Really:

Since they are hard to conceal, the study says, noses would work well for identification in covert surveillance.

The researchers say noses have been overlooked in the growing field of biometrics, studies into ways of identifying distinguishing traits in people.

"Noses are prominent facial features and yet their use as a biometric has been largely unexplored," said the University of Bath's Dr Adrian Evans.

"Ears have been looked at in detail, eyes have been looked at in terms of iris recognition but the nose has been neglected."

The researchers used a system called PhotoFace, developed by researchers at the University of the West of England, Bristol and Imperial College, London, for the 3D scans.

Good legal paper on the limits of identity cards: Stephen Mason and Nick Bohm, "Identity and its Verification," in Computer Law & Security Review, Volume 26, Number 1, Jan 2010.

Those faced with the problem of how to verify a person's identity would be well advised to ask themselves the question, 'Identity with what?' An enquirer equipped with the answer to this question is in a position to tackle, on a rational basis, the task of deciding what evidence will be useful for the purpose. Without the answer to the question, the verification of identity becomes a sadly familiar exercise in blind compliance with arbitrary rules.

Interesting commentary:

I don't think this is really a case about ISP liability at all. It is a case about the use of a person's image, without their consent, that generates commercial value for someone else. That is the essence of the Italian law at issue in this case. It is also how the right of privacy was first established in the United States.

The video at the center of this case was very popular in Italy and drove lots of users to the Google Video site. This boosted advertising and support for other Google services. As a consequence, Google actually had an incentive not to respond to the many requests it received before it actually took down the video.

Back in the U.S., here is the relevant history: after Brandeis and Warren published their famous article on the right to privacy in 1890, state courts struggled with its application. In a New York state case in 1902, a court rejected the newly proposed right. In a second case, a Georgia state court in 1905 endorsed it.

What is striking is that both cases involved the use of a person's image without their consent. In New York, it was a young girl, whose image was drawn and placed on an oatmeal box for advertising purposes. In Georgia, a man's image was placed in a newspaper, without his consent, to sell insurance.

Also important is the fact that the New York judge who rejected the privacy claim, suggested that the state assembly could simple pass a law to create the right. The New York legislature did exactly that and in 1903 New York enacted the first privacy law in the United States to protect a person's "name or likeness" for commercial use.

The whole thing is worth reading.

The "Microsoft Online Services Global Criminal Compliance Handbook (U.S. Domestic Version)" (also can be found here, here, and here) outlines exactly what Microsoft will do upon police request. Here's a good summary of what's in it:

The Global Criminal Compliance Handbook is a quasi-comprehensive explanatory document meant for law enforcement officials seeking access to Microsoft's stored user information. It also provides sample language for subpoenas and diagrams on how to understand server logs.

I call it "quasi-comprehensive" because, at a mere 22 pages, it doesn't explore the nitty-gritty of Microsoft's systems; it's more like a data-hunting guide for dummies.

When it was first leaked, Microsoft tried to scrub it from the Internet. But they quickly realized that it was futile and relented.

Lots more information.

Funny:

MOUNTAIN VIEW, CA?Responding to recent public outcries over its handling of private data, search giant Google offered a wide-ranging and eerily well-informed apology to its millions of users Monday.

"We would like to extend our deepest apologies to each and every one of you," announced CEO Eric Schmidt, speaking from the company's Googleplex headquarters. "Clearly there have been some privacy concerns as of late, and judging by some of the search terms we've seen, along with the tens of thousands of personal e-mail exchanges and Google Chat conversations we've carefully examined, it looks as though it might be a while before we regain your trust."

Google expressed regret to some of its third-generation Irish-American users on Smithwood between Barlow and Lake.

Added Schmidt, "Whether you're Michael Paulson who lives at 3425 Longview Terrace and makes $86,400 a year, or Jessica Goldblatt from Lynnwood, WA, who already has well-established trust issues, we at Google would just like to say how very, truly sorry we are."

Stack-Terrorist has reported a vulnerability in the ConcoursPhoto module for KwsPHP, which can be exploited by malicious people to conduct SQL injection attacks.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

Some security issues and vulnerabilities have been reported in Nortel Communication Server, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

irvian has discovered a vulnerability in LiveCart, which can be exploited by malicious people to conduct SQL injection attacks.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

A security issue has been reported in ezRADIUS, which can be exploited by malicious people to disclose sensitive information.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

A security issue has been reported in Symantec Altiris Deployment Solution, which can be exploited by malicious, local users to disclose sensitive information and potentially gain escalated privileges.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to manipulate certain data.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

Sun has acknowledged some vulnerabilities in Solaris, which can be exploited by malicious users to cause a DoS (Denial of Service).


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to bypass certain security restrictions.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

__GiReX__ has reported a security issue in LightNEasy, which can be exploited by malicious people to disclose sensitive information.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

poplix has reported some vulnerabilities in Parallels VZPP, which can be exploited by malicious people to conduct cross-site request forgery attacks and potentially compromise a vulnerable system.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

Debian has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

A vulnerability has been reported in rsync, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

Ubuntu has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

Some vulnerabilities have been reported in EMC DiskXtender, which can be exploited by malicious people to bypass certain security restrictions or by malicious users to compromise a vulnerable system.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

dun has reported a vulnerability in Ksemail, which can be exploited by malicious people to disclose sensitive information.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

A vulnerability has been reported in Sun Grid Engine, which can be exploited by malicious, local users to cause a DoS (Denial of Service).


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

Debian has issued an update for gnumeric. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

Gentoo has issued an update for tomcat. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, by malicious users to disclose potentially sensitive information, and by malicious people to manipulate certain data or to disclose sensitive information.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

Gentoo has issued an update for am-utils. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

Gentoo has issued an update for lighttpd. This fixes a security issue and a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

t0pP8uZz has reported two vulnerabilities in iScripts SocialWare, which can be exploited by malicious users to compromise a vulnerable system, and by malicious people to conduct SQL injection attacks.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

A security issue has been reported in the Simple Access module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

A vulnerability has been reported in Openfire, which can be exploited by malicious people to cause a DoS (Denial of Service).


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

Simon Ryeo has reported a vulnerability in CDNetworks Nefficient Download, which can be exploited by malicious people to compromise a user's system.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.

Change in Focus

Twitter attacker had proper credentials

PhotoDNA scans images for child abuse

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909

Conficker data highlights infected networks

Google offers bounty on browser bugs

Cyberattacks from U.S. "greatest concern"

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909

Microsoft patches as fraudsters target IE flaw

Attack on IE 0-day refined by researchers

Monster botnet held 800,000 people's details

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909

Google: 'no timetable' on China talks

Latvian hacker tweets hard on banking whistle

MS uses court order to take out Waledac botnet

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909

Enterprise Intrusion Analysis, Part One

Responding to a Brute Force SSH Attack

Data Recovery on Linux and <i>ext3</i>

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909

WiMax: Just Another Security Challenge?

Time to Squish SQL Injection

Lazy Workers May Be Deemed Hackers

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909

The Scale of Security

Hacker-Tool Law Still Does Little

News, Infocus, Columns, Vulnerabilities, Bugtraq ...

Pidgin Multiple Denial of Service Vulnerabilities

Microsoft Internet Explorer 'iepeers.dll' Remote Code Execution Vulnerability

Microsoft Excel FNGROUPNAME Record Remote Code Execution Vulnerability

Squid Web Proxy Cache HTCP Request Processing Remote Denial of Service Vulnerability

[USN-908-1] Apache vulnerabilities

[ MDVSA-2010:059 ] virtualbox

[SECURITY] [DSA-2010-1] New kvm packages fix several vulnerabilities

Secunia Research: XnView DICOM Parsing Integer Overflow Vulnerability

News, Infocus, Columns, Vulnerabilities, Bugtraq ...

Microsoft Updates for Multiple Vulnerabilities

Microsoft Updates for Multiple Vulnerabilities

Vulnerability Summary for the Week of March 1, 2010

Vulnerability Summary for the Week of February 22, 2010

Understanding Your Computer: Web Browsers

Malicious Activity Associated with "Aurora" Internet Explorer Exploit

Vulnerability Summary for the Week of February 15, 2010

Vulnerability Summary for the Week of February 8, 2010

Understanding Your Computer: Operating Systems

Microsoft Updates for Multiple Vulnerabilities

Apple today announced that its magical and revolutionary iPad will be available in the US on Saturday, April 3, for Wi-Fi models and in late April for Wi-Fi + 3G models. In addition, all models of iPad will be available in Australia, Canada, France, Germany, Italy, Japan, Spain, Switzerland and the UK in late April. Beginning a week from today, March 12, US customers can pre-order both Wi-Fi and Wi-Fi + 3G models from Apple?s online store or reserve a Wi-Fi model to pick up on Saturday, April 3, at an Apple retail store.

For the third year in a row Apple has been named the World?s Most Admired Company by Fortune Magazine ? this year by the widest margin ever. What makes Apple so admired? Fortune explains: ?Product, product, product. This is the company that has changed the way we do everything from consume music to design products to engage with the world around us.? Apple also ranked #1 in Innovation among all companies.

The New York Times caught up with 10 billion song download winner Louie Sulcer and asked him about his prize, a $10,000 iTunes gift card. Says the 71-year-old Sulcer,?I don?t think I?ll have to worry about buying birthday and Christmas presents anytime soon.?

Apple today announced that music fans have purchased and downloaded over 10 billion songs from the iTunes Store, the world?s most popular online music, TV, and movie store.

Apple today introduced Aperture 3, the next major release of its powerful photo editing and management software. Aperture 3 offers more than 200 new features including Faces, Places, and Brushes. A 30-day trial is now available for download.

