Dealing with Security Issues

Guest Post  – by Heather Johnson

No sooner is one fixed than another turns up, and if you’re not careful, you could end up losing all the data on your computer and the money in your bank. Viruses, Trojan horses, worms and other malware that are floating around on the Internet are morphing into new forms each time someone comes up with an antidote for those that are discovered. Not everyone is savvy about protecting their systems from being breached by hackers who are some of the best in the business.

Security suites and anti virus software offer some form of protection, and as they are updated regularly as and when new virus signatures are discovered. But even if your security software is up to date and reliable, there are ways that hackers can get at your system if you are not careful.

  • Don’t log in to your computer as an administrator as this leaves your system vulnerable to attacks. When you surf the web and hit a strange or untrusted site, you could end up with a formatted hard disk. Hackers could also create their own user accounts with administrative privileges. When you need to perform tasks that require administrative privileges, you can log in temporarily as an administrator from a non administrative account.
  • Do not click on links in emails from strangers.
  • Do not open attachments without scanning them for malware.
  • Do not share your passwords with even friends and family.
  • Be up to date in applying security patches and system updates.
  • Log out of your accounts, email, bank and others, when done.
  • Do not use public computers to conduct sensitive transactions.
  • Use secure sites that offer encryption when using your credit card to order goods and services online.
  • Do not provide sensitive information online even if the request seems to come from trusted sources.
  • Do not enable file and print sharing.
  • Lock your computer or log out when leaving your desk.
  • Shut down your computer when done for the day.
  • Do not download software that is on offer from a source you cannot trust.
  • Remove programs and applications that you do not use.
  • Protect your home network from sniffers if you use a wireless router to connect.

By-line:

This article is contributed by Heather Johnson, who regularly writes on ATT Yahoo. She invites your questions and writing job opportunities at her personal email address: heatherjohnson2323 at gmail dot com.

VSTSDB 2008 GDR CTP16

Gert just posted about the release of CTP16 of the Visual Studio Team System 2008 Database Edition GDR release.

From Gert’s post:

This release adds the following features:

  • VSDBCMD.EXE
    • We added independent commandline deployment and reverse engineer, which can be used on machines that do not have Visual Studio installed, in order to deploy the results of a database project build (.dbschema file), or if you need to generate a .dbschema file so you can for example compare it, this commandline tool will let you do that as well.
  • Database Project (.dbproj) Upgrades
    • CTP15 enabled upgrade of project files, but did not included updating Data Generation Plans (.DGEN files), which now be upgraded when they are opened the first time inside the DGEN designer.
  • Schema Compare
    • You can now choose the SQL Command Variables (SQLCMD) to use during a Schema Compare session by clicking the “Specify SQLCMD variables” button on the Schema Compare toolbar. This will allow you to compare projects that are using SQLCMD variables and provide the contextual information via the variable values.
    • You can now set the Schema Compare options at the session level, in addition to Tools->Options, by clicking the Settings button on the Schema Compare toolbar.
    • And you can now save your Schema Compare session and reopen it again. We also added an item template for this, name "Schema Comparison"
  • Extensibility
    • We finished the namespace and assembly naming cleanup. As a result all assembly names and namespaces have been changed. This means if you have code leveraging our extensibility mechanisms you need to update the assembly references and namespaces in your code.
    • We added the ability to add your own refactoring types! So now you can create your own refactoring command and have it change all the required references inside the schema. This is above and beyond the ability to create your own refactoring targets (the sources your want to change by an refactoring type), static code analysis rules, data generators, data distributions and test conditions.
    • We now also offer public access to our TSQL parsers for SQL Server 2000, 2005 and 2008, including the script generator functionality.
  • And then there are many more enhancements in the parser, interpreter, validation, build and deploy.

Pre-requisites:

CTP16 requires the following components to be installed:

Download location:

You can download CTP16 from the following location:

NOTE: If you have a previous version of the GDR installed, you will have to first uninstall this and then install the latest CTP16 bits.

