Welcome Sign in
MSDN Magazine
 Printer Friendly Version      Send     
Click to Rate and Give Feedback
Popular Articles

One-time passwords offer solutions to dictionary attacks, phishing, interception, and lots of other security breaches. Here's how it all works.

Dan Griffin

MSDN Magazine May 2008

...

Read more!

Here is an ASP.NET AJAX data-driven Web application that takes the best features from server- and client-side programming to deliver an efficient, user-friendly experience.

Bertrand Le Roy

MSDN Magazine October 2008

...

Read more!

Jason Clark

MSDN Magazine July 2003

...

Read more!

Here we describe some of the more common challenges to concurrent programming and present advice for coping with them in your software.

Joe Duffy

MSDN Magazine October 2008

...

Read more!

Now you can perform efficient, sophisticated text analysis using regular expressions in SQL Server 2005.

David Banister

MSDN Magazine February 2007

...

Read more!

Our Blog

With the releases of LINQ to SQL and the ADO.NET Entity Framework, developers now have two products from Microsoft designed to tie together relational data and object-oriented programming.

In the December 2008 issue of MSDN Magazine, Anthony Sneed provides a roadmap to these technologies and demonstrates how you can create ...

Read more!

We're currently in the process of stepping back and taking a critical look at our Web site to see how you all are using it - and how we can redesign parts of it (big or small) to make that experience better.  We are continuously receiving your feedback on existing frustrations and we are working hard to remedy those (as a general fyi, most of the frustrations have to do with navigation).  However, in order to get a sense of whether we need to look at some of the more fundamental ...

Read more!

Choosing the best alternative is a common task in software development and testing. A group of beta users may need to choose the best user interface from a set of prototypes. Or imagine the members of an open source project voting for a policy.

In the November 2008 issue of MSDN Magazine, Dr. James McCaffrey describes five of the ...

Read more!

A team project is simply a bucket that stores and partitions all of the artifacts you track and use within a Team Foundation Server (TFS) project.

In the December 2008 issue of MSDN Magazine, Brian A. Randell explains how you can use and customize the MSF Agile and MFS CMMI process templates to get the most out of them for your ...

Read more!

C# developers can use the Visual Studio Tools for the Office System (VSTO) Power Tools Office interop API extensions to streamline Office application development. The extensions provide a thin, strongly typed layer over the loosely typed Office object models.

In the December 2008 issue of MSDN Magazine, Andrew Whitechapel, Phillip Hoff, and Vladimir Morozov walk you through developing ...

Read more!
November2006 November 2006
Secure Habits: 8 Simple Rules For Developing More Secure Code
Never trust data, model threats against your code, and other good advice from a security expert. Michael Howard
Threat Modeling: Uncover Security Design Flaws Using The STRIDE Approach
Whenever you build a new system you should consider how an in¬truder might go about attacking it and then build in appropriate defenses at design time. Shawn Hernan, Scott Lambert, Tomasz Ostwald, Adam Shostack
Single Sign-On: A Developer's Introduction To Active Directory Federation Services
Use Active Directory Federation Services to allow other organizations to use your Web applications without the need for you to grant access explicitly. Keith Brown
Smart Storage: Protect Your Data Via Managed Code And The Windows Vista Smart Card APIs
Smart cards are a compelling alternative to the reliance on passwords, which are the weakest link in authentication systems. Get the Windows smart card programming basics here. Dan Griffin
Extending SDL: Documenting And Evaluating The Security Guarantees Of Your Apps
In this article, the author presents an extension to the Security Development Lifecycle Which could promote a better flow of information between users and designers of software security features. Mark Novak
SQL Security: New SQL Truncation Attacks And How To Avoid Them
Exploits using SQL injection have drawn a lot of attention for their ability to get through firewalls and intrusion detection systems to compromise your data layers. Whether it's a first-order or second-order injection, if you look at the basic code pattern, it is similar to any other injection issue where you use untrusted data in the construction of a statement. Bala Neerumalla
Code Download (2196 KB)
.Chm Files

Columns
Editor's Note: Healthy Printing
Why we use the paper we do. Joshua Trupin
Toolbox: Synchronize Files, Rich Textboxes, and More
Compare files and folders, create demo and support videos, add rich textboxes in your web apps, and more. Scott Mitchell
Basic Instincts: Server-Side Generation of Word 2007 Docs
This month, Office Open XML, which allows ASP.NET and SharePoint developers to read, write, and generate Word, Excel, and PowerPoint documents on the server without running an Office desktop application there. Ted Pattison
Test Run: Using Excel For Test Data
This month see how to use Excel for test automation storage, whether you’re just starting out with NET, or you’re an advanced programmer. Dr. James McCaffrey
Data Points: Revisiting System.Transactions
The System.Transactions namespace of the Microsoft .NET Framework makes handling transactions much simpler than previous techniques. Read all about it this month. John Papa
CLR Inside Out: Investigating Memory Issues
Memory issues can manifest in a wide variety of ways. This column shows you how to collect the data you need to determine what types of mem¬ory issues you are experiencing. Claudio Caldato and Maoni Stephens
Cutting Edge: A Tour of Windows Workflow Activities
Windows Workflow Foundation supports virtually any scenario where human opera¬tors are involved. Learn how to use it to tame your workflows. Dino Esposito
Bugslayer: Minidumps for Specific Exceptions
This installment of Bugslayer covers the use of ADPlus to create a minidump of your Microsoft .NET Framework 2.0 pro¬cesses on specific exceptions. John Robbins
Security Briefs: Limited User Problems and Split Knowledge
Keith Brown
Concurrent Affairs: The ReaderWriterGate Lock
Jeffrey Richter
.NET Matters: Event Accessors
Creating events on classes by adding the event keyword to a delegate member variable declaration. Stephen Toub
Netting C++: Introducing Regular Expressions
This month Stanley Lippman introduces the support for regular expressions in the .NET Framework. Stanley B. Lippman
{End Bracket}: Peripheral and Foveal Vision.
Considering human visual fields in software design. Bill Hill
Page view tracker