In its offices from Baltimore to Shanghai, international architecture firm RTKL uses iPhone to stay in touch, access apps that enable creative collaboration, and travel with ease.

Apple today introduced iPad, a revolutionary device for browsing the web, reading and sending email, enjoying photos, watching videos, playing games, reading e-books, and much more. Its high-resolution Multi-Touch display lets you interact with content ? including 12 innovative new apps designed especially for iPad and almost all of the 140,000 apps available on the App Store. At just 0.5 inches thick and 1.5 pounds, iPad is thinner and lighter than any laptop or notebook. iPad will be available at the breakthrough price of just $499.

Apple today announced financial results for its fiscal 2010 first quarter. The company reported its highest quarterly revenue and profit to date and outlined new accounting standards.

Last week?s update of Logic Pro to include 64-bit support is getting rave reviews at the National Association of Music Merchants (NAMM) trade show, according to The Loop. Music industry professionals like audio engineer CJ Vanston tout Logic Pro 9.1 as ?a game changer,? noting that ?the 64-bit gauntlet has been thrown down by Apple with Logic.?

A clever new infographic from gigaom.com shows how the App Store puts more than 100,000 apps at your fingertips ? and generates millions of dollars for app developers worldwide.

?Design USA: Contemporary Innovation? at the Cooper-Hewitt National Design Museum in New York offers visitors an iPod touch on which to access exclusive exhibition content. The iPod touch supplements the physical exhibition with ?a wealth of interviews, slide shows and snippets of performances, all related to the 78 architects and designers represented in the show. Available free, this device sends the traditional audio guide the way of the one-horse buggy.?

Today, MobileMe introduced a new Gallery app for iPhone and iPod touch. The app features iPhone- and iPod touch-optimized controls and beautiful gallery displays that make browsing photos and videos easier and more interactive than ever before. The Gallery app is free for MobileMe members and available now on the App Store in iTunes.

Now available for download, FileMaker Bento 3 Contact and Customer Manager is the fast, free, and easy way to get instant access to contact and customer details. View call history, notes from meetings and conversations, upcoming to-do items, related documents and files, important emails, sales opportunities, receipts, and more. This download includes a free trial of new Bento 3 for Mac.

Julio Ojeda-Zapata (twincities.com) reports that the iPod touch ?has taken classrooms by storm? in several Minnesota K-12 schools, increasing student enthusiasm and engagement and offering new ways to teach children with special needs.

Thomas Houston (switched.com) reports that Pro photographer Chase Jarvis has created Best Camera, an iPhone app ?that lets you shoot, apply multiple filters and effects, and share via Facebook, Twitter, e-mail, and the Best Camera photography community.? In an accompanying video, Jarvis discusses mobile photography, shooting, and his new app.

As one of the largest research universities in the United States, the University of Washington brings together 65,000 students, faculty members, and administrative staff. From the laboratory to the dormitory, this thriving academic community stays connected with iPhone and the university?s proprietary m.UW app, which gives students and staff mobile access to campus maps, news, directories, course schedules, and lectures.

Brian X. Chen (wired.com) reports that Abilene Christian University has just finished the first year of a pilot program in which 1,000 freshman students each received a free iPhone or iPod touch to explore how the always-connected devices ?might revolutionize the classroom experience with a dash of digital interactivity.? Says Bill Rankin, a professor who helped plan the initiative: ?I think this is the next platform for education.?

Reviewer Peter Cohen (loopinsight.com) writes that ?iPhone and iPod touch both make great handheld gaming systems? and offers thirty reasons why in a select roundup of racing, action, and strategy games available in the App Store.

DLA Phillips Fox, founded 145 years ago, is one of Australia?s largest legal firms, providing services in 29 countries around the world. With iPhone in the hands of almost every partner in the 1,300-person firm, they can offer faster, more flexible responses to their clients? legal needs. John Dockett, General Manager of IT, says choosing iPhone was ?one of the smarter things we ever did.?

In an in-depth review of Mac OS X Snow Leopard Server, Ryan Faas (computerworld.com) cites ?performance gains, improvements to several collaboration tools introduced in Leopard Server, enhanced simple administration for non-technical users and new features designed for mobile access and for supporting the iPhone.? Adds Fass: ?Snow Leopard Server is a tremendous value.?

Legacy Dev2Dev and Arch2Arch Newsgroups have migrated to forums.oracle.com in the form of a searchable, read-only archive.

Help your end-users digest information by implementing cell highlighting in your rich enterprise applications. From Oracle ACE Director Lucas Jellema.

Learn how to create a cheap but fully functional Oracle Extended RAC implementation in a virtualized environment, step by step. (Not validated by Oracle; for educational purposes only.)

The latest addition to the My Oracle Support platform, My Oracle Support Community is an integrated, multi-channel online collaboration portal that leverages the latest Web 2.0 technologies to provide access to a vast knowledge repository.

When redevelopment is necessary, the concepts used in a Forms application can be mapped to the Java platform using Oracle JDeveloper and ADF. This technical case study illustrates this process.

Oracle ACE Director Arup Nanda's 20-part series of how-tos about top new features for DBAs and developers is now complete?spanning Schema Management, Caching and Pooling, Data Warehousing & OLAP, and much more.

Get an overview of real-world testing methodologies, as well as a getting-started introduction to Oracle Test Manager for Web Applications.

Oracle JDeveloper 11g showcases new features to provide a full development environment for Java EE 5, and rounded out with new features for Ajax developers, including new ADF Faces Rich Client components as well as JavaScript editing and debugging. Web services development is also greatly improved.

Come here to start creating SOA with your JD Edwards EnterpriseOne applications. "Best Practices" are offered for how to service-enable JD Edwards EnterpriseOne Business Services, and then build integrations, business processes and composite applications using Fusion Middleware technology.

MOSCOW – March 3, 2010 – Oversun-Mercury today announced that it has opened  a commercial data center in Moscow to address the growing needs of Russian businesses for managed data center services. The data center network infrastructure is based on Cisco® hardware and software. The resilient core of the network is made of Cisco switches (Cisco Catalyst® 6509-NEB) and ...

March 2, 2010 At the RSA Conference 2010 in San Francisco, Cisco announced a new take on an old security staple: the virtual private network. Purpose-built for a world in which workers are increasingly mobile and the companies they work for increasingly "borderless," the new offering will keep people securely connected to their company's network no matter where they are or what device ...

SAN FRANCISCO, CA and HANNOVER, GERMANY – March 2, 2010 – Cisco is tackling today's enterprise security challenges with a new architecture that will help enable business users to access information from any device and any location with a high degree of ease and security. The company announced the Cisco® Secure Borderless Network architecture, which evolves enterprise security ...

February 24, 2010 Talk2Cisco is a live, real-time, social, interactive, online video broadcast featuring Cisco leaders answering questions submitted by you, the viewer.  Using Ustream.tv, Talk2Cisco puts you directly in touch with the source of the information, covers topics of interest to you and connects you with others who follow Cisco business and technology. Join the ...

SILICON VALLEY, Calif. - Jan. 26, 2010 - As enterprises move toward a data center that is 100 percent virtualized, Cisco, NetApp (NASDAQ: NTAP) and VMware (NYSE: VMW) today announced that they are expanding their long-standing collaboration to deliver new design architectures that help customers evolve virtualized data centers to be more efficient, dynamic and secure. The three companies ...

Join your local MSDN Events team as we take a deep dive into Microsoft Windows Azure. We'll start with a developer-focused overview of this brave new platform and the cloud computing services that can be used to build amazing applications. As the day unfolds, we'll explore data storage, Microsoft SQL Azure, and the basics of deployment with Windows Azure.

Find out how Cigital, an SDL Pro Network member, assisted a large insurance company adopt the Microsoft SDL. The case study describes both the business drivers leading up to the company's recognizing the need for incorporating the SDL within their development process as well as the initial roll out of the SDL.

Everything you could ever want to know about Windows Phone 7 Series is at MIX10 on March 15-17 in Las Vegas. You'll preview the new development platform, see how to work with the Windows Phone 7 Series development tools, and get a tour of the Windows Phone Marketplace. MIX10 attendees will receive access to the Windows Phone 7 Series development tools and have access to a dedicated track on the Windows Phone 7 Series platform that runs throughout the event. As a MIX10 attendee, you'll also receive exclusive free developer support for the Windows Phone 7 Series development tools. Don't miss this unique opportunity.

Create a fun game in Blend and gain valuable experience using Behaviors by watching this 10-video series with downloadable guide and files.

From simplified setup to tracking tasks and tests, learn how to take advantage of the great features of Microsoft Visual Studio Team Foundation Server (TFS) 2010. BenkoTips Live and On Demand brings events to you - this webcast series is dedicated to helping developers explore the possible.

Learn how Security Innovation, an SDL Pro Network member, helped Sony Corporation improve its SDL security level from basic to standardized.

As announced in 2008, support for Windows XP Service Pack 2 (SP2) and Windows 2000 will end on July 13, 2010. Support for Windows Vista Release to Manufacturing (RTM) will end on April 13, 2010. To help ensure your Windows Vista PCs stay secure and up to date, make sure they are running Windows Vista Service Pack 1 (SP1) or SP2. If you are running Windows XP, stay more secure by moving to Windows XP Service Pack 3 (SP3) or migrating to Windows 7. If you are running Windows 2000, we recommend that you move to Windows 7 as no additional support or updates will be offered for the Windows 2000 operating system. Visit the End of Support Center for more details.

