July 2004 Entries

Security Advisor for Mozilla Browsers

Mozilla (and expecially Firefox) are becoming widespread browsers and the first security alerts are coming out...Secunia has released a security advisor for a new Mozilla / Mozilla Firefox User Interface Spoofing Vulnerability.The problem is that Mozilla and Mozilla Firefox don't restrict websites from including arbitrary, remote XUL (XML User Interface Language) files (the Mozilla user interface is built using XUL files). This can be exploited to "hijack" most of the user interface (including toolbars, SSL certificate dialogs, address bar and more), thereby controlling almost anything the user sees.Solutions to this? For the moment only one... do not follow links from untrusted...

posted @ Saturday, July 31, 2004 7:44 AM | Feedback (3)

Main and accessibility...

I want to take in evidence an interesting question launched by Adrian Florea on UgiDotNet: what's the reasons to have a Main method not public???Adrian points the attention to the differences between the last specifications of Java and C#:C# Language Specification, 2nd editionJava Language Specification, 2nd edition10.1"Specifically, the execution environment can access the application’s entry point regardless of its declared accessibility and regardless of the declared accessibility of its enclosing type declarations."12.1.4"The method main must be declared public, static, and void. It must accept a single argument that is an array of strings"Any explanations? Thanks Adrian for the question...

posted @ Saturday, July 31, 2004 6:31 AM | Feedback (2)

Community Server::Forum - a request...

On an announce appeared on ASP.NET Forum yesterday, Rob Howard announced the availability of the new version of ASP.NET Forum, now called Community Server::Forums 2.0.A great application, but I want to launch a little request that comes after my Forum download... why don't include in the package a manual installer, or at least a guide for a complete manual installation of the Forum (from Database creation to application setup)?I think it will be really useful, expecially if you're not on the machine where the forum must be installed, but you want to install it remotely.Possibility to have something like this?...

posted @ Friday, July 30, 2004 4:46 AM | Feedback (2)

Testing Blog Migration Tool 0.1

This evening I've tryed Vlad's Blog Migration Tool 0.1, a tool for blogs migration (it supports blogs based on .Text 0.95 at the moment).I'm planning to transfer my blog from here to my personal web server in the next days (I think that at the end I'll have 2 copies of the same blog, here on DotNetJunkies and on my new server), so I've tryed to transfer 10 posts. These are the results:1) The Blog Migration Tool is really simple to configure... just type the url, login and password of the source and destination Blogs and you're ready to start...

posted @ Thursday, July 29, 2004 6:32 PM | Feedback (6)

Python for .NET

I've a friend of mine that is a life that works with Python (expecially under Linux platforms)... he has always said to me that Python is the best language he has never used, expecially for its structure (I don't know if it's really true! ). Now I'm happy to say him that also for the .NET platform is available a good Python language: IronPython! I think it's the time that he start thinking to develop also under Windows!

posted @ Thursday, July 29, 2004 11:33 AM | Feedback (3)

Improved .Text Gallery Thumbnail Viewer Control

In these days I was busy with moving my domains on a new server and I've setup a .Text installation for hosting my personal Blog.During a visit on ASP.NET Forums, I've discovered this wonderful control by Judi Smith... it's an Improved .Text Gallery Thumbnail Viewer Control and I think I'll try it soon on my new Blog installation.Great work Judi!

posted @ Wednesday, July 28, 2004 9:15 AM | Feedback (0)

The .NET Developer's Guide to Windows Security

A great idea from Keith Brown: exposing his "The .NET Developer's Guide to Windows Security" book as an online collaborative Wiki.Keith is asking to the community to help him to improve the site... check it!

posted @ Tuesday, July 27, 2004 11:33 AM | Feedback (0)

Curiosity of MyDoom...

Yesterday Google (and seems also other big search engines) was down for a big attack of a new variant of MyDoom virus (MyDoom.O). The type of attack is always the same: a big number of simultaneous requests directed to the search engine at the same time. This new variant of MyDoom spreads itself as usually via email and, when it infects a computer, it starts looking for email addresses on the infected computer and also (and this was the yesterday problem) starts a big search on search engines (like Google) for email addresses. Seems that Google has received a lot of query with arguments like these: "Delivery failed",...

posted @ Tuesday, July 27, 2004 7:04 AM | Feedback (0)

... and ASP.NET the same...

After Google... check www.asp.net:ASP.NET is currently down for maintenance   We are sorry, but we are currently updating the site. Apologies for the inconvenience, the site will be back up shortly. Curious... what happens????

posted @ Monday, July 26, 2004 12:31 PM | Feedback (4)

Google down??

Google is down now...Server ErrorThe service you requested is not available at this time. Service error -27.Why????

posted @ Monday, July 26, 2004 12:11 PM | Feedback (11)

A wonderful Gmail client...

