Two weeks ago
in
this space
, I featured a question-and-answer session with security expert
Dinis Cruz. His concern: That .NET development vendors and programmers alike
are failing to employ sandboxing techniques to ensure that applications remain
secure.
Redmond Developer News plans to cover this and other development security-related
issues in an upcoming issue of RDN. But we wanted to hear from you first.
What security issues concern you most when developing applications? Do you feel
that tool vendors are providing the resources you need to create software that's
fundamentally secure? And do you feel that sandboxing, as an approach to enabling
security, has been widely overlooked by the industry?
More
Posted by Michael Desmond on 11/07/20070 comments
Visual Studio is adding another native programming language in the form of
F#, a typed functional programming language originally developed by Microsoft
Research in Cambridge, England.
When Soma Somasegar revealed Microsoft's F# plans on
his blog, it signaled an important step forward for Redmond. As corporate
VP of the Developer Division at Microsoft, Somasegar has been keen on the benefits
of functional programming, which promises to free coders to tap the power of
advanced, multi-core processors and expansive grid computing networks.
More
Posted by Michael Desmond on 10/31/20074 comments
Microsoft just launched a new Web site aimed directly at software QA and testing
professionals. Called
Tester
Center
, the new site aims to bring testers together to share experiences
and best practices, get advice and access useful content.
The site is headed up by James Whitaker, an early innovator in the area of
model-based testing and currently a Microsoft security architect working in
the Trustworthy Computing Initiative at Redmond.
More
Posted by Michael Desmond on 10/24/20070 comments
The deadline for submitting entries to the
RDN
Innovator Awards has
been extended two weeks to Nov. 15. The program recognizes outstanding efforts
in development, with a focus on shops aligned with Microsoft Windows and the
.NET stack. Entries are accepted across a range of independent categories.
Do you have a software development project that's worthy of recognition? Download
the RDN Innovator Awards entry form here.
More
Posted by Michael Desmond on 10/24/20070 comments
Dinis Cruz spends a lot of time worrying about .NET security. The well-known
security consultant and trainer is chief security evangelist of the
Open
Web Application Security Project (OWASP)
, which aims to improve software
security.
RDN contributor John Waters caught up with Cruz at a recent industry
event. You can read more about this in the Nov. 15 issue of Redmond Developer
News magazine.
More
Posted by Michael Desmond on 10/24/20070 comments
According to a recent Forrester Research survey, 28 percent of enterprises
with 500 or more employees have some form of social networking initiative, while
20 percent are considering it. Behind these figures: the runaway popularity
of social networking services like MySpace, Facebook and LinkedIn. The buzz
around these sites jumped recently, after Facebook announced it would open its
APIs to developers.
What's at stake here? Potentially, a lot. Facebook has a huge and growing audience
that includes a rapidly expanding business clientele. Apps linked into the Facebook
platform using its APIs can be immediately accessed and leveraged by Facebook
users, removing much of the friction in delivering services across organizations.
More
Posted by Michael Desmond on 10/17/20070 comments
Fortify Software is one of the leading providers of application security solutions
for development shops. So when its researchers came across a new type of vulnerability
that affects the application build process used in open source software projects,
it got my attention.
According to Fortify, cross-build injection exploits "allow a hacker to
insert code into the target program while it is being constructed." Discovered
by Fortify while working with the Java Open Review Project, cross-build injection
attacks represent a shift by hackers, from now-fortified OSes and applications
toward the less well-protected application development stack.
More
Posted by Michael Desmond on 10/17/20070 comments
We've spent a lot of time and ink covering Microsoft's Silverlight technology,
and for good reason. Initially regarded as a simple Flash competitor for delivering
rich media over the Web, Silverlight quickly emerged as a full-fledged application
delivery platform. And, as seems to be the case with all successful Microsoft
offerings, Silverlight is an amazing lesson in leverage. To wit: It enables
millions of .NET-savvy developers to write and package applications for use
across platforms and across the Web, via the Silverlight player.
More
Posted by Michael Desmond on 10/10/20071 comments
Steve Ballmer may have been showing his age last week, when he called out the
Facebook social networking site as a "fad" and questioned the value
of the technology used to make it go.
"I think these things [social networks] are going to have some legs, and
yet there's a faddishness, a faddish nature about anything that basically appeals
to younger people," Ballmer was quoted as saying in an Oct. 2 article in
the Times Online. You can read the full article here.
More
Posted by Michael Desmond on 10/08/20070 comments
Frequent
RDN
contributor Mary Jo Foley has the goods on yet another
high-profile defection from Microsoft's Live business unit. This time, the departee
is Danny Thorpe, formerly a senior program manager and architect in the Windows
Live Platform group. Thorpe is leaving to work with a startup called
Cooliris
.
You can read Foley's blog posting
here
More
Posted by Michael Desmond on 10/08/20070 comments
Six months ago or so, I
interviewed
Microsoft security expert Mike Howard
about the challenge his company faced
as it worked to make the development of fundamentally secure software a core
mission of every project. Known as Security Development Lifecycle (SDL), the
effort took years to complete, and ultimately resulted in the release of much
more secure code.
More
Posted by Michael Desmond on 10/03/20070 comments
Facebook is fast transforming from its roots as a social networking site for
college students into a full-fledged development platform that has drawn Microsoft's
interest. Certainly, there's keen and growing interest in extending the benefits
of Facebook's community network model into the professional sphere.
Is your company's CEO beating down IT's door, asking for Facebook or something
like it? Or do you think Facebook and platforms like it are a passing fad, as
Steve Ballmer recently suggested? E-mail me at
More
Posted by Michael Desmond on 10/03/20072 comments