Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Richard Lewis' application security notes for the software designer, developer and tester
IIS 6.0 General
For those of you who have heard a lot about IIS but have never got a chance to try it out, here's...
Date: 04/12/2007
Lesser known feature of SSL validation overrides in .NET
During setup of an SSL connection, the client validates the server's digital certificate. This is...
Date: 03/28/2007
Providing entry points for handling errors in VC++ 2005
The previous version of the C runtime had many flaws in its design. For example, the functions in...
Date: 03/10/2007
My first assignment at Microsoft
I recently completed my first security assignment at Microsoft. The customer needed specific...
Date: 03/01/2007
Writing to Registry? Some best-practices...
Use the following best practices when dealing with the Windows registry. Use of registry reduces...
Date: 01/30/2007
Code signing mini-FAQ
What really is code signing?At a high level, code signing allows you to generate a digital signature...
Date: 01/25/2007
Cryptography Cognizance for Application Designers and Developers
Here's the abstract for a whitepaper I am beginning to write - Cryptography is increasingly emerging...
Date: 01/24/2007
Understanding 'padding' in symmetric key cryptography
Symmetric key algorithms like 3DES, AES etc operate on blocks of input data. For this to happen, the...
Date: 01/22/2007
Temporary file generation and usage best practices
This article previously appeared at CodeProject.com IntroductionMany applications require to create...
Date: 01/22/2007
Welcome
Hi - I am Richard Lewis and am proud to have joined the ACE team at Microsoft. We are heavily into...
Date: 01/22/2007