email bounced back, and checking the header information, I verify that my domain name is part of the email address. I know the spammers are not using my mail server as the relay point, but...

My friend Andrew just pointed me to this interesting post on a first CAS sample in Mono. That's great that someone is testing and working with CAS (Code Access Security) in Mono as has been done with .NET.

Like Sam, I was at the Windows Mobile Developer Day at Microsoft, Waltham today. This was a great event put together by Thom Robbins. I have only played around with the Compact Framework with my Pocket PC device, nothing serious, so this was a good introduction to some new topics (remember, I love to learn new things!). Along...

As mentioned by Dana: A new version of MBSA was released yesterday to allow users on XPSP2 to take advantage of the tool. In case you didn't know, MBSA is the free, best practices vulnerability assessment tool for the Microsoft platform. It is a tool designed for the IT Professional that helps with the assessment phase of an overall security...

Brad Abrams points to a new blog by Dino Viehland (rss). In particular, Dino is the QA guy for CLR Hosting. Check out his post on Cooperative Fiber Mode Sample - Day 1. Subscribed. Brad also points out that lots of people were interested in CLR Hosting at PDC. Great! I am looking forward to my talk on this at WIN-DEV.

Congratulations are in order for the new Downtown Boston .NET User Group (or as it is also referred to as the Beantown .NET User Group) as they are now an official INETA user group. See more information in Sam Gentile's post. Sam is doing a great job as the user group leader, and also mentions many of the other...

By way of Sam: MSDN has published a new article by Bill Hamiliton Advanced Data Access with ADO.NET and Oracle on using ADO.NET 1.1 to retrieve data from complex Oracle data types. While the article is good in showing you various advanced techniques, I have a general question. Does anyone else notice most of the examples, in the way the SQL...

By way of Doug Reilly: The MSDN ASP.NET Developer Center has a new post on ASP.NET 2.0 internals. Especially cool is the very clean code in the codebehind in 2.0 vs. 1.x. Here it is. This looks good.

I just noticed one of my favorite SysInternals tools, DebugView, popped up a message saying it doesn't work on the current version of Windows XP (which was patched yesterday to the new SP2).  Fortunately, they have upgraded their tool to work with SP2. Get the latest 4.3 version. I wonder if they have updated their other tools as well...

I am also commenting on Scoble's request about how XP SP2 is working out so far. I installed it on one of my clean VPC Windows XP install (only had SP1 installed previously and no other software), and everything worked without a hitch. I will be putting it on my other VPC slices tonight. I also tried to install it on one of my...

By way of Sergey: Microsoft Research has a short paper on using hackers' tricks against them, including using differential file system scans (using WinDiff) from infected vs. clean OS boots to detect hidden files [via G. Andrew Duthie] Follow the link to Andrew Duthie's post as well for more comments. This is a great tool in...

As mentioned here: Windows XP Service Pack 2 Network Installation Package for IT Professionals and DevelopersThis installation package is intended for IT professionals and developers downloading and installing on multiple computers on a network. If you're updating just one computer, please visit http://www.microsoft.com/protect.

Just a reminder, I will be speaking on Code Access Security (CAS) to the new Downtown Boston .NET User Group in Boston tonight at 5:30 pm.  If you are in the area, I hope to see you there.