Find learning paths and guidance for some of the top developer career paths in the industry, then get started with special discounts on e-learning, e-reference libraries, and classroom training.

This workshop will help you understand how to build software that is better designed, more maintainable, and more testable. The morning comprises presentations on SOLID and other important object-oriented programming skills. The afternoon is just one big pair-programming session to work and learn hands-on how to use the principles discussed in the morning. While we will be using mostly .NET and Visual Studio, these practices work for any language or platform. Register now to join this free one-day workshop for learning core skills for modern developers.

Register for the Black Hat and SDL webcast "Security Starts at the Beginning," on Thursday February 25th at 10:00 A.M. Pacific Time. Hear our new SDL Pro Network members talk about secure development practices.

Understand the core concepts of the Microsoft SDL and learn how to implement it in your organization. The Simplified Implementation of the Microsoft SDL will help you identify which software development security activities you need to perform in order to be SDL compliant.

Get introduced to the Microsoft Bing Maps Server - the on-premises, offline, or secure intranet version of the Microsoft Bing Maps Internet mapping platform. Learn how it's designed for customers who need a Web browser-based mapping solution that's not connected via the Internet.

The Second Shot program allows a free retake if you do not pass an IT professional or developer Microsoft Certification exam the first time. You must take both the first and (if necessary) the retake exam before June 30, 2010.

In this video Scott Golightly will walk through a sample application that will take advantage of Windows Azure Storage to communicate between different application roles and complete a business task.

Embed security in your Agile Development project with the MSF-Agile+SDL Process Template. It's a TFS process template that integrates the policy, process, and tools of the Security Development Lifecycle (SDL) for Agile process guidance into the MSF Agile development framework.

Based on Microsoft's flagship SQL Server product, SQL Azure represents Microsoft's relational storage offering for the cloud. In this video, Hilton Giesenow, host of the MOSS Show SharePoint podcast, takes us through getting started with signing up and configuring our first SQL Azure database.

MIX10 favorites Scott Guthrie and Bill Buxton have been announced as keynote speakers. Come hear these experts and others speak on UX, design, Windows phone, and much more. Register by February 21st to take advantage of the US$200 discount on your pass.

As an MSDN Premium Subscriber, you can leverage your MSDN subscription to obtain over 700 hours of compute time on Windows Azure to test and develop your latest cloud applications. U.S. developers can also benefit from no-cost phone and e-mail technical support to help fast-track your cloud application development by using Front Runner for Windows Azure.

Web design agencies and partners called to submit a redesign strategy incorporating Microsoft Web Technologies for bgca.org, the Web site for Boys & Girls Clubs of America. Deadline for entries is February 19, 2010.

In this live Security Talk webcast, discover how CAT.NET includes a set of FxCop security rules that help you identify security flaws in a managed-code (C#, Visual Basic .NET, Visual J#) application you are developing.

With the SDL Quick Security Reference (QSR), the Security Development Lifecycle (SDL) team introduces a series of basic guidance papers designed to address common vulnerabilities from the perspective of multiple business roles - business decision maker, architect, developer, and tester/QA. These papers are intended to help you address a critical business problem now while moving you toward SDL adoption in the future.

Windows Azure in an open platform. This means you can run applications written in .NET, PHP, or Java. In this video Scott Golightly will show how to create and run a Java application in Windows Azure.

MIX10 favorites Scott Guthrie and Bill Buxton have been announced as keynote speakers at this year's conference. Don't miss the opportunity to hear from these experts and others on UX, design, Windows phone, and much more. Register by February 7th to take advantage of the US$400 discount!

Discover how to bring Microsoft Silverlight and Microsoft SharePoint Server 2010 together to build and deploy Web parts and field controls, access and update SharePoint content from Silverlight, handle large data sets, and build client-side connections between Silverlight Web parts.

Receive 30% off all Microsoft Expression version 3 design software (both full and upgrade versions) through the Microsoft Online Store when you buy before January 31st. (Promotion applies to U.S. only.)

Why are Web development tasks so complex? Discover the right combination between the greatest Web benefits and the most mature development paradigms during this webcast.

This update will address a potential remote code execution vulnerability.

MSDN events are free, interactive sessions that deliver hands-on technical content on data storage, SQL Azure, and deploying apps on Windows Azure with lots of time to ask questions. Chat with your peers and get the skills that can help you get ahead. Find one near you and register now at msdnevents.com.

Microsoft Visual Studio 2010 takes great strides toward making your development environment faster, easier, and more intuitive. From project types to the start page to the toolboxes, we'll explore how you can use the new integrated development environment (IDE) to build great software.

Anil Revuru (RV), from Microsoft Information Security, provides guidance on the expansion of what used to be the Anti-XSS Library. This enhanced version of the library will introduce mitigation to other attacks, including SQL injection, cross-site request forgery (CSRF), and setting enforcement like SSL & HTTP_ONLY cookies.

Stream or download on-demand webcasts and videos and learn about the new features and enhancements in Microsoft Expression 3. Learn how to add a Microsoft Silverlight video to your pages, customize the player, and encode the video using Microsoft Expression Encoder. Dive into this content today and hear about DeepZoom, Dynamic Web Templates, and SuperPreview. Discover how these professional design tools can give you the flexibility and freedom to bring your vision to reality - whether you are designing standards-based Web sites, rich user experiences on the desktop, or managing digital assets and content.

In this webcast, learn how to integrate and deliver complete Windows HPC Server solutions to your customers, covering tools, ISV applications, and open source applications.

MSDN Events always deliver the latest technical content and hands-on skills for developers. Sign up now for these free, live learning sessions in your local area.

Maqbool Malik and Anil Revuru (RV), from Microsoft Information Security, talk about the newly designed version of CAT.NET, which will be part of the Assessment & Protection (A&P) suite. CAT.NET is a static analysis tool for Visual Studio that helps find vulnerabilities in managed code, including SQL injection, CSRF, XSS, and more.

Receive 30% off all Microsoft Expression version 3 design software (both full and upgrade versions) through the Microsoft Online Store through January 8. (Promotion applies to U.S. only.)

This video shows the additions to the Anti-XSS Library, as the new Web Protection Library (WPL) tool provides protection beyond just XSS vulnerabilities.

Learn how to build applications that use Windows Azure and SQL Azure in this self-paced course of videos, samples and hands-on labs.

Web designers are faced with two major challenges: to create a great-looking and highly functional Web site and to fill that site with useful content so that people visit. Learn how WordPress represents a perfect separation of style and content, leaving you to use the powerful coding and styling features of Expression Web to the fullest to realize your vision on the Web.

Wondering what a Mac-centric design team might make of Expression Blend and Silverlight? Read on.

Created for software developers as well as IT professionals, this training course includes videos, white papers, datasheets, presentations, and webcasts?all designed to help give you a thorough understanding of the productive, cost-effective, and high-performance computing solution that Windows HPC Server 2008 and other Microsoft technologies provide.

Give the gift of technical education, and save US$300 on the full Tech·Ed conference fee.

Receive 30% off all Microsoft Expression version 3 design software (both full and upgrade versions) through Microsoft Online Store when you buy before December 28. (Promotion applies to U.S. only.)

This 8-minute video will give you a brief overview of the MiniFuzz File Fuzzer and will walk you through how to configure and use MiniFuzz to perform fuzz testing - a required activity in the verification phase of the Microsoft SDL - on an application. The walkthrough launches MiniFuzz as an add-on to Visual Studio and demonstrates integration with TFS, showing automatic creation of work items from detected crashes.

Created for software developers as well as IT professionals, this training course includes videos, white papers, datasheets, presentations, and webcasts - all designed to help give you a thorough understanding of the productive, cost-effective and high-performance computing solution that Windows HPC Server 2008 and other Microsoft technologies provide.

Identity has never been so easy. Whether you develop ASP.NET Web sites or WCF Web services, this self-paced training course will show you how you can take advantage of Windows Identity Foundation, the newest addition to the .NET Framework family, to handle identity and access for your .NET applications in simple and interoperable fashion. The hands-on labs assume no prior knowledge of the subject, covering the most common task first, while more advanced scenarios allow the developers who chose so to explore the topic in more depth.

Join us for MIX10, a 3 day event full of inspiration, content, and networking. MIX10 is a 72-hour conversation to learn about Microsoft's Web platform and tools such as Windows Mobile, Silverlight, Expression, and ASP.NET. Register by January 15th and save US$600 on your pass and US$196 towards a free night at Mandalay Bay.

Learn how the Windows Live team applied the Security Development Lifecycle (SDL) while developing new Windows Live services with ASP.NET MVC.

Discover new developer features in the Windows 7 operating system with these online resources. Attend a live webcast and learn about using Jump Lists, how to improve robustness and performance, or how the Windows PowerShell?based platform lets you easily monitor multiple data sources. Step into a virtual lab and explore Shell Libraries, Windows Taskbar, and Windows Ribbon, among other features. Watch videos that demonstrate the Windows Touch and handwriting recognition capabilities. Dive into this content today to start learning about Windows 7.

Learn key features of the Bing Maps Silverlight control, which include data binding, support for multiple languages, Expression Blend, and more.

Visit Thrive today for career advice, training programs, job postings, event listings, and a wide range of tools that can help you stand out and get ahead.

See how SharePoint 2010 is a major step forward as a development platform. Learn how SharePoint 2010 provides the business collaboration platform for developers to rapidly build solutions using familiar tools such as Visual Studio 2010 through this self-paced course.

Learn how the Microsoft Silverlight team met and exceeded the Security Development Lifecycle (SDL) requirements for every phase of the Silverlight 1.0 release.

