BufferOverrun

My last post to Live Journal was in 2003. Since then I've been on MSDN and on Windows Live Spaces. I'm starting to miss the simplicity of LJ and so I might just go back to posting here. If you want to tour of my other blogs:

MSDN
Live Spaces

That's the cool thing about having a domain pointed at these things, I can change it if I want to.

I haven't checked this one for a long time. I'm currently keeping my posts on spaces, and you can get to it here:

http://spaces.msn.com/brianjo

or

http://bufferoverrun.net

I'm moving my Weblog to the ASP.NET server and I'm not really sure how to do this well, but here it goes....

The new page is at http://weblogs.asp.net/brianjo
The new RSS feed is http://weblogs.asp.net/brianjo/Rss.aspx

You can also find the new site using http://bufferoverrun.net and http://www.bufferoverrun.net.

I seeded the new site with the last few posts that I have here at LiveJournal. This site will stay put, so all permalinks that used a LiveJournal URL should still work. Sorry for the inconvenience.

I needed to do this for a couple of reasons that I'll explain more fully later. The biggest reason is that LJ doesn't support Categories, and so I needed to make the change. I considered TypePad, but then I tried .Text on asp.net and it works really well. I hope this will be successful going forward.

Thanks!

Brian

Two new Security newsletters from Microsoft coming soon. You can sign up for the IT/Dev or Consumer versions at the Microsoft Subscription Center:

Microsoft Security Newsletter
This monthly newsletter is the authoritative information source for understanding the Microsoft security strategy and priorities. Written for IT professionals, developers, and business managers, it provides links to the latest security bulletins, FAQs, prescriptive guidance, community resources, events, and more.

Microsoft Security Newsletter for Home Users
This bimonthly newsletter offers easy-to-follow security tips, FAQs, expert advise, and other resources that help you enjoy a private and secure computing experience.

If you subscribe to the TechNet or the MSDN newsletters currently, you'll probably recieve one copy of the technical newsletter as a special edition. This newsletter has some great content for anybody who's interested in security, so I would encourage anyone interested in that topic to sign up.

Paul Thurrott has a must-read commentary about the recent Debian hack. Here's the quote that I like the best....

And astonishingly, an IDC analyst actually called the break-in a "compliment," a platitude I'm pretty sure no one used during the Microsoft attack. "Someone felt that [breaking into Debian's servers] was hard enough to do to be worth doing," he said, apparently with no sense of irony or hypocrisy. "This is one more line of evidence that Linux is coming into the mainstream. The fact that it was caught and dealt with showed the strength of the [OSS] community." Does this double standard confuse and infuriate anyone else?




Here are some other links:

Debian: Attack Didn't Harm Source Code
Hackers Attack Debian Linux
Debian Project servers hacked

Duncan is the trail blazer on MSDN. He's redesigned the Visual C# Developer Center home page to include blog entries and fewer persistent headlines. The idea is that we eventually move all of the tools sites to this design if we find that it's well liked. Let me know if you think that this is something that you would like to see in the Visual C++ Developer Center.


BTW, I took this picture on my cell phone. :)

Some (Most? All?) of the full PDC Sessions are now up online. Be sure to check out the C++ talks in the Tools and Language section.

These are done with Microsoft Producer and you can download the PowerPoint slides separately if you wish.

In case you're not a subscriber, I wanted to mention that we've updated the format of the MSDN Flash newsletter. We cut it down to 2 pages and we added a big security section. The feedback we've gotten from readers about the update has been really positive. To sign up for the newsletter you can follow the link from this page...

MSDN Flash

Every other week MSDN will send you an e-mail containing pointers to all of the new articles, samples, and headlines from MSDN Online, the MSDN Library, the Knowledge Base, the Web Workshop, Visual Studio, and other Microsoft Web sites. In addition, look for announcements of Microsoft and industry events, training opportunities, chats, and Webcasts.

Today we posted the C++/CLI Language Specification Candidate Base Document. It's headlined on the Visual C++ Developer Center with a link to the info page about the standardization effort.

You can find more info by checking out Brandon and Herb's blogs.

Sara Granger has a good article up on Security Focus that deals with personal firewalls. There's a great References section at the end of the piece and she promises a review of different personal firewall solutions in December.

from the article...

The original firewalls, literally physical walls constructed to slow or cease the expansion of fires through buildings, performed a serious function in a basic way. Like their namesake, network firewalls were originally quite similar in concept. They were physical units blocking activity coming into and out of computer networks, thus protecting the network's users from harm.

If you've ever wondered how Microsoft does IT security, it's all laid out right here:

Security At Microsoft
IT Showcase Technical White Paper

and from the paper...

Changes in technology over the past several years continue to put a strain on the traditional security divisions of securing the network perimeter, securing the network interior, securing key assets, and monitoring and auditing. These four divisions become less important as technological advances and business relationships blur the line between "inside" and "outside" the network. As a result, the Corporate Security Group is moving away from these groupings toward new ways of approaching security by using the Microsoft risk management process.

Robert points to a new group blog for regular expressions. Very cool.

Interesting for those of us using Bluetooth...

Pickpockets turn to technology
Security experts are warning that the Bluetooth short-range radio technology can leave people vulnerable to the hi-tech equivalent of pickpockets.

as I understand it, Bluetooth was the Viking that united Scandinavia for some time.

I see that there's a new Microsoft Patterns and Practices page up on Amazon.com. This is an easy way to find the print versions of all that great Microsoft architectural guidance that you can also find on Microsoft.com.

Here's a new story in eWeek that should reinforce the idea that we get everyone patched and firewalled as soon as possible:

New Windows Worm on the Way?

With the posting Wednesday of proof-of-concept exploit code for one of the newly discovered vulnerabilities in Windows, the familiar chain of events that often leads to the release of a worm has begun.

Get updated now.