Microsoft is making it easy for third-party developers to bulletproof their software using the same security assurance process that the company applied when building products such as Windows 7 and Windows Vista. In this sense, the software giant continues on a path it set on a few years back when it started sharing resources and guides associated with the Microsoft Security Development Lifecycle with the developer community. Devs looking to secure their software leveraging the same range of security activities used by Microsoft in developing solutions starting with Vista can take advantage of such resources as the Simplified Implementation of the Microsoft SDL white paper, which can be grabbed from the Microsoft Download Center.
“Because Microsoft created the SDL, some people think they have to have Microsoft-like resources to be able to implement it,” revealed David Ladd, principal security program manager of Microsoft’s SDL Team. “It’s true that we do invest a lot in the SDL, but that’s largely because we have so many products that go through it. This paper sets out how any development team — even teams of eight to 10 developers — can implement the SDL.” More »
When you consider that computers now consume about 10 percent of the electricity generated in North America and that a great many PCs still end up in landfills, leaching deadly chemicals, it makes sense to adopt more eco-friendly computing options.
John Hiddema, technical consultant for Nerds on Site, is one of the many people making a conscious effort to go green. He recycles, buys organic produce, uses cleaning products less harmful to the environment, owns energy-efficient appliances, and has configured his
PC to use less energy. He’s also going green on the job. Some of the work he does for clients’ computer systems can be done remotely from his home office, drastically reducing his need for a car.
Here are some tips for making your technology use more eco-friendly.
1. Manage power consumption
Did you know that approximately 40 percent of the energy used for home electronics is consumed while these devices are turned off or idling? Techies refer to computers and related gadgets that draw power while not in use as vampire load. Turn off and unplug everything when you’re not using it. Even simpler: shut down everything and then turn off the power bar. More »
Watcher version 1.1.0 is now available for download from Microsoft’s repository of open-source projects. The Redmond company is not the author of Watcher, but it is certainly recommending the tool via its online hotspot dedicated to the Security Development Lifecycle. Put together by Casaba Security, Watcher is designed to enhance Fiddler proxy, a tool developed by Eric Lawrence, IE program manager. In this context, the plug-in from Casaba Security complements Lawrence’s web debugging proxy, closely monitoring and analyzing HTTP traffic.
“Watcher is a plug-in for Eric Lawrence’s Fiddler proxy aimed at helping developers and testers find security issues in their web-apps fast and effortlessly. Because it works passively at runtime, you have to drive it by opening a browser and cruising through your web-app as an end user. For the developer, the tool can provide a quick sanity check, so you can find problems and hot-spots that warrant further attention. In the hands of a pen-tester it can assist in finding issues that lead to other attacks like XSS and CSRF,” revealed Chris Weber of Casaba Security. More »