Join Dan Polivy, Gavin Gear, product team PMs, and Yochay Kiriaty, Technical Evangelist, as they explain the Windows 7 Sensor and Location platform, the underlying architecture, and how developers can take advantage of this new and exciting platform.

Discover how Office 2010 Beta is a broadly extensible platform for building information worker productivity solutions and see how developing for Office with Visual Studio 2010 makes this easy. See online presentations with demos to introduce you to the core concepts and tools.

The Media Foundation Team at Microsoft has launched a new blog to provide in-depth information about Media Foundation programming, to help get you started with Media Foundation in your own applications, and to get feedback from the developer community.

SharePoint Server 2010 Beta provides an extensible platform to rapidly build solutions using familiar tools such as Visual Studio 2010 and SharePoint Designer 2010.

Anil Revuru (RV), Senior Software Developer from Microsoft Information Security, demonstrates the new features of the Anti-XSS Library v3.1. These include HTML Sanitization, which provides new methods to the Anti-XSS class to strip malicious characters or scripts from HTML and returns safe HTML.

Attend SANS AppSec 2010 training with 7 different courses in San Francisco, January 29 through February 3, including "Developer 320: Introduction to the Microsoft Security Development Lifecycle (SDL)." SANS is an SDL Pro Network member.

SQL Server 2008 R2 delivers several breakthrough capabilities that will enable your organization to scale database operations with confidence, improve IT and developer efficiency, and enable highly scalable and well-managed business intelligence on a self-service basis for your users. MSDN and TechNet subscribers can download the SQL Server 2008 R2 November CTP today.

Watch Reed Townsend and Yochay Kiriaty as they explore multi-touch in Windows 7. They will cover basic out-of-the-box support for legacy applications, as well as for applications optimized for multi-touch, and explain the "Good, Better, and Best" programming model.

David Washington and Paul Gusmorino demonstrate the key enhancements in Windows 7 for finding and organizing your files. David and Paul show off the ways that the team has simplified the Windows Explorer, the new Libraries feature, which is a virtual collection of your music, photos, and video, wherever they may be, including on multiple machines. You'll also see how to use the Library pane to easily find and filter your data.

Watch the PDC09 keynotes streaming live in Silverlight! Keynoters Ray Ozzie and Bob Muglia kick things off on November 17, and Scott Guthrie and Kurt DelBene will keynote on November 18. Keynotes start at 8:30 A.M. Pacific Time on both days. Don't miss this opportunity to hear about the future of the Microsoft developer platform directly from these technical leaders. As always, the PDC team has a few secret announcements up their sleeve, so tune in online and be among the first to get the news!

Explore this significant release via a self-paced training course of videos and hands-on labs with a focus on performance, Web, virtualization, and other server solution scenarios. Learn how to develop applications for many-core scale, enable trigger-started services, automate your services with Windows Powershell, and create new integrated solutions with the File Classification Infrastructure.

Embrace lightweight software security practices with the Security Development Lifecycle for Agile Development, a streamlined approach that melds Agile methods and security.

Join Yochay Kiriaty, Windows 7 Technical Evangelist, and Taskbar product team members Chaitanya Sareen, Trish Miner, and Stephan Hoefnagels as they present the new Windows 7 Taskbar functionality and motivations. This video shows what is new in the Windows 7 desktop and taskbar, and the common user tasks and scenarios.

Michael Howard and Adam Shostack, experts in eecurity engineering at Microsoft, chat about their top 10 security pet peeves.

Discover the latest releases of Microsoft Silverlight and Expression 3 during these on-demand videos and audio podcasts. Learn from industry experts as they explain how to use Sketchflow, apply XAML power toys, and create rich Internet applications (RIA).

Learn how to take advantage of new features to make your applications built with Visual Studio light up on Windows 7.

This video explains the concepts and tools needed to get started with Silverlight development from a developer's perspective.

For community advice, tips, and best practices, participate in the Software Development for Windows Client forums.

Educate yourself and your organization on how to build more secure applications. The SDL Developer Starter Kit offers content, labs, and training to help you establish a standardized approach to rolling out the Microsoft Security Development Lifecycle (SDL) in your organization.

These videos, hands-on labs, and real-world samples are the quickest way to ramp up on the new developer features in Windows 7. Our new online offerings allow you to learn at your own pace and download only those modules that interest you. Go ahead and jumpstart your Windows 7 developer skills now!

The Windows API Code Pack for the Microsoft .NET Framework provides a source code library that can be used to access some new Windows 7 features (and some existing features of older versions of the Windows operating system) from managed code. These Windows features are not available to developers today in the .NET Framework.

The Windows 7 Training Kit for Developers includes presentations, hands-on labs, and demos designed to help you learn how to build applications that are compatible with and shine on Windows 7.

View and download 18 IT professional and developer-focused live sessions from San Diego starting at 9:00 A.M. Pacific Time on October 26th. Focusing on Windows 7, Windows Server 2008 R2, and Exchange Server 2010, you can listen to Microsoft experts, download valuable resources, and explore the live launch event virtually.

The developer evangelists who bring you the 10-4 Show on Channel 9 are providing videos and labs for you to get familiar with .NET Framework 4 and Visual Studio 2010. This exclusive opportunity lets developers access courseware online for a self-paced learning experience.

Download the Windows 7 Developer Guide to learn how Windows 7 makes it easy for developers to create engaging, user-friendly applications by providing familiar tools and rich development features that allow them to take advantage of the latest PC capabilities.

Check out Microsoft Group Manager Chris Dahl's forum post about the recent MSDN redesign.

Announcing WebsiteSpark, our new program for Web professionals, and the RTM of the Web PI 2.0 and the Windows Web Application Gallery.

Jumpstart your product and technology planning with four days of deep technical content delivered by Microsoft leaders and technical experts. November 17 ? 19, 2009

Watch Marius Grigoriu and Vineet Batta, both from Microsoft Information Security, in this short Channel 9 video. They talk about the technical components for the first version of the Connected Information Security Framework (CISF), a software development framework comprising APIs and reusable components that is designed to create bespoke or custom information security and risk management solutions such as Risk Tracker. They explain the core pieces CISF that help build information security applications cheaper, faster, and better.

Visit Thrive today for career advice, training programs, job postings, event listings, and a wide range of tools that can help you stand out and get ahead.

In this webcast, we look at some new developer features in Windows 7 while discussing programming with the Scenic Ribbon and Windows Web Services, and we examine the new features of Windows Presentation Foundation (WPF), including the Data Grid, which makes it easy to build a rich user experience.

In this short 14-minute video from Channel 9, learn about how the recently released VSTO Power Tools provides some great capabilities for Office developers, saving you hours of work.

In this webcast, learn about how the same technologies and features that are in the Windows 7 desktop operating systems are available for embedded OEMs to deliver a wide variety of reliable, high performance, market-differentiated products that meet the demands of an interconnected world.

Jump-start your Windows 7 experience the day before the conference begins. This free boot camp can get you from zero to hero in less than eight hours. Register for this free boot camp to attend. Space is limited.

The new Seadragon Ajax Control was recently launched as part of the Ajax Control Toolkit. Watch this 11-minute screencast to go through the process of creating a Deep Zoom Composer project.

Don't miss your last opportunity to save $300 on your PDC09 conference pass! Learn about the future of developer technology with keynotes, sessions, hands-on labs, and more. Also check out new sessions announced this week.

Check out the latest from Scott Guthrie as he gives a presentation with lots of demos of our new development environment, Visual Studio 2010 with our new .NET Framework 4.

In this 9-minute screencast video we will introduce you to the SDL Process Template check-in policies and then show you how to enable the check-in policies for yourself and your team.

In this video, Matt Hester describes the main topics covered in the video series, including CSS 2.1 and 3.0 features, HTML 5, native JSON, selectors, AJAX navigation and developer tools.

Maqbool Malik, from Microsoft Information Security, describes some key features added in the second version of Silverlight to enhance security.

Get in it to win it! The Code 7 contest recognizes and rewards applications built on the Windows 7 platform that are innovative, cool, and showcase the new features in Windows 7. Learn more at Code7Contest.com. Contest ends October 10, 2009!

Introducing WebsiteSpark, a new program that invests in small Web dev companies by giving them free software, free support and free marketing. To explain what this means exactly, VP of .NET Platform and Web Technologies, Scott Guthrie, joins Channel 9 for an insightful conversation. Why are we doing this, anyway? What's the story? What's next?

Are you interested in learning to extend Visual Studio 2010? Attend Extensibility Days at the upcoming Dev Tools Ecosystem Summit, October 19 - 23, to develop the skills you need.

Tune in to a recent episode of ARCast.TV to learn more about the next software boom or to watch a video about building line-of-business (LOB) applications in Microsoft Silverlight and Windows Presentation Foundation (WPF). This weekly interview series with influential architects provides perspective and professional insight. From cloud computing to security, ARCast.TV features architects discussing the latest industry trends, technologies, and best practices.

Learn from industry leaders and community developers who are sharing their top recession-survival strategies. These seasoned coders are tackling the economy head-on - and coming out on top. Thrive for Developers is a one-stop community hub that delivers the resources you need to succeed in today's tough economy. Go to Thrive for Developers today.

This lab is intended to show experienced .NET Windows Forms developers how to secure Windows Forms applications. In this lab, you will work with cryptography, implement custom authentication and authorization, work with permissions and code access security, and partially secure a middle-tier hosted in a Web service.

In this webcast, we cover many of the new aspects of Internet Explorer 8 from a developer's perspective.