Thanks to  Jason Mauss, I've discovered this wonderful Gmail Client that Johnvey Hwang has written.  I've tryed it quickly today with my Gmail account and seems working really good (I like the Account and Contacts Management). HERE you can find the source code of the API and the complete application. Good work Johnvey!

posted @ Saturday, July 24, 2004 2:43 PM | Feedback (7)

ADO.NET 2.0 and ExecutePageReader

I was reading about some new features of ADO.NET 2.0 and, when reading about the new ExecutePageReader method, a question comes in my mind...Normally, for paging I currently use stored procedures with temporary tables that pages data with the ROWCOUNT I want (I pass it as a parameter to the stored procedure). This new method obviously simplifies me the work: the paging is done by the method and I've not to write SQL Code on my stored to to the paging task... wow... but... the ExecutePageReader method use server cursors and I'm not sure this is a more efficient...

posted @ Saturday, July 24, 2004 8:07 AM | Feedback (4)

Linspire Advertisement

Have you see the new Linspire moovie? Check it here: http://www.linspire.com/RunLinspireFlash.phpReally amazing... but too offensive against Microsoft I see...

posted @ Thursday, July 22, 2004 9:31 AM | Feedback (1)

Mono Win32 Combined Installer

A package that must be signaled:if you want to try Mono on Windows, now on Novell site is available a Windows Installer that includes Mono 1.0, GTK# 1.0, gtk+ 2.24, and XSP, the Mono web server for ASP.NET web pages (Apache for Windows is not yet supported due to sockets problems).

posted @ Thursday, July 22, 2004 4:50 AM | Feedback (1)

Internet Explorer new problem...

Do you remember the so called HijackClick 3 series of Internet Explorer vulnerabilities? In summary, you can force a drag and drop event simply when the user clicking a something by moving the window when the OnMouseDown event fires.MS seems to patch these vulnerabilities some times ago (ok, I think it's really discutible this fact: disable some functions from being called when the mouse button is down for me is not a real patch, but only a temporary solution).What's new? As you can see on a new post on SecurityFocus, MS has patched MSHTML.DLL and IEXPLORE.EXE but they have forgotten to...

posted @ Thursday, July 22, 2004 4:10 AM | Feedback (2)

2 Gb of free storage for MSN users now?

I don't know if it's true, but accordingly to some rumours on forums, seems that you can get 2GB of space free NOW by registering an @msn.com email address. Personally, I'm sceptic about this rumours expecially because, accordingly to the original MSN Hotmail plans, 2 Gb of free storage will be reserved only under a little payment (Premium User). However, If someone can confirm this upgrade... UPDATE: I see on your reply to this post that maybe you don't understand the sense of my message... I try to explain. Seems that this morning NEW Msn subscribers had an upgrade to their...

posted @ Wednesday, July 21, 2004 10:58 AM | Feedback (48)

.NET Framework Code Coverage Edition

If you want to help Microsoft to receive feedback about your way to using code, the .NET Framework Code Coverage Edition is what you need: it enables you to collect and upload data on how .NET Framework and Windows code is used by managed applications and components that you have developed. This is an instrumented version of the .NET Framework and contains a tool that collects the code usage information behind the scenes. All you have to do is exercise your code under the watch of this tool, then save and send the data. An interesting way to achieve compatibility and to have feedback...

posted @ Wednesday, July 21, 2004 12:33 AM | Feedback (0)

RSS Traffic like a DDos Attack...

This is the beginning of a big problem, expecially for the future and for sites with lots of accesses...On an article just appeared on InfoWorld, Chad Dickenson points the attention to a problem: RSS feed Readers are useful for obtaining informations in real time, but they can have a dangerous behaviour. He observed that  "every hour, Infoworld sees a massive surge of RSS newsreader activity that has all the characteristics of a distributed DoS attack. So many requests in such a short period of time are creating scaling issues". We can observ this problem also on other sites and I...

posted @ Tuesday, July 20, 2004 4:29 PM | Feedback (8)

10 Years of DALnet

10 years of IRC... 10 years of good services... 10 years to become the biggest IRC Network in the World... thanks to all the people involved.Happy Birthday DALnet!!!

posted @ Tuesday, July 20, 2004 10:32 AM | Feedback (1)

Gmail and .Zip

Yesterday, for the first time on 3 months that I'm a Gmail user, I've tryed to auto-sent me a .ZIP attach with a source code of a Visual Studio 2003 solutions I've developed on my office.What was the result? Gmail has refused it... I was asking why this, and after few try, I've discovered a noise thing: if your .ZIP file contains some executable code, such as .EXE or .DLL, the Gmail system recognize it as an invalid attachment and refused it. If your .ZIP don't contains these types of files, it's accepted.Now that I know this, I send me .ZIP files with executable...

posted @ Tuesday, July 20, 2004 5:01 AM | Feedback (13)

GotDotNet or SlowDotNet?

