Visual Basic.NET Code Security Handbook - Softcover

Synopsis

This title is for VB .NET programmers who want to write secure code - which should be all of them. .NET provides a powerful framework in which to write secure code but unless you understand how attackers think and how the .NET security systems works your code will still be vulnerable. .NET helps reduce the likelyhood of common vulnerabilities such as buffer overruns and provides an extremely powerful code access security system - when it is used properly. Writing secure .NET code requires three things: an understanding of the .NET code security system, attention to detail, and the ability to think from the point of view of an attacker. Many security vulnerabilities in fact have little to do with the security system but rather are a result of treating hostile input as non-hostile. This book is a practical reference of the .NET security framework, and demonstrates best practices that will go a long way towards making your code secure in the face of attacks. It also provides examples of common mistakes enabling you to spot them in your own (and others) code. Although this book primarily focuses on .N

About the Author

Eric Lippert works for Microsoft designing programming languages and development tools. He has been partly responsible for creating VBScript, JScript, Windows Script Host, and Windows Script Components. He was also involved in the design of JScript .NET and Visual Basic .NET and until recently he was part of the ECMAScript working group.

Eric has long been interested in computer security issues particularly with respect to the highly destructive script-related viruses that have appeared over the last few years. He realised in 2001 that even the excellent new security features in the .NET Framework would not solve these problems unless people used and understood them. Since then he has been somewhat obsessive about explaining to anyone who listen how the security system works and why it is important to them.