Doloto is a performance optimization tool for AJAX applications. It works by rewriting an application to load its JavaScript code on demand, thereby reducing startup time and making the application more responsive.

For the first time ever, participate in a perfect storm of brilliance, insight, experience, and vision as we bring together Microsoft's Technical Fellows for the Technical Leaders series. Register today.

Visit Thrive today for career advice, training programs, job postings, event listings, and a wide range of tools that can help you stand out and get ahead.

If you're a developer and you're new to Windows Azure, start here! You'll see what you need to download and install, and how to create a simple "Hello World" Windows Azure application.

Heat up your skills with the all-new Firestarter event series. Each day tackles a single Microsoft technology, including free sessions presented live by Microsoft developer evangelists and technology specialists - with special appearances from community luminaries. You can attend in person, via live meeting, or download the webcast at your convenience to start learning about applying the latest advances in Silverlight and Expression 3.

After completing this lab, you will be able to configure Exchange Server 2010 (Beta) Unified Messaging and experience the features of Unified Messaging.

Learn how to get started using Expression Studio 3 by watching these free videos and tutorials that cover Expression Web, Expression Blend, Expression Design, and Expression Encoder.

See how the newest version of Visual Studio works seamlessly on team build projects.

Learn about the latest technologies from industry experts during this "talk-radio" show. Hear about the new caching capabilities in the Microsoft .NET Framework version 4 or composite application development in Microsoft Silverlight and Windows Presentation Foundation (WPF).

Thrive is an all-in-one resource center for developers to get the latest tools avaliable to be on the cutting edge.

Syncing the cloud and a growing world of devices is a fundamental need in today's world. In this video, you will learn how to use FeedSync feeds to synchronize Live Framework data between a device and the cloud.

The Microsoft SDL - Developer Starter Kit offers 14 modules of content, labs, and training to help you establish a standardized approach to rolling out security development policies and industry best practices into your organization.

View more information on the Windows debugging extension (Windbg) that provides automated crash analysis and security risk assessment.

In this video, Matt Hester gives a 5-minute tour of Internet Explorer 8's built-in developer tools.

This webcast will cover the benefits and challenges of virtualizing Linux on Hyper-V - Microsoft's hypervisor included in Windows Server 2008.

Get in it to win it! The Code 7 Contest recognizes and rewards applications built on the Windows 7 platform which are innovative, cool and showcase the new features in Windows 7.

This 5-minute video will help you learn how to use the new SDL Process Template's document templates and security metrics reporting. The built-in SDL document templates will help you jump start your use of the Microsoft SDL.

Silverlight 3 and Expression Studio 3 help you create and deploy Web sites and rich Internet applications more easily than ever. Download Silverlight 3 and the Expression Studio 3 60-day trial today.

Check out our sessions list to get a view into products, technologies, and developer tools that will shape the future of your business. Register by September 15 to save US$500 on your conference pass.

Watch this webcast to see how Direct Access in Windows 7 provides secure access to the network from any location, making management easier and reducing IT costs.

WPF Control Verifier is a tool that verifies the correctness of WPF controls. This tool is geared towards WPF control developers with the goal of providing a set of verifications that all controls can run and consume.

Download the new Windows 7 Training Kit for Developers. The kit includes code, videos, and labs for both native Win32 C++ developers and .NET developers covering the new features available in Windows 7.

Get Live@edu which provides schools with all the Microsoft technology needed to stay on the technology edge with a low fee.

Windows Azure table storage is designed to support many users at the same time. In this session, you'll learn how Windows Azure table storage supports concurrency, and you'll learn a few strategies to help you deal with any concurrency violations.

Microsoft Chief Software Architect, Ray Ozzie, and President of Server and Tools, Bob Muglia, will set the stage for the next-generation software services platform at PDC09. Register before September 15th and save US$500 on your conference pass.

Watch this 4-minute screencast video to see how to modify the default work items that are included in the SDL Process Template.

Register for the August 20th UCVUG quarterly meeting webcast event for virtual communications.

Building on SQL Server 2008, R2 provides an even more scalable data platform with comprehensive tools for managing your databases and applications, improving the quality of your data, and empowering your users to build rich analyses and reports using tools they are already familiar with.

Join the mailing list to receive monthly emails on announcements and special offers for PDC09.

Check out Visual Studio 2010 and the .NET Framework 4 Beta 1 for the next generation of developer tools from Microsoft.

Get the new security updates and guidance from the August advisories to help your organization stay protected.

Get the latest information on the Time Zone Updates for Windows operating systems that begin in August.

Register before September 15th and save US$500 on your Professional Developers Conference 2009 pass.

Join Thrive, a one-stop community hub that delivers career advice, training programs, peer insights, and job postings to give you a leg up on the competition.

This course is designed to help PHP developers learn the nuances of building Web applications with ASP.NET, without presuming existing knowledge of earlier versions of the technology. Syntax in ASP.NET is compared to its use in PHP, to guide the developer through similar concepts in ASP.NET.

Damien Watkins from the VC++ team and Damian Hasse and Jonathan Ness from MSRC Engineering review the steps to identify and address vulnerable controls and components in this 35-minute video. Also provided is a summary of comprehensive links to help developers walk away with the goal of understanding the exact issues with this VS vulnerability.

Download security updates, register for the security webcasts, and access two new out-of-band security bulletins to find out more information on how it affects Visual Studio and certain types of applications.

Read about how to address the recently announced ATL security issue.

Windows 7 release to manufacturing (RTM) means that it's time for our OEM partners to get their PCs ready, for software development partners to test their new applications, and for hardware vendors to ready their hardware. Find out what it means for you as an IT professional - and learn how and when you can get the final bits.

View the top 5 demonstrations on the most common Web application vulnerabilities from Virtual TechDays 2009.

Check out this 9-minute video on how to install the SDL Process Template and how to begin using it in your next project.

This course is designed to help ASP developers learn the nuances of building Web applications with ASP.NET.

Watch this video to learn how to bind data to WPF controls in data templates. We will use the Binding markup extension to describe which class members are bound to which control properties. We'll also see how these data templates can be reused for multiple controls.

Watch an on-demand webcast or join a virtual lab to get an overview of the Windows Embedded technologies that are available to support your development efforts.

Watch this webcast to get an overview of Windows XP Embedded, a powerful embedded operating system solution used in a variety of applications such as thin clients, test equipment, car computers, industrial controls, and gaming machines, and find out more about the development tools used to build custom operating system images.

This track requires no previous knowledge, and should enable you to quickly learn some basic skills with ASP.NET, and provide foundational knowledge to get started down the path of building Web applications with Visual Studio.

Windows Server 2008 R2 expands on existing technology and adds a host of new features. In this series of on-demand webcasts, you'll get to know Windows Server 2008 R2, learn about what's changed, and get a jump-start on developing for this new platform.

How does Visual WebGui solve the complexity of using the model view controller pattern (MVC) pattern in Web development in a light, simple, and productive way? Watch this webcast to find out.

The SDL Process Template for VSTS integrates the policy, process and tools of the SDL v4.1 into Visual Studio Team Systems 2008. The SDL Process Template eases adoption of the SDL, enables auditable security requirements and status, and demonstrates security return on investment.

How does Visual WebGui solve the complexity of utilizing the model view controller pattern (MVC) pattern in Web development in a light, simple, and productive way? Watch this webcast to find out.

Learn new development skills with free step-by-step training plans and premium technical content, and get valuable discounts on select certification exams and Microsoft Press training kits.

Watch this video to earn how to consume an ADO.NET Data Service from within a WPF application. ADO.NET Data Services provide a way to query and extract data from a data store. We will see how LINQ gets translated into the required RESTful service request to return a subset of data.

Take advantage of this resource that includes a full listing of the latest webcasts and how-to videos covering the technologies included in the Azure Services Platform: Windows Azure, .NET Services, SQL Data Services, and Live Services.

Industry leaders and community developers share their top recession survival strategies. You?ll also find career advice, job postings, training resources, and more.

Channel 9 interviews SDL's Jeremy Dallman to learn about the latest free security tool. The SDL Process Template automates the creation of SDL requirements and enables development teams to begin adopting the SDL process without having to be fully trained on the SDL.

This document will help you set data privacy guidelines for developing your software products and services based on Microsoft's internal guidelines and experience with incorporating privacy into the development process.

Watch Dion Hutchings explain what you need to know when you build a handheld Windows Embedded CE-powered device. Learn more about Windows Embedded CE, the ideal handheld platform with hardware support and software components to satisfy all the requirements of the next generation of connected, service-oriented handheld devices.

Learn about the makings of the !exploitable Crash Analyzer tool. It's the only tool of its kind that increases efficiency, reduces cost, and improves security by providing automated crash analysis and security risk assessment.

Develop a green application using the Bing API with any tech platform or language, win US$10,000 + be featured at Gnomedex!

.NET Services are a set of highly scalable building blocks for programming in the cloud. In this brief screencast, you'll learn about the registration process, the SDK and the built-in samples - everything you need to know in order to get started.

The Windows 7 Release Candidate is now available. Download, install, and actively test the Windows 7 RC code to help get your software and hardware solutions ready.

Windows Server 2008 R2 release expands on existing technology and adds a host of new features. In this series of on-demand webcasts, you'll get to know Windows Server 2008 R2, learn about what's changed, and get a jump start on developing for this new platform.

Download this document to help set data privacy guidelines for developing your software products and services, based on Microsoft's internal guidelines and experience with incorporating privacy into the development process.

The Windows 7 release candidate is now available. Download, install, and actively test the Windows 7 RC code to help get your software and hardware solutions ready.

