Joteke's Blog

.NET Memory Management Poster

Have a look at nice poster describing .NET memory management:
http://www.red-gate.com/products/dotnet-development/ants-memory-profiler/learning-memory-management/memory-management-poster

ASP.NET Custom Errors Security Flaw: Please Read!

** NOTE ** 

EDIT 29/9/2010

ASP.NET Security Update is now available. See here.

EDIT 21/9/2010 :

Scott Guthrie has published FAQ on the Security Vulnerability, read it here. Read his original post on the issue here.

** **

See Steve Smith's blog post for details

 http://stevesmithblog.com/blog/asp-net-custom-errors-security-flaw/

Summary: You should have custom errors enabled or HTTP error response codes (in firewall/router) disabled so that attacker can't use the information of error responses.

As Steve said: 

Please share this post and the information in it as widely as possible.  As of this moment, virtually any ASP.NET web site online can potentially be compromised with about a minute’s work.  By working together quickly, we (developers and IT pros) should be able to eliminate this vulnerability quickly, saving our companies and clients from potentially large losses

Are you aware of .NET Reflector Pro?

I'm sure many of my readers know Reflector, that tool to decompile the assemblies to see what it contains, maybe investigating what Microsoft has done with the base assemblies in .NET or maybe trying to understand 3rd party assemblies (or maybe just trying to recover the lost source code ;-) )

 It's invaluable tool to have in your tool box. One nice scenario where it helps a lot is Sharepoint development in case you are in problems with the API. But are you aware that MS gave the product to Red Gate Software (http://www.red-gate.com) which released a Pro version of Reflector (http://www.red-gate.com/products/reflector/index.htm) a couple of months ago?

Have a look at the feature set on top of the free version.

• Full support for .NET 1.0, 1.1, 2.0, 3.0, 3.5, and 4.0
• Decompile an entire assembly to either C# or VB to view and debug in Visual Studio
• Step-through debugging of any assembly in Visual Studio (as long as it's not obfuscated):
• Step into and set breakpoints anywhere in any assembly
• Watch variables in the decompiled code
• Use Visual Studio's advanced debugging features in decompiled code: Set Next Statement, modify variable values, and dynamic expression evaluation in the immediate window

 I strongly encourage you to have a look at .NET Reflector in case you haven't done so already.

Book review coming soon...

After a long silence, I will continue blogging on .NET. The becoming post will be a book review (one is confirmed for now). Timeframe is in a few weeks.

Tech tips are still on hold, it's harder to write new tips on ASP.NET anymore, feels as if everything is almost immediately covered after the product launches so planning a writing serie or something beforehand isn't really interesting. I'd love to blog about new things...

Silverlight 3 is released

See ScottGu's post for details:
http://weblogs.asp.net/scottgu/archive/2009/07/10/silverlight-3-released.aspx

Survey: Ajax usage among .NET developers

Simone has created a survey to better understand Ajax usage among .NET developers. It would be nice if You could also complete it, if you haven't done so yet, as there are also MS people interested in the results. More answers means more understanding there too plus can also help evaluating the future for Ajax techniques.

Here's direct link to the survey.

What's new in the BCL in .NET 4 Beta 1 (from BCL Team blog)

Interesting stuff : http://blogs.msdn.com/bclteam/archive/2009/05/22/what-s-new-in-the-bcl-in-net-4-beta-1-justin-van-patten.aspx

My favorite features are parallel extensions, code contracts (I was familiarized with them thanks to Peli ), memory mapped files and compression improvements. Hell, any improvement to the current state is great! :-D And wait till you see the list of ASP.NET improvements. Scott Galloway has already blogged about a few of them...

Visual Studio 2010 and .NET Framework 4.0 Training Kit - May Preview is available

Thanks to Bill Evjen for informing about this.

Download: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=752cb725-969b-4732-a383-ed5740f02e93

The Visual Studio 2010 and .NET Framework 4 Training Kit includes presentations, hands-on labs, and demos. This content is designed to help you learn how to utilize the Visual Studio 2010 features and a variety of framework technologies including:

C# 4.0
Visual Basic 10
F#
Parallel Extensions
Windows Communication Foundation
Windows Workflow
Windows Presentation Foundation
ASP.NET 4
Entity Framework
ADO.NET Data Services
Managed Extensibility Framework
Visual Studio Team System

This version of the Training Kit works with Visual Studio 2010 Beta 1 and .NET Framework 4 Beta 1.

Do You Want To Give Feedback on ASP.NET 4.0 Beta 1?

If you do, then head to ASP.NET Forums / ASP.NET Beta 1 Forum

And if you look for where to get VS2010 / ASp.NET 4.0 Beta 1, then have a look at here 

Get Your Copy of Windows 7 RC!

See: http://www.microsoft.com/windows/windows-7/download.aspx

I've installed Win7 RC on VMWare Server 2 (2.0.1), earlier today, and it went smoothly. There's not yet option for Win7 in VMWare Server, but using Windows Server 2008 as a guest OS when creating the VM worked fine. Nothing mystical here.

Office System 2007 SP2 now available

More details:

http://blogs.msdn.com/chrisfie/archive/2009/04/28/announcing-service-pack-2-sp2-for-microsoft-project-2007-and-microsoft-project-server-2007.aspx

Edit: List of all packages in the SP 2: http://support.microsoft.com/kb/968170

and also download:

http://www.microsoft.com/downloads/details.aspx?FamilyId=B444BF18-79EA-46C6-8A81-9DB49B4AB6E5&displaylang=en

Free ASP.NET MVC “NerdDinner” Tutorial Now in HTML

From: http://weblogs.asp.net/scottgu/archive/2009/04/28/free-asp-net-mvc-nerddinner-tutorial-now-in-html.aspx

You can read the tutorial here.

Sharepoint Designer is now free!

Late to this game, as usual but still adding here. From: http://blogs.msdn.com/sharepoint/archive/2009/04/02/sharepoint-designer-available-as-a-free-download.aspx

Sharepoint Team made Sharepoint Designer available as a free download. I've been using SD for customizing our internal site we use to run our processes, it is invaluable tool.

Release time: Silverlight 3 beta, ASP.NET MVC 1.0, IE8...

You're blessed to be web developer nowadays :-)

Lots of interesting releases by MS lately:

ASP.NET MVC 1.0
http://haacked.com/archive/2009/03/18/aspnet-mvc-rtw.aspx 
download: http://www.microsoft.com/downloads/details.aspx?FamilyID=53289097-73ce-43bf-b6a6-35e00103cb4b&displaylang=en
source: http://aspnet.codeplex.com/Release/ProjectReleases.aspx?ReleaseId=24471

Internet Explorer 8
http://blogs.msdn.com/ie/archive/2009/03/19/internet-explorer-8-final-available-now.aspx

Silverlight 3 beta
http://silverlight.net/getstarted/silverlight3/default.aspx

And also a few other interesting ones too from ASP.NET Team's Codeplex site

ASP.NET Dynamic Data 4.0 Preview 3
ASP.NET AJAX 4.0 Preview 4
WCF REST Starter Kit Preview 2
ASP.NET 4.0 Cache Extensibility

Enjoy!

"Security Guidance for Writing and Deploying Silverlight Applications" whitepaper released

Do you have concerns with Silverlight's security aspects? MS has just released the whitepaper "Security Guidance for Writing and Deploying Silverlight Applications"

Download it from here