Archive

Posts Tagged ‘microsoft’

Microsoft releases VS2010 SP1 & TFS 2010 SP1

March 9th, 2011 1 comment

The moment most of us have been waiting for, Visual Studio 2010 Service Pack 1 is finally out (right now for MSDN Subscribers), read what the changes are in VS2010 Service Pack 1 (or TFS 2010 SP1 Changes) and grab it from MSDN – once the links become public will update this post.

File Name: mu_visual_studio_2010_sp1_x86_x64_dvd_651704.iso [MSDN Download Link]
Size: 1.56Gb
SHA1: 61C2088850185EDE8E18001D1EF3E6D12DAA5692
ISO/CRC: C77C2A14
Date Published (UTC): 3/8/2011 9:13:36 AM
Last Updated (UTC): 3/8/2011 10:20:52 AM

There’s also the TFS Project Server Integration Feature Pack that’s been released.

Support for Silverlight 4 and Razor, SQL CE4, IIS Express and 64bit IntelliTrace are amongst the finer things in SP1. For C++ folks, the support for Intel AVX and AMD Bulldozer instruction sets are going to be interesting 😀

Some notable bugfixes:

Enjoy!

{lang: 'en-GB'}
Share

Windows Phone 7 Resources

November 15th, 2010 1 comment

I’ve been busy hacking away the past month or so with Windows Phone 7 and Android. They’re both very different when it comes to the out of box developer experience – with Microsoft tools being supremo right now. Thought I’d contribute some resources when it comes to (on this post) writing Windows Phone 7 Applications. I’ll try and keep this up to date with new things I find.

Feel free to comment with other great resources.

Last Updated: 16th November, 2010

Books/eBooks

Online Resources

Developer

Developer Frameworks/Tools

Developer Components/Controls

Designer/UX

Hardware

{lang: 'en-GB'}
Share

Microsoft updates ASP.NET Flaw CVE-2010-333 with fix

September 29th, 2010 No comments

As mentioned earlier, the ASP.NET Session Security flaw has been keeping all .NET developers and Microsoft on the ball about possible exploits with their applications. Microsoft have updated their security advisory CVE-2010-333 with more information about the severity of the flaw – its taking Exchange and Sharepoint down with it too.

See Microsoft Security Bulletin MS10-070 for affected products and download the update fix for your setup 🙂

For ease of downloading, some configurations for you:

{lang: 'en-GB'}
Share

ASP.NET Session Cookie Crypto Attack Exploiting

September 20th, 2010 No comments

If the Linux CVE-2010-3081: 64bit Linux Kernel Root Exploit didn’t get you, then this little birdy might. It seems the implementation of the AES encryption algorithm which protects the integrity of the Session Cookies in ASP.NET has a weakness which could enable an attacker to hijack sessions – Which bank? The idea behind the use of AES is to ensure that the crypt’d data hasn’t been tampered with – and hence decryptable, but unfortunately the flawed implementation of the use of AES and how it handles errors gives out some much needed clues for an attacker to pursue.

From TheThreatPost article:

In this case, ASP.NET’s implementation of AES has a bug in the way that it deals with errors when the encrypted data in a cookie has been modified. If the ciphertext has been changed, the vulnerable application will generate an error, which will give an attacker some information about the way that the application’s decryption process works. More errors means more data. And looking at enough of those errors can give the attacker enough data to make the number of bytes that he needs to guess to find the encryption key small enough that it’s actually possible.

There is a Microsoft Security Advisory (2416728) which gives some workarounds until a proper fix is made available. What’s really concerning is this little tidbitt from Thai Duong about Using their tool the Padding Oracle Exploit Tool or POET:

“It’s worth noting that the attack is 100 [per cent] reliable, [that is], one can be sure that once they run the attack, they can exploit the target. It’s just a matter of time. If the attacker is lucky, then he can own any ASP.NET website in seconds. The average time for the attack to complete is 30 minutes. The longest time it ever takes is less than 50 minutes.”

What’s really interesting is seeing the video of the exploit in action on dotnetnuke (don’t close your eyes). ScottGu has blogged about this exploit which goes into far more detail than I can, but if you’re keen there’s a nice document on using the Padding Oracle exploit and includes discussions regarding the JSF View state, cracking CAPTCHA schemes as well as some juicy details on CBC-R.

{lang: 'en-GB'}
Share

Windows Phone 7 Developer Tools Released!

September 17th, 2010 No comments

The moment we’ve all been waiting for, the final release of the Windows Phone 7 SDK has been released! What are you waiting for, go download it and try out some cool things!

No Visual Studio installed? Not an issue, it comes with the Express edition of VS2010 and Expression Blend 4 for Windows Phone as well as XNA and Silverlight tools for Windows Phone and an emulator – all for free too!

For more information, see ScottGu’s great post about it!

{lang: 'en-GB'}
Share

Moving to Microsoft Visual Studio 2010 free ebook!

September 15th, 2010 No comments

Microsoft Press - Moving to Microsoft Visual Studio 2010Free ebook compliments of Microsoft Press, you can download a PDF. or an XPS of the book and grab the book’s sample code.

The book is broken down into these parts  catering for the following audiences:

  • Part I – for those moving from Visual Studio 2003 to Visual Studio 2010.
  • Part II – for developers moving from Visual Studio 2005.
  • Part III – for developers moving from Visual Studio 2008.

See the blog post about the target audience for this ebook too.

{lang: 'en-GB'}
Share

Channel9: Windows Phone 7 Jump Start

September 14th, 2010 No comments

With the release of the final Windows Phone 7 SDK just days away, now’s the time to get into understanding the concepts, architecture & development side of Windows Phone 7. There’s an interesting series posted on Channel 9 to hep you get there.

This Windows Phone 7 Jump Start video training is for all developers interested in developing applications or games for the new Windows Phone 7 Platform.  The course is based on the Microsoft Windows Phone 7 Developer Training Kit and taught by Microsoft MVP’s and Microsoft Press Authors, Andy Wigley and Rob S. Miles.  Watch these entertaining sessions and complete the labs found on Channel 9 (http://channel9.msdn.com/learn/courses/WP7TrainingKit/) to gain development skills using both XNA and Silverlight. For copies of the student files and links to demo code, you can go to the Windows Phone 7 Born To Learn Forum (http://borntolearn.mslearn.net/wp7/m/classresources/default.aspx).

Enjoy – the ! I’ll be posting about my own adventures soon!

{lang: 'en-GB'}
Share

Events Downunder: CodeCampOz in Wagga & Windows Phone 7 Deep Dive

September 13th, 2010 No comments

As promised, here are some of the (Microsoft) developer events happening down under.

CodeCampOz (Wagga-Wagga)

When / Where:
20-21st of November 2001 / Charles Sturt University Wagga Wagga | Map | How to get there.

Cost: Free of charge | See the CodeCampOz FAQ

Accommodation: See Charles “Chuck” Sterling‘s list of accommodation places!

Registration: http://codecampoz2010.eventbrite.com/

Agenda:

  • Saturday – 20th November

    • 0800: Welcome & Housekeeping
    • 0830: Domain Driven Design with Entity Framework 4.0 (Omar Besiso)
    • 0930: Developing with Microsoft Commerce Server 2009 R2 (Lewis Benge)
    • 1030: Morning Tea
    • 1100: Extending Office with VSTO (Jake Ginnivan)
    • 1200: Magellan – a navigation framework for WPF (Paul Stovell)
    • 1300: Lunch
    • 1400: HTML 5.0, the useful bits – what you can use now! (Alex Mackey)
    • 1500: Afternoon Tea
    • 1530: Real World Unit Testing & Future (Rajitha Aththanyake)
  • Sunday – 21st November

    • 0800: Welcome & Housekeeping
    • 0830: Windows Azure Compute for Developers (Steven Nagy)
    • 0930: Windows Phone with Silverlight (Nick Randolph)
    • 1030: Morning Tea
    • 1100: Not a WIF of Federation (Rory Primrose)
    • 12:00: Behaviour Driven Development with StoryQ (Liam McLennan)
    • 13:00: Lunch
    • 1400: Battle of the Containers (TBA)
    • 1500: Afternoon Tea
    • 1530: Team Build Patterns & Practices (Mitch Denny)
    • 1630: Wrap-up

Windows Phone 7 Deep Dive (Melbourne/Sydney/Adelaide/Brisbane)

When / Where

  • Melbourne: 20th-21st September | Register Now >
    • Exhibition Room| Level 5, 4 Freshwater Place, Southbank VIC 3006 | Map
  • Sydney: 23rd-24th September | Register Now >
    • Exchange |  1 Epping Road North Ryde Sydney, NSW 2113 | Map
  • Adelaide: 27th-28th September | Register Now >
    • Board Room | Level 26, Santos House, 91 King William Street Adelaide SA 5000 | Map
  • Brisbane: 29th-30th September | Register Now >
    • Theatre 2 | Level 9, Waterfront Place 1 Eagle Street Brisbane QLD 4000 | Map

Cost: Free of charge

Registration: See Dave Glover’s blog post.

Please bring your laptop with you on the day.

Agenda:

Day 1
•    9.45am registration for a 10am start
•    Session 1: Introduction and Windows Phone User Experience Overview
•    Session 2: Animation, Orientation and Overlays
•    Session 3: Application Lifecycle, Navigation, Application Tiles and Notification
•    Session 4: Tasks and Touch
•    Session 5: Working with the Accelerometer, Sounds and Location
•    5.30pm close

Day 2

•    9.15am registration for a 9.30am start
•    Session 6: Connecting and Consuming the Web
•    Session 7: Retrieving, Storing and Synchronizing Data
•    Session 8: Silverlight Analytics, Unit Testing and other Frameworks
•    Session 9: Security, Authentication and Performance
•    5.30pm close

Workshop information

Are you interested in Windows Phone 7 Development? Are you keen to get ahead of the competition to create apps for the Windows Phone 7?
Windows Phone 7 is a fresh exciting mobility platform and potentially a land of opportunity for killer apps! These workshops are designed to take your skills to the next level beyond the online training kits and helps you explore some more complex scenarios.

Prerequisites

You need Silverlight/WPF, C# .NET Framework skills and you should have completed a subset of hands on labs from the following:
•    Windows Phone 7 Training Kit
•    Windows Phone 7 Jump Start Training
•    Windows Phone Design Day Recordings

Instructor

The workshop will be run by Nick Randolph from Built to Roam.

{lang: 'en-GB'}
Share

Think this is funny? Think this is some kind of mother flipping joke? Mother flippers think everything’s a mother flipping joke.

July 28th, 2010 No comments

FIX: WordPress Older Posts not working in IIS with Permalinks

April 28th, 2010 2 comments

I spent some time tweaking my blog today after moving it to some fresh hardware. You may find that everything is loading much faster now which can be attributed to two plugins in addition to the hardware upgrade – wp-super-cache and wp-widget-cache.

I’ve also fixed a long standing bug with my particular configuration of WordPress that runs on IIS which causes the “Older posts” link at the bottom does not function for the second page. The WordPress generated URL for this is

http://www.thushanfernando.com/index.php/Index.php/page/2

Which is a bit problematic, this ofcourse can be reproduced only on IIS from my musings (serves me right eh?). There are a couple of suggestions by people on the forums already, but I wasn’t too keen on them as they seemed too high-level fixes.

I’ve enabled Permalinks with this format:

http://www.thushanfernando.com/index.php/2010/04/28/sample-post/

So I looked through the sources to see why this was happening. After a bit of snooping about I got to the get_pagenum_link function in wp-includes/link-template.php file.

Heres a bit of source for reference – this is with WordPress 2.9.2:

function get_pagenum_link($pagenum = 1) {
	global $wp_rewrite;

	$pagenum = (int) $pagenum;

	$request = remove_query_arg( 'paged' );

	$home_root = parse_url(get_option('home'));
	$home_root = ( isset($home_root['path']) ) ? $home_root['path'] : '';
	$home_root = preg_quote( trailingslashit( $home_root ), '|' );

	$request = preg_replace('|^'. $home_root . '|', '', $request);
	$request = preg_replace('|^/+|', '', $request);

	if ( !$wp_rewrite->using_permalinks() || is_admin() ) {
		$base = trailingslashit( get_bloginfo( 'home' ) );

		if ( $pagenum > 1 ) {
			$result = add_query_arg( 'paged', $pagenum, $base . $request );
		} else {
			$result = $base . $request;
		}
	} else {
		$qs_regex = '|\?.*?$|';
		preg_match( $qs_regex, $request, $qs_match );

		if ( !empty( $qs_match[0] ) ) {
			$query_string = $qs_match[0];
			$request = preg_replace( $qs_regex, '', $request );
		} else {
			$query_string = '';
		}

		$request = preg_replace( '|page/\d+/?$|', '', $request);
		$request = preg_replace( '|^index\.php|', '', $request);
		$request = ltrim($request, '/');

		$base = trailingslashit( get_bloginfo( 'url' ) );

	if ( $wp_rewrite->using_index_permalinks() && ( $pagenum > 1 || '' != $request ) )
		$base .= 'index.php/';

		if ( $pagenum > 1 ) {
			$request = ( ( !empty( $request ) ) ? trailingslashit( $request ) : $request ) . user_trailingslashit( 'page/' . $pagenum, 'paged' );
		}

		$result = $base . $request . $query_string;
	}

	$result = apply_filters('get_pagenum_link', $result);

	return $result;
}

This function (from reading through) essentially generates the links for the page numbers & page navigation taking into account Permalinks if configured. This is all fine and dandy for Unix hosts but for Windows, unfortunately this bit of code fails us.

...
$request = preg_replace( '|page/\d+/?$|', '', $request);
$request = preg_replace( '|^index\.php|', '', $request);
$request = ltrim($request, '/');
...

As the preg_replace is case sensitive, it will not replace the invalid Index.php that is seen on IIS. So the easiest fix is to tweak the regex pattern a little bit and tell it be case insensitive.

...
$request = preg_replace( '|page/\d+/?$|', '', $request);
$request = preg_replace( '/|^index\.php|/i', '', $request);
$request = ltrim($request, '/');
...

This will then generate the (invalid) urls and the preg_replace will remove any additional Index.php’s from the request URL as its already mentioned in the $base variable a few lines below:

...
if ( $wp_rewrite->using_index_permalinks() && ( $pagenum > 1 || '' != $request ) )
$base .= 'index.php/';
...

Once you make the change and upload the files, your “Older posts” will start working again. I’ll submit a patch to WordPress I’ve submitted a patch to WordPress Trac, now its just a wait and see what they say, in the meantime here’s a patch file if you don’t want to modify sources manually. If there any issues, post a comment 🙂

{lang: 'en-GB'}
Share