TFS SP1 – Whats New? Want To Know Camano?

The Israeli ALM user group is back! I’m proud to be one of the 2 managers of this user group – my colleague is Sarit Tamir.

Next meeting (8 September 2008, 17:30) will be focused on the new features that were delivered with VSTS 2008 SP1 and the new Power Tools. We will also introduce the new testing suite (Camano) that will be shipped with the next version of TFS – Rosario.

Shahar Bracha will talk about Visual Studio Team System Power Tools which enables us better usage and ease when working with TFS.

During his session we will go over the new Power Tools and Service pack features  (such as: Web access enhancements, notifications support,  build, folder mapping and much more…)

For our second session, Eran Ruso will go over CTP 12 of Rosario in general and focus on Camano, a new standalone testing suite in Rosario.  Eran will also describe his experience as part of the first group that uses Rosario and Camano in production environments.

About the lecturers:

Shahar  is the ALM Manger at SRL Group, specializes in Microsoft technologies with an emphasis on the Team System, .NET framework and Web application architecture.

Eran  is a Senior Consultant at SRL Group, specializes in QA methodologies  and testing lifecycle.

I’ll be happy to meet you there!

Maor

Please register here to the event:

https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032384162&culture=he-IL

Visual Studio 2008 Service Pack 1 and .NET Framework 3.5 Service Pack 1

Introduction

Visual Studio 2008 and the .NET Framework 3.5 enable developers to rapidly create connected applications that deliver high quality and rich user experiences. Visual Studio 2008 enables organizations of every size to rapidly create secure, manageable, and reliable applications that are optimized for Windows Vista™, SQL Server, the Microsoft 2007 Office system and the Web.

Visual Studio 2008 Service Pack 1 (SP1) and .NET Framework 3.5 SP1 continue Microsoft’s investment in market leading development tools and developer platform. SP1 addresses issues that were found through a combination of customer and partner feedback, as well as internal testing. These service packs offer customers improvements in responsiveness, stability and performance.

Overview

.NET-based Windows application development benefits from increased Windows Presentation Foundation (WPF) designer performance and updated components for Visual Basic and Visual C++ (including a MFC-based Office 2007 Ribbon).  Web development improvements include enhanced the client-side script tooling (JavaScript IntelliSense). In addition to IDE performance improvements SP1 fully supports SQL Server 2008 and the ADO.NET Entity Framework.

The .NET Framework 3.5 Service Pack 1 (SP1) delivers more controls, a streamlined setup, improved start-up performance, and powerful new graphics features for client development and rich data scaffolding, improved AJAX support, and other improvements for Web development. Additionally it introduces support for the ADO.NET Entity Framework and ADO.NET Data Services, which simplify data access code in applications by providing an extensible, conceptual model for data from any data source and enabling this model to closely reflect business requirements.

Visual Studio 2008 SP1 delivers:

  • Improved WPF designers
  • SQL Server 2008 support
  • ADO.NET Entity Designer
  • Visual Basic and Visual C++ components and tools (including an MFC-based Office 2007 style ‘Ribbon’)
  • Visual Studio Team System Team Foundation Server (TFS) addresses customer feedback on version control usability and performance, email integration with work item tracking and full support for hosting on SQL Server 2008
  • Richer JavaScript support, enhanced AJAX and data tools, and Web site deployment improvements

The .NET Framework 3.5 SP1 delivers:

  • Performance increases between 20-45% for WPF-based applications – without having to change any code
  • WCF improvements that give developers more control over the way they access data and services
  • Streamlined installation experience for client applications
  • Improvements in the area of data platform, such as the ADO.NET Entity Framework, ADO.NET Data Services and support for SQL Server 2008’s new features

Additional Details

WPF and visual designer improvements

Cold startup performance improvement ranging between 20-45% depending on application size without needing to modify any code.