Take advantage of this resource that includes a full listing of the latest webcasts and how-to videos covering the technologies included in the Azure Services Platform: Windows Azure, .NET Services, SQL Data Services, and Live Services.

In the last of a three-part series of videos on Windows 7 rraphics architecture, David Blythe, Senior Architect in the Desktop and Graphics team, and Yochay Kiriaty, Technical Evangelist, discuss many new updates and improvements on Windows 7 architecture and how this improves the user experience.

Windows 7 will be available in stores beginning October 22. An important milestone on the path to general availability (GA), the release to manufacturing (RTM) code for Windows 7 will be available to Microsoft partners at the end of July, as will the RTM code for Windows Server 2008 R2.

Learn more about the basics behind encryption algorithms and practices used to create cryptographic schemes, symmetric and asymmetric encryption algorithms, the SHA256 hash encryption algorithms, and how to implement them in a simple application.

Download chapters from three great books on Visual Studio 2008: Programming Microsoft LINQ, Introducing Microsoft Silverlight 2, Second Edition, and Programming Microsoft ASP.NET 3.5.

Listen or watch 16 influential community and Microsoft developers, interviewed at Tech·Ed, talk about their recommended must-have resources for the summer. Check back weekly for the next installment in the series or subscribe and take it with you.

Find videos designed to help Web developers and designers of all skill levels experience the power of the Web using Internet Explorer 8. Check back often, as new videos are added regularly.

In the second of three overview videos, David Blythe, Senior Architect in the Desktop and Graphics team, and Yochay Kiriaty, Technical Evangelist, discuss what's new in Windows 7 graphics and how developers can tap into the new APIs.

The SDL Process Template for VSTS integrates the policy, process, and tools of the SDL v4 into Visual Studio Team Systems 2008, and eases adoption of the SDL, enables auditable security requirements and status, and demonstrates security return on investment.

Heads up! The Windows 7 Beta will expire on August 1, 2009, so be prepared and plan to rebuild your PC with either the release candidate (RC) or another valid version of Windows before July 1, 2009. You will receive a warning two weeks prior to July 1; after this date, your PC will begin shutting down every two hours.

In this case study, YOURasp had been hosting WAEC's sites on Linux, and decided to run the new PHP-based Web site on the Windows Server 2008 Datacenter operating system. In less than one week, the company deployed a virtual failover cluster that handled up to 10K service requests per minute during the election.

Windows 7 will be available in stores beginning October 22nd. An important milestone on the path to general availability (GA), the release to manufacturing (RTM) code for Windows 7 will be available to Microsoft partners at the end of July, as well as the RTM code for Windows Server 2008 R2.

The Azure Services Training Kit includes a comprehensive set of technical content including hands-on labs, presentations, and demos that are designed to help you learn how to use the Azure Services Platform.

In the first of three overview videos, David Blythe, Senior Architect in the Desktop and Graphics team, and Yochay Kiriaty, Technical Evangelist, give you a quick tour of Windows 7 Graphics architecture, its different components, and how they affect and improve the user experience in Windows 7.

This video will show you several ways to create and apply reusable styles in WPF (in the control, in a resource section elsewhere in the window markup, and in the app.xaml file) and how styles cascade and can be overridden.

Check out the Windows Internet Explorer 8 Readiness Toolkit, the first place to look when you are ready to optimize Web sites and applications for Internet Explorer 8.

SAIC, a security consulting company, and the SANS Institute, a security training company, have recently joined the Microsoft SDL Pro Network to support Microsoft's commitment to make the SDL more accessible to every developer. These companies will guide and support you in implementing the SDL into your environment to better protect your customers.

Live Services is a set of building blocks within the Azure Services platform for handling user data and application resources. Click here to explore the Live Framework, and explore all the documentation, SDKs, libraries, code snippets, and much, much more.

In this lab, you will learn how to digitally sign XML documents by using the System.Security.Cryptography library and how to use TFS to track bugs.

Watch this webcast to get an overview of Windows XP Embedded and find out more about the development tools used to build custom operating system images.

Learn new development skills with free step-by-step training plans and premium technical content, and get valuable discounts on select certification exams and Microsoft Press training kits.

The SDL Process Template for VSTS integrates the policy, process, and tools of the SDL v4 into Visual Studio Team Systems 2008. It eases adoption of the SDL, enables auditable security requirements and status, and demonstrates security return on investment.

Watch this webcast to get an overview of Windows XP Embedded and find out more about the development tools used to build custom operating system images.

Visual Studio 2010 and .NET Framework 4 mark the next generation of developer tools from Microsoft. Check it out!

Find out how Web development can be faster and easier with Windows Internet Explorer 8 Developer Tools, and learn more about developer tools to use in exposing how the browser interprets a Web page. In these webcasts, podcasts, and virtual labs, we explore the built-in Internet Explorer 8 features that can help developers build standards-based Web applications.

Watch this video in which Todd Miranda explains how a breakpoint is triggered by default and demonstrates how to use advanced breakpoints to only trigger when certain hit count conditions are met.

Play this new game and experience a day in a geek's life. Only the server can save you!

Learn new development skills with free step-by-step training plans and premium technical content, and get valuable discounts on select certification exams and Microsoft Press training kits.

How does Visual WebGui solve the complexity of using the model view controller (MVC) pattern in Web development in a light, simple, and productive way? Watch this webcast to find out.

Download chapters from three great books on Visual Studio 2008: Programming Microsoft LINQ, Introducing Microsoft Silverlight 2, Second Edition, and Programming Microsoft ASP.NET 3.5.

Take advantage of this resource that includes a full listing of the latest webcasts and how-to videos covering the technologies included in the Azure Services Platform: Windows Azure, .NET Services, SQL Data Services, and Live Services.

View video interviews with industry experts, on-demand sessions and keynotes, and Tech·Ed blog posts from around the world.

Self-assess your current state of security in development and create a strategy and roadmap to progressively attain measurable security improvements with the Security Development Lifecycle Optimization Model.

Find videos designed to help Web developers and designers of all skill levels experience the power of the Web using Internet Explorer 8. Check back often, as new videos are added regularly.

View video interviews with industry experts, on-demand sessions and keynotes, and Tech·Ed blog posts from around the world.

Download the Windows Azure SDK that includes APIs, tools, documentation, and samples needed to develop Internet-scale applications to run on Windows Azure.

Reduce your cost of development by identifying and mitigating potential security vulnerabilities in the design phase of the SDL, when they are relatively easy and cost-effective to resolve.

Play this new game and experience a day in a geek's life. Only the server can save you!

The Windows 7 release candidate is now available. Download, install, and actively test the Windows 7 RC code to help get your software and hardware solutions ready.

Learn how to create a timer User Control in WPF and see how to handle common problems in its development.

!exploitable Crash Analyzer is a Windows debugger extension that provides automated crash analysis and security risk assessment in a tool that every developer and tester can use.

Dion Hutchings discusses Windows Embedded CE, the ideal handheld platform with hardware support and software components to satisfy the requirements of connected, service-oriented handheld devices.

I was technical editor of the second edition of Writing Secure Code and I'm really proud of that fact. This is a great offer. Enjoy! 

Microsoft Press - Writing Secure Code for Windows Vista

Celebrating 25 years

For 25 years, Microsoft Press books have focused on helping you take your skills and knowledge to the next level. Celebrate our 25th Anniversary with a "Free E-Book of the Month" offer! Simply sign up for the Microsoft Press Book Connection Newsletter for notification of offers, register, and download the selection of the month.

Writing Secure Code for Windows Vista

By Michael Howard and David LeBlanc
ISBN: 9780735623934

This reference is ideal for developers who understand the fundamentals of Windows programming and APIs. It complements Writing Secure Code, examining the delta between Windows XP and Windows Vista security. For more information or to buy the print version of this title, visit the Microsoft Learning website .

One of the things you need to do to keep your software safe is to be aware of trends and vulnerabilities that are currently being exploited by attackers.

Today I followed a link to the Microsoft Malware Protection Center from one of my friends on Twitter. Excellent find. This is a fantastic resource with tons of good information. (I've been out of the security business for way too long.)

The Latest Microsoft Security Intelligence Report

The Microsoft Security Intelligence Report (SIR) provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Using data derived from hundreds of millions of Windows users, and some of the busiest online services on the Internet, this report also provides a detailed analysis of the threat landscape and the changing face of threats and countermeasures and includes updated data on privacy and breach notifications.

Today we posted a page with information about the PDC 2005 Security Symposium (Friday, September 16th at the PDC). This is a great opportunity to hear some of the top security people from Microsoft discuss security issues. Here's the link to the page:

Security Developer Center: PDC 2005 Security Symposium
Want to learn more about what it takes to build security into each phase of software development? Come hear some insider tips and best practices from Microsoft and industry developers that are doing just that – building security into the software development process using the Microsoft Security Development Lifecycle (SDL) as their model. The SDL is a process that Microsoft implemented to provide customers with high quality software that is meticulously engineered and rigorously tested to help withstand malicious attack.

I'll update that page with addional resources as they come available. For now, be sure to review the page and read the SDL Document as prep for the symposium. If you're not going to the PDC, stay tuned and I'll try to get as much information about these topics as I can added to the page.

Good story in eWeek about some of the Microsoft efforts around Katrina.

Microsoft Brings .NET to Katrina Relief Effort
A group of Microsoft technologists quickly deployed to contribute their time and talent to the relief effort, and decided to develop a Web site and supporting applications to help Katrina evacuees reach out to relatives and friends and also enable families to locate people they have not heard from since the hurricane hit, said Jim Carroll, chief architect and project manager for the system, known as KatrinaSafe.