What is the infrastructure under the GotDotNet Community?It's always terrible slow, expecially if you try to search on a Workspace or User Samples. Why? Maybe too many users for the server capacity?Users Samples and Workspaces on GotDotNet are really useful sections but now are too often unreachable... :@

posted @ Monday, July 19, 2004 9:28 AM | Feedback (4)

SQL Server Express 2005 documentation out...

I was waiting for it and MS has released it soon... you can now download the new SQL Server 2005 Abridged Books Online for SQL Express, that includes SQL Server 2005 documentation that also applies to SQL Server Express.This documentation includes:SQL Server installation SQL Server database engine SQL Server replication SQL Server and the Transact-SQL language SQL Server programming interfaces I love this MS books online...

posted @ Monday, July 19, 2004 3:43 AM | Feedback (0)

Sun's movements...

If someone (like me) is interested not also on the .NET side of the world, but also on the "cousin" Java world, it's really interesting to see the new Sun's movements of these months.After the releasing of source code for the new Looking Glass project (the new Java powered 3D user Interface) Sun is also planning to offer some of its Java Enterprise System under an open source license. Although these are only project, they're a big advance on the Java diffusion... Sun is trying to pump up the Java world (the new "Java Powered" Logo that will appear soon on some Java-enabled...

posted @ Sunday, July 18, 2004 9:32 AM | Feedback (1)

Office 2003/XP Add-in: Remove Hidden Data

With the Office 2003/XP Remove Hidden Data Add-in you can permanently remove hidden and collaboration data, such as change tracking and comments, from Word 2003/XP, Excel 2003/XP, and PowerPoint 2003/XP files. When you distribute an Office document electronically, the document might contain information that you do not want to share publicly, such as information you’ve designated as “hidden” or information that allows you to collaborate on writing and editing the document with others. The Remove Hidden Data add-in is a tool that you can use to remove personal or hidden data that might not be immediately apparent when you view...

posted @ Thursday, July 15, 2004 4:08 AM | Feedback (2)

Geeks...

A little bit of humour...

posted @ Wednesday, July 14, 2004 6:07 AM | Feedback (0)

The ridiculous news of the day...

I've read a lot of news and comments about the Windows XP SP2, but the news I've just read on TechTree.com is absolutely amazing...Nikhil Rastogi writes here about the new security feature on XP SP2... he firstly says that "Microsoft may have found a much more destructive way to get rid off Illegal copies of Windows Xp than Service Pack1. Users installing SP1 on illegal copies would simply get a 'This is a pirated copy' error message. But now Microsoft has armed itself with a huge list of illegal CD keys ensuring that SP2 does not install, but also destroys...

posted @ Tuesday, July 13, 2004 4:38 PM | Feedback (0)

Microsoft Internet Explorer Multiple Vulnerabilities... again!

The same story... other Microsoft Internet Explorer Multiple Vulnerabilities are just discovered... for a secure Windows, IE must revisited... soon!

posted @ Tuesday, July 13, 2004 3:17 PM | Feedback (2)

ADO.NET and Connection Closing

I've received a question by Learner (this is the nick) on my blog regarding ADO.NET and Connection Closing. He asks: "is there a way to CLOSE or DISPOSE any and all open connections - globally? OR to see whats open?"I want to try to give an answer this question on a new post because it's a bit curious and I'm not sure on how to answer directly to it... why having many connections opened at the same time to a database? Are you sure you want it?Remember that if you are using Datasets, the connection is closed when you fill it, but if...

posted @ Tuesday, July 13, 2004 11:42 AM | Feedback (1)

Windows Media Player Fix

A recommended fix for Windows Media Player 9 Series is out today:When you are playing content from a network source, Microsoft Windows Media Player 9 Series may quit unexpectedly (crash) if Windows Media Player briefly loses the network connection and then tries to reconnect. If you are using Windows Media Player together with a host application such as Microsoft Internet Explorer, and Windows Media Player is embedded in the host application, the host application may quit unexpectedly if the network connection is lost. You can find the fix HERE.

posted @ Tuesday, July 13, 2004 3:58 AM | Feedback (1)

At the airport...