Additional WPF support for text and graphics, and media to deliver better performance. For example, effects like DropShadow and Blur were implemented using software rendering; with SP1 these are now implemented using hardware acceleration. Other examples include:

  • Text, especially when used in Visual and DrawingBrush, is substantially faster,
  • Scrolling improvements with Container Recycling, improved working set with TreeView virtualization
  • A much improved WriteableBitmap that enables real-time bitmap updates from a software surface,
  • Designer support for the event tab within the property grid for control events,
  • Toolbox support within source mode.

.NET Framework 3.5 SP1 Optimized Client Runtime

SP1 provides a .NET Framework install version that is optimized for .NET-based client applications. The size of this optimized runtime is less than 28 MB.

New ADO.NET Data Features

ADO.NET Entity Framework

The ADO.NET Entity Framework is the next evolution of ADO.NET, raising the level of abstraction at which programmers work with data, and allowing the database structure or data source to evolve without significant impact to the application code.

Rather than coding against rows and columns, the ADO.NET Entity Framework allows the definition of a higher-level Entity Data Model over your relational data, and allows developers to then program in terms of this model. Developers get to deal with the data in the shapes that make sense for the application, and those shapes are expressed in a richer vocabulary that includes concepts like inheritance, complex types, and explicit relationships.

Use LINQ to Entities with the Entity Framework for queries that help create easy to maintain code that retrieves and works with strongly typed data objects or business entities.

ADO.NET Data Services

The Microsoft ADO.NET Data Services framework provides a first-class infrastructure for developing the next wave of dynamic internet applications by enabling data to be exposed as REST-based data services that can be consumed by client applications (ASP.NET, AJAX, Silverlight) in corporate networks and across the internet. Easily build applications using a comprehensive set of Microsoft .NET libraries and client components, accessing data through uniform URI syntax and using standard HTTP verbs to operate on the resource.

ADO.NET Data Services provides a framework to build data services for relational data sources, such as Microsoft SQL Server, MySQL, DB2, and Oracle, using the built-in support for the ADO.NET Entity Framework, or for non-relational data sources using the pluggable provider model.

TFS improvements

A number of improvements have been made to Visual Studio Team System 2008 Team Foundation including:

Version Control

  • Simplified the user experience through cleaner “Add to Source Control” dialogs, drag and drop support to the Source Control Explorer and a much easier to use “Workspace” dialog for working folder mappings.
  • Version control now automatically supports non-solution controlled files.
  • Various changes to the Source Control Explorer such as a new checkin date/time display column, local path hyperlink support and en editable source location field.

Work Item Tracking

  • Microsoft Office 2007 integration is now done using the standard Office “Ribbon” delivering a cleaner and easier to use integration to the different Microsoft Office 2007 products.
  • Email integration for work items and links for Team system Web Access to make it easier to use email as part of the development lifecycle.

Visual SourceSafe migration tool

  • The migration tool has been dramatically improved through many performance and reliability improvements. SP1 provides support for the elimination of namespace conflicts, automatic solution rebinding, improves timestamp coherency and increases the amount of migration logging information available.

Additional Features

  • Support for using SQL Server 2008 with Team Foundation Server.
  • Team System Web Access provides “live” links to work items and checkin emails. This improves the customer experience for users who do not use Team Explorer.
  • Scripting support for the creation of Team Projects.

Performance and scalability

  • With SP1 a large part of the focus was to improve the performance and scalability of Team Foundation Server through changes such as faster synchronization with Active Directory, improved checkin concurrency, a faster way to create source tree branches, online index rebuilding for less maintenance downtime and better support for very large checkin sets.
  • Improvements in the number of projects a server can support that make not only the scalability of the server better but also the client experience when connecting to a server with a large number of projects on it.

from http://msdn.microsoft.com/en-us/vstudio/products/cc533447.aspx

%d bloggers like this: