I like free stuff, I really like free stuff from Microsoft, as they normally have good free stuff, and this time, it’s a free copy of Visual Studio 2005 Standard Edition, and a couple other goodies. Here’s the list:
- Microsoft® Visual Studio® 2005 Standard Edition (Not for Resale)
- Five chapters of Programming ASP.NET 2.0 Core Reference, by Dino Esposito
- A 30-day hosting account to try out your custom Web applications
- Microsoft Developer Security DVD with how-tos, white papers, tools, webcasts, and code samples that demonstrate how to write more secure code
- A 50% discount on a Microsoft Certified Professional Exam so you can add your new skills to your resume
- A voucher that allows you to buy Visual Studio 2005 Professional Edition with an MSDN® Professional Subscription at renewal pricing (a $400 savings)
Not a bad grab bag if I say so myself. Want the details?
- You have to be in the US or Canada
- You have till April 17th
- You have to watch 3 ASP.NET related webcasts
Sounds like a deal to me, I’m in. Here’s the link.
Recently a programmer I know decided that it was time for a career change, leaving the IT field entirely. This gave me cause to think; what does it take to be a great developer. Many people go through school believing they have what it takes, only to receive a rude awaking once they enter the real world.
Before I go on, I think it’s important to define what I mean by developer, and the differences between a developer and a programmer.
Piracy is bad, right? Maybe not, and it seems Microsoft figured it out. Piracy can be indirectly profitable, both by giving you additional customers that you may collect from at some future point, and it also serves to reduce or limit the market share of rivals. Microsoft chairman, Bill Gates, acknowledged this back in 1998 while speaking at the University of Washington, saying:
Although about 3 million computers get sold every year in China, people don’t pay for the software.
Note: This was written in 2012, but not published at the time. The point is still valid, perhaps moreso than ever and deserves to be made publicly. The content has been updated as appropriate, though the core of this article remains intact from the 2012 draft. I would like to note that this doesn’t apply to every environment, there are some where developers are very knowledgeable about security, and write code with minimal issues – my current employer happens to be one of those rare & exciting places.
Recently a friend of mine asked for input on what would be needed to launch a new security consulting company, to help him out I drafted a detailed list of what would need to be done for a successful launch. Here is an expanded version of that list, hopefully others will find this useful as well. This isn’t the simplest route to setting up a new business, but is intended to set the business up for long-term success.
…or, The Cost of Wild Speculation.
“We need to boost our security – I think the NSA has broken everything we use. AES-256 is too weak, I don’t trust it. Find a way to implement AES-512.”
Double-AES-256! It’d be easy, and double encrypting has never bitten us before. So, let’s write some code!
def encrypt(msg, iv, key) return e(e(msg, iv, key.slice(0..31)), iv, key.slice(32..63)) end def decrypt(cipher, iv, key) return d(d(cipher, iv, key.