The calls for help inside Microsoft went out and were answered incredibly quickly. Robert Scoble has more on similar efforts here.

The Microsoft Disaster Relief Page was updated tonight with a statement about Hurricane Katrina.

Microsoft Response to Hurricane Katrina
Published: August 31, 2005
Every one of us at Microsoft is deeply saddened by the destruction of property and personal lives in the wake of Hurricane Katrina, and our hearts go out to the hundreds of thousands of people who have been affected by the storm and its aftermath.

This page has links to many different relief agencies, so this is a good place to start if you're considering a contribution.

Windows Server 2003 R2 RC 0 is available for download. You can get more information here:

Windows Server 2003 R2 Release Candidate 0
Try Windows Server 2003 R2 RC0 today and extend your connectivity and control to data and applications throughout and beyond your organization.

This page contains links to information about new features, a reviewer's guide, a FAQ, and a product overview. There's additional infomation available on the TechNet Windows Server 2003 R2 Beta Roadmap page.

This is the introduction from the Product Overview page:

Windows Server 2003 R2 is an update release of the award-winning Windows Server 2003 operating system. Built on Windows Server 2003 with Service Pack 1 (SP1), Windows Server 2003 R2 takes advantage of the stability and security of a proven code base while extending connectivity and control into new areas. Windows Server 2003 R2 offers all the benefits of Windows Server 2003 SP1 while greatly improving branch office server solutions, identity and access management, storage setup and management, and application development inside and outside your organization's traditional boundaries. Windows Server 2003 R2 is easy to integrate into an existing Windows Server 2003 environment as it has the same application compatibility, manageability, and serviceability as the existing servers with SP1.

The IE team has published a new whitepaper describing IE 6 security. Get it here:

Understanding Security in Microsoft Internet Explorer 6 in Windows XP SP2
Web browser security is a major concern for individuals and organizations. Each time a new vulnerability is found, news headlines proclaim dire warnings. As a result of their importance, security issues dominate competitive browser analysis and discussions, overshadow debate about their respective features and functionality. As the market share leader in Web browser software, Internet Explorer (IE) is often the subject of media scrutiny. Since IE is so prevalent, it is an attractive target for hackers to attack, and has come to be considered, in some circles, insecure. This paper examines the real state of Web browser security and the correlation between a browsers vulnerability and its advanced functionality.

This paper isn't targeted at developers, but it gives a good overview of the security features in the browser.

DevDiv VP Somasegar has posted information about the Visual Studio 2005 launch. Check it out here:

Visual Studio 2005 update
We are now about 77 days from the November 7, 2005 launch of Visual Studio 2005, one of the most significant releases in the history of the Developer Division. We have been releasing Community Technology Previews regularly since Beta 2 and will have one coming out in August as well. I wanted to take a moment and update you on our progress towards shipping the final product....

There's a lot more information in the post, so be sure to read it all.

I've blogged before about the Visio Connector for MBSA. Well, I ran into Sanjay Puri a while back and he let me know that this tool has been updated for MBSA 2.0. Here's a link to the download and the details:

Visio Connector for Microsoft Baseline Security Analyzer (MBSA)
The Visio Connector for MBSA (Microsoft Baseline Security Analyzer) is a Visio COM add-in that allows IT administrators to view the results of an MBSA network scan on a Visio network diagram.

This article on TechNet has a picture to take a look at and more details about the tool. As I mentioned before, this tool is a great way to visualize potential security deficiencies your network.

Stepto posted information today around the Win32/Zotob.A worm. Here's a link to his post:

Guidance pages and information on Worm:Win32/Zotob.A
Ok, earlier this morning we activated our Software Security Incident Reponse Process to respond to a malicious attack known as Worm:Win32/Zotob.A. Our investigation has determined that only a small number of customers have been affected and we're working directly with them. We have seen no indication of widespread impact to the Internet, but we have posted a guidance page as well as an encyclopedia entry on this attack. We will remain watchful for any variants or any further customer impact.

Here's a direct link to Microsoft's incident page for the worm:

What You Should Know About Zotob
Zotob.A is a worm targeting Windows 2000-based systems which takes advantage of a security issue that was addressed by Microsoft Security Bulletin MS05-039. This worm installs malicious software, and then looks for other computers to infect.

As always, the bottom line with this type of thing is to make sure that you're fully patched, you're using a firewall, and that your antivirus signatures are up-to-date. Also be sure to subscribe to the MSRC blog for the latest information; it's a great resource.

In my ongoing effort to link to every SDK in the world, here's the WinFX Beta 1 SDK for your coding pleasure.

Microsoft® WinFX ? Software Development Kit for Microsoft® Pre-Release Windows Operating System Code-Named "Longhorn", Beta 1 Web Setup
The WinFX SDK contains documentation, samples and tools designed to help you develop managed applications and libraries using WinFX, which is the set of next-generation managed APIs provided by Microsoft. This release includes documentation about using the .NET Framework 2.0, the Windows Presentation Foundation (formerly code named Avalon), and the Windows Communications Foundation (formerly code named Indigo).

Here is a direct link to the ISO, if you prefer to install from a disc. (Thanks to Norm Diamond for pointing out that I was linking to an earier version.)

After a flurry of hard work by people from all over Microsoft, we propped the Windows Vista Developer Center today. Get the details here:

Microsoft Windows Vista Developer Center
Windows Vista introduces breakthroughs in user experience, security and reliability, enabling you to build applications that bring clarity to the user's complex world of information.

Check out the site from a design perspective, even if you're not doing Windows Vista development yet. Duncan Mackenzie and Laurie Moloney get a ton of credit for pulling this together.

Good stuff. Get the details here:

Windows OneCare Live Home
Dont have the time or technical expertise to secure and manage a computer on a daily basis? Windows OneCare is a comprehensive PC health service that helps make your PC experience hassle-free.

Microsoft Product Manager for Developer Security Rick Samona, with the help of Foundstone, has created a new feature for the Security Developer Center called Spot the Bug. The way this works is that Rick will post a new bug in his blog every so often and you can take a shot at guessing the bug in the comments for the entry. When Rick posts a new bug, he'll answer the question on the current bug and mark the bug squashed. We've rebuilt the home page on the Security Developer Center to feature the latest unanswered bug and link to the squashed bugs.

This is a total experiment, and it could fail miserably, but it seems cool right now. :)

You might notice that I took the Security Bulletins list off the home page and replaced it with a link to the Security Bulletin Search page. Let me know if you were relying on that feature or not and I'll bring it back if there's a popular demand. Thanks to Erica Wiechers for helping us get this posted.

Kim Komando has nice little writeup of the Microsoft Shared Computer Toolkit for Windows XP in USA Today. Check it out:

Microsoft tool secures shared computers
... With the Shared Computer Toolkit, you can customize restrictions for different Windows accounts, which is especially handy if you have both young children and teens in the house. The toolkit also has additional safeguards to protect your computer. For instance, it prevents kids from making changes to your system settings.

Nice retrospective by computer world."After batting around some ideas for a new system, Thompson wrote the first version of Unix, which the pair would continue to develop over the next several years with the help of colleagues Doug McIlroy, Joe Ossanna and Rudd Canaday. Some of the principles of Multics were carried over into their new operating system, but the beauty of Unix then (if not now) lay in its less-is-more philosophy." Unix turns 4

Learn how to better integrate scripts with command-line tools. Examine using shell_exec(), exec(), passthru(), and system(); safely passing information to the command line; and safely retrieving information from it. See how to integrate closely with underlying shell commands and folding any return values into your interfaces and processes.

The battleground has shifted from the Operating System to the hypervisor, and Linux has a clear role to play. One of the most important modern innovations of Linux is its transformation into a hypervisor. Learn about KVM and Lguest and why the most important modern innovations of Linux is its transformation into a hypervisor

The ideas in this article may help you breathe life (and some additional security) into your old machines and make better use of Linux on aging hardware. A lack of physical memory can severely hamper Linux performance. Llearn how to accurately measure the amount of memory your Linux system uses. You also get practical advice on reducing your memory requirements using an Ubuntu system as an example.

This article compares and contrasts some of the innovations of the latest releases of AIX 6.1, Solaris 1, and HP-UX. Learn the differences on how to work with certain tasks, such as networking and performance tuning. Also, see at a high level some of the virtualization differences among these big three. You decide what you prefer best.

Some nice info in this."Most of the time, your screen's capabilities should be identified using something called EDID - Extended Display Identification Data. This is a chunk of information sent from your display to your graphics card, and normally contains information such as your screen's model and manufacturer, resolution timings and display size. X then uses this data to create appropriate resolutions and bit depths that make optimal use of your hardware." Modify xorg.conf for better per

As data centers grow in both size and complexity, the ability to manage the configuration of each and every server from a central location becomes increasingly important. Two popular Open Source configuration management solutions exist: cfengine and Puppet."Puppet is written in Ruby, is easily installed, and as we will see, can be setup and taken live in less than fifteen minutes!" Puppet + subversion in 15 minutes

Android, a complete operating environment based upon the Linux V2.6 kernel, promises to be a market-moving open source platform that will be useful well beyond cell phones. In this article, learn about the Android platform and how it can be used for mobile and nonmobile applications, then build your first Android application. This simple first app you build will get you started quickly, but beleive me, you'll want to do more after that.

Why is virtualization so important? The short answer is that virtualization enables businesses to lower their technology Total Cost of Ownership (TCO), while increasing their Return on Investment (ROI). What do the top UNIX vendors have to offer with respect to virtualization? Find out what virtualization is more scalable. Here's a look at HP's Virtual Server Environment (VSE), Sun's xVM, and IBM's PowerVM.

