I keep seeing a lot of examples in ASP .NET where sql server priviliges are given to the ASP.NET worker process.  A few thoughts about this: By doing this you are expanding the damage that could be done if the ASPNET worker process was compromised.  This is particularily so for those of you who give dbo rights to the worker process in...

Well, for anything in this article to make sense, you're going to have to read Eric Sink's latest MSDN Article.  Finished?  Ok then. It was interesting to hear about the logic involved behind moving sourcegear to a platform other than Microsoft's.  Where I really tuned into this article though was the discussion on MBAs and their...

Jay had a little mini rant this morning about passwords and security.  It's Friday, should be a happy day, so I'm just going to list out some rather absurd security practices I've encountered in my years of consulting and development. A major (fortune 500) company has an ordering system that in the order table stores the entire credit card...

What's the difference? Here's a console application that shows one:         Dim myObject As Object = Nothing        Dim toStringTest As String        Dim convertTest As String        Try   ...

I forgot to disable the change password/account creation for the demo build this morning.  So naturally someone changed the admin password. The database has been restored and the proper controls are disabled, so it's all good now!  On a side note, if this is the least embarassing thing that happens to me this year I'll consider myself...

For those of you curious bloggers who have been asking to see a demo of Easy Assets .NET you can now! http://www.easyassets.net username: admin password: admin This is a sample database, it gets restored frequently so feel free to play with the data all you like!  Feedback is always appreciated too.  ;)