This weekend I was out for a travel in the south of Italy, unfortunately was not for holidays... This afternoon, when I arrived at the airport and checked the screen for the fly time, this is what appeared me (the photo is not so good because is made with a mobile phone):A wonderful Kernel32.dll crash... Windows 98 is always the same!

posted @ Monday, July 12, 2004 3:40 PM | Feedback (1)

Bootstrapper Manifest Generator

Interesting package discovered on GotDotNet: the Bootstrapper Manifest Generator. The Bootstrapper in Visual Studio 2005 allows developers to add components to be redistributed along with their applications, allowing a single starting point to install applications and their prerequisites. For example, users can now run a single setup.exe that will install the .NET Frameworks, SQL Server Express, and your application over the web, from a CD, or from a UNC path. This tool makes it much easier to add your own prerequisites to the bootstrapper. The initial release contains the following features: * Ability to create Bootstrapper Packages for Visual Studio 2005...

posted @ Thursday, July 08, 2004 12:59 AM | Feedback (0)

SQL Server 2000 Driver for JDBC Service Pack 3

The new SQL Server 2000 Driver for JDBC Service Pack 3 is an interesting update that must be bookmarked... The Microsoft® SQL Server™ 2000 Driver for JDBC™ is a Type 4 JDBC driver that provides highly scalable and reliable connectivity for the enterprise Java environment. This driver provides JDBC access to SQL Server 2000 through any Java-enabled applet, application, or application server. Enhancements added to this driver since its original release include: support for connecting to an instance of SQL Server in a multiple instance environment using just the instance name, making hostname a connection attribute, improved performance, and support for...

posted @ Wednesday, July 07, 2004 4:14 PM | Feedback (3)

New MS Search Engine is promising...

Yesterday evening I was playing a bit with the preview of the new MSN Search Engine... It looks promising, it's fast and very accurate on searching, seems really a great work for the moment. Congratulations to all the team involved!

posted @ Wednesday, July 07, 2004 4:48 AM | Feedback (1)

IE Dead?

In these days, too many messages agains Internet Explorer are coming out... the last security flaws discovered on IE seems to have effects, and most people and organizations are thinking to forgot the "old" IE for other new browsers (the peak of Firefox downloads in these days is the demonstration of this...).Ok, I admit that I'm a Firefox lover from a lot of time, that there are better browsers out now, but I don't like to see this rumours against IE. I think that Microsoft must do something for improve IE functionality and security. IE is a little piece of...

posted @ Wednesday, July 07, 2004 4:30 AM | Feedback (0)

SQL Server ideas for the future...

Today, during my work and my daily fight with Sql Server, I was thinking to what I'd like to have on an "ideal" future Sql Server 2007...  I'd like to have these features:The availability to write Stored Procedure with the natural .NET languages (VB.NET or C#)The possibility to store part of the file system (for example, a directory)The possibility to pass complex parameters to T-SQL statements, such as arrays or structuresAre these features only a personal dream or they could be performed? I think that they could be really useful... do you agree? Ideas for other possible features?

posted @ Tuesday, July 06, 2004 5:50 PM | Feedback (9)

Securing your Windows XP System

The IT Laboratory of the NIST (National Institute of Standards and Technology) has released for free an interesting guide about Securing a Microsoft Windows XP System.This guide has been created to assist IT professionals, in particularly Windows XP system administrators and information security personnel, in effectively securing Windows XP systems. It discusses Windows XP and various application security settings in technical detail. The guide provides insight into the threats and security controls that are relevant for various operational environments, such as for a large enterprise or a home office. It describes the need to document, implement, and test security controls,...

posted @ Monday, July 05, 2004 3:41 PM | Feedback (0)

Important IE Configuration Update

Extremely important...Today Microsoft is releasing a configuration change for Windows XP, Windows 2000, and Windows Server 2003, to address recent malicious attacks against Internet Explorer, also know as Download.Ject. Windows customers are encouraged to apply this configuration change immediately to help be protected from current Internet Explorer exploits.Download: Critical Update for Microsoft Data Access Components - Disable ADODB.Stream object from Internet ExplorerNote: If you are using Windows XP SP2 RC2 you don't need to apply this update.

posted @ Friday, July 02, 2004 9:36 AM | Feedback (0)

A date to remember...

This is an important date for italian people (like me) that have a .IT domain... the Italian Registration Authority has declared the end of the single .IT domain registration for a physical person.In Italy you can register only a single .IT domain name (if you are not a society), but from the end of August this will finish and you could register more than one .IT domain for yourself.Obviously, the requests will be a lot so... good work Registration Authority!

posted @ Friday, July 02, 2004 9:31 AM | Feedback (0)

Express and Memory Usage

Andrea Boschin today points me to this curious and interesting fact...He has tryed to install the Beta Releases of Visual Web Developer Express and Sql Server 2005 Express at the same time on a machine where Visual Studio .NET 2003 is already running... this is the result regarding memory usage:As you can see, there's a big difference of memory usage between VS2003 and the other "Express tools": VS2003 is using 6084K of memory, against the 53376K used by Visual Web Developer Express and 72528K used by Sql Server 2005 Express.Why this big difference? I hope it's only because they're on Beta stage...   

posted @ Thursday, July 01, 2004 6:14 PM | Feedback (1)