Let the pictures tell the story. This is the next version of Fedora. Fedora 11 Screenshot Tour

I want an ebook reader like device. But am way to cheap to get anything I have seen on the market. If the Kindle was $15 I think I would be carrying one around. Well if there was more of an electronic version discount for the books at least.""Effectively what [Pixel Qi is] doing is creating a hybrid display that combines the best of E Ink and regular LCDs," says Robert Barry, director of business development for Team Research, a company that makes an e-book reader called the Astak Mentor

"MySQL's clustering storage engine is a unique take on database clustering, unlike Oracle's or Microsoft SQL Servers solutions. As with those, it has its strengths and weaknesses, so you'll of course need to test, test, and test some more before you can decide if the technology is right for your application, and organization. New features that are in development include the ability to add nodes while the cluster is up and running, storing data and index information on disk, and much more.

Who needs GUIs?"Based on ncurses, MOC (music on console) is a popular, text-based audio player which can play various audio formats, including Ogg Vorbis, FLAC, MP3, MP4, WMA and WAV. The release I'm going to talk about in this article is 2.5.-alpha3, as it comes with Debian Lenny." MOC: Text based audio player

Vimscript is a mechanism for reshaping and extending the Vim editor. Scripting allows you to create new tools, simplify common tasks, and even redesign and replace existing editor features. This article introduces the fundamental components of the Vimscript programming language: values, variables, expressions, statements, functions, and commands. These features are demonstrated and explained through a series of simple examples.

I am thinking that this is basically a toy. I may be wrong though may be some good use that it could be put to. It is interesting though."The only difference is that, unlike Kandor, VirtualBSD is trapped in VMware not in a bottle. You can't install it directly to your computer as an independent OS at this point. Nor can you run it as a Live CD to get a taste of it without installing anything. VirtualBSD exists solely as a VMware appliance right now." VirtualBSD Review--Inside and Out

For embedded Linux engineers and aficionados, one exciting aspect of cloud computing is the sudden interest in thin Linux clients. Explore cloud computing from a Linux perspective and discover some of the most innovative and popular Linux-based solutions with a particular view toward Linux thin clients and environmentally beneficial options.

While I still like the command line. This is pretty cool."There are several different ways to make a multi-touch surface, but we'll focus on the one that we employed: the FTIR screen. An FTIR (short for Frustrated Total Internal Reflection) setup involves three vital components: a sheet of transparent acrylic, a chain of infrared LEDs, and a camera with an IR filter. The LEDs are arranged around the outside of the sheet of acrylic so that they shine directly into the thin side surfaces." B

How could you kill an open source product?"Oracle's senior management has expressed its love for Sun Microsystems' software and hardware but warned tough decisions are coming on what people and products stay. President Charles Phillips and chief corporate architect Edward Screven have committed to keeping Java open and to not killing MySQL. They also mocked the idea Oracle would simply shut down or close off certain technologies and talked tough on Oracle's smarts as a hardware vendor." Or

In this article, learn how to use the open source Clonezilla Live cloning software to convert your physical server to a virtual one. Specifically, see how to perform a physical-to-virtual system migration using an image-based method.

In this article you will learn how Aptana makes it easy to develop applications based on PHP and MySQL, and how to deploy them to the cloud. Also explore some of the critical design differences between a cloud application and a traditional N-tier application.

Michael Widenius aka Monty is the founder and original developer of MySQL. Not that long ago he left his job with Sun. These are his thoughts on the purchase of Sun by Oracle and how it will affect MySQL. "This brings up the question, once again, how can one own an Open Source Project. Patrick Galbraith, summed up his feelings in a recent blog post, , that the "ownership" of Free and open source projects has more to do with who provides the best stewardship of the code, rather than who

This is one I did not see coming. Seems like a much better fit than IBM. But what do I know. The thing I am most wondering about is what is going to be happening with MySQL."So today we take another step forward in our journey, but along a different path - by announcing that this weekend, our board of directors and I approved the acquisition of Sun Microsystems by the Oracle Corporation for $9.5/share in cash. All members of the board present at the meeting to review the transaction vot

Never have used memcached, but looks straight forward enough. It is interesting to me that there really is no free lunch. If your database machine is not fast enough and you spread out the load to memcached, you then need a very fast network. and so forth. "A single instance of memcached was run on a SunFire X227 (2 socket Nehalem) with 48GB of memory and an Oplin 1G card. Several external client systems were used to drive load against the server using an internally developed Memcached be

AIX V6.1 has introduced a secure flavor of FTP (and ftpd) based on OpenSSL, using Transport Layer Security (TLS) to encrypt both the command and the data channels of file transfer. This article coveres the various aspects of the secure FTP setup, which includes the complete FTP service configuration on the server side, as well as the client side.

The open source Android operating system has allowed for sophisticated Cloud Computing applications to run wherever you are. Designed to be highly efficient on battery-powered devices like the T-Mobile G1 smartphone, at heart, Android is Linux. Learn more about the several layers to the Android programming model that permit the creation of secure applications that are tailor-made for Cloud Computing.

Pretty cool stuff. Prices from Ettus don't look too bad. For Ham stuff that is."GNU Radio applications are mainly written in Python; however, the critical and low-level algorithms and signal processing modules are written using the C/C++ programming language, with wide usage of floating-point specific instructions for the relevant processor. Python is primarily used to setup the flow graph, after that most of the work is done in C/C++. GNU Radio is simple to use and a radio receiver can

Wish you could have a dedicated, open source Web chat pop up in response to a system event that lets you know what's happening in real time. Your search is over with Ajax Chat, an application that's implemented in JavaScript, PHP and MySQL. You can get that function and much more with Ajax chat, a pop up chat perfect for system adminstrators. Learn how to change configurations, and add as many alert channels as you want. Put this in your Admin toolbox, and become aware of system problems fa

For some PHP developers, Ajax is still a mystery. It's something that the "cool kids" and "bad boys" of Web development do, and they've never had the time, patience, or skill to take it on. If you're one of these PHP developers, never fear: By the time you're done reading this article, you'll know enough to become a real Ajax pro. This article shows how to use jQuery to easily add Ajax functionality to any PHP Web application. When you're done, you should have a pretty good grounding in not

Learn to scale your UNIX Python applications to multiple cores by using the multiprocessing module which is built into Python 2.6. Multiprocessing mimics parts of the threading API in Python to give the developer a high level of control over flocks of processes, but also incorporates many additional features unique to processes.

The year 28 will forever be remembered as the year of the off-the-shelf (OTS) supercomputer, thanks to the Los Alamos National Labs (LANL) and IBM team that constructed the world's first machine (Roadrunner) to break the peta-FLOP (1,,,,, floating-point operations per second) barrier. Get an overview of OTS strategies to architect high-performance computing (HPC) systems as well as the methods and concepts behind building HPC systems from OTS components and open source software.

This is really clever. Even better that it is using the free option so you can give it a try without spending a bunch of money. And yet one more reason I should buy an Intel Mac."When you first create a virtual machine, it uploads the "virtual disk" to dropbox, which can take some time depending on your upload speed but once its created it gets synced with all your dropbox client computers." Sync and Share Virtual Machine with DropBox

Always interesting to read about zfs."With ZFS, compression is built directly into the I/O pipeline. When compression is enabled on a dataset (filesystem or LUN), data is compressed just before being sent to the spindles and decompressed as it's read back. Since this happens in the kernel, it's completely transparent to userland applications, which need not be modified at all. Besides the initial configuration (which we'll see in a moment is rather trivial), users need not do anything to ta

Life's certainties include death and taxes but also the advancement of the GNU/Linux operating system, and the last two kernel releases did not disappoint. The 2.6.28 and 2.6.29 releases contain an amazing amount of new functionality, such as a cutting-edge enterprise storage protocol, two new file systems, WiMAX broadband networking support, and storage integrity checking. Discover why it's time to upgrade.

This article describes how you can setup and configuration of iSCSI shared disks, and build a sample configuration of true shared disks and SD secondary servers on Ubuntu Linux. By following this procedure, you should be able to customize your own shared disks and SD secondary servers on Ubuntu Linux. You can also easily adapt the instructions for other Linux distributions.

"Since version 4.8, OpenSSH supports chrooting, so no patches are needed anymore. This tutorial describes how to give users chrooted SSH access. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of. I will also show how to use chrooted SFTP." Chrooted SSH/SFTP Tutorial

Learn how you can use Infrastructure as a Service to get a full computer infrastructure using Amazon's Elastic Compute Cloud (EC2). This article helps you plan ahead for working with cloud by knowing how cloud computing compares to grid computing,, how you can resolve issues in cloud and grid computing, and what security issues exist with data recovery and managing private keys in a pay-on-demand environment.

Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication

Yesterday Microsoft re-released KB973811 ==http://www.microsoft ...(more)...

Theres been a lot of discussion about the recent stories on parsing firewall logs - Mar ...(more)...

Several readers have pointed us towards this advisory. This Microsoft advisory outlines a vuln ...(more)...

Overview of theMarch 2010 MicrosoftPatchesand their status. ...(more)...

A new version of the Samurai WTF (Web Testing Framework) distribution, version 0.8, has been r ...(more)...

Panda Security has a post up on one of their employees buying a brand new Android phone from Vodafon ...(more)...

We received several emails today about the US-CERTanalysis of Trojan horse software found in a ...(more)...

An ISCreader, thanks Paul, notified us about a new SEO(Search Engine Optimization) ...(more)...