Quickies of the day

  • Anil John writes about developing ASP.NET applications that run under Partial Trust. The whole Code Access Security framework in .Net is a complex beast, and I fear that most developers never will learn enough to actually use it properly, leaving them with applications that appear to be secured against malicious in-process code, but still can be vulnerable to ”luring attacks”. And if you let a single malicious assembly run with FullTrust, it’s Game over for your entire host process, as explained by Keith Brown in Beware of Fully Trusted Code. As Anil says, chapter 6-9 in Improving Web Application Security: Threats and Countermeasures is recommended reading. As a sidenote, are there any MVP’s that specialize in Code Access Security?
  • Tim Bray writes about the higher level web services specifications, and how the law of leaky abstractions work against them. ”[…]; applications that try to abstract away the fact that they’re exchanging XML messages will suffer for it”
  • Anil Dash warns against yet another scenario where Word’s ”Track Changes” feature can come back and bite you in the ass. I once recieved a press release in .doc format that had Track Changes enabled in such a way that they didn’t show up on screen, but did when you printed it. Oops indeed.
  • Jon Udell observes that developers still have a lot to learn when it comes to internationalizing applications, and compares us with 13-th century French Artisans. I don’t think I have linked to Joel Spolsky’s excellent Unicode primer yet, and even if I have, its such a recommended reading that I should do it again. I did a small project involving UTF-8 to Windows-1256 (Arabic) conversion on a low level a while ago, and it was most illuminating.
  • My column on the Smalltalk heritage on IDG has spawned a small debate about ”industry languages” such as Java and C# compared to more dynamic, ”cutting edge” languages like Smalltalk and Python. My take on the debate is that if you want to get stuff done togheter with other developers that may not be on the same level as you, C# and Java will get you there with the lowest amount of risk. For single-developer projects, or for small projects that everyone involved are really bright, Python and similarly dynamic languages (including Smalltalk, Lisp/Scheme, and even Perl) can get you there faster, while allowing you to have more fun along the way.
  • Ted Neward (By the way, it’s cool that a MVP’s RSS feed URL ends in .jsp :-)is involved in a debate over a set of security guidelines (subscription required) published in Java Developers Journal. Ted observes that for many of threats that the guidelines seek to guard against to even be theoretically exploitable, the attacker already must have greater access than he stands to gain by exploiting the vulnerability. This observation is similar to Peter Torr’s that VBA and Outlook’s object model does not really increase the attack surface, since, for an attacker to make use of them, he must already have full access to the machine: ”The problem isn’t that you have knives or saucepans or shoes in your house; it’s that the burglar keeps getting inside!”
  • Cedric Beust puts his money where his mouth is; disappointed by JUnit, he writes his own testing framework, TestNG.
  • Brad Adams gets DDJ to allow republising Steven Clarke’s article on Measuring API Usability.

4 reaktioner till “Quickies of the day”

  1. >are there any MVP’s that specialize in Code Access Security?

    I collaborated on and Technical Reviewed the "Improving Web Application Security" book. My areas of focus were Hosting Scenarios and Code Access Security, so count me in as an MVP who at least has a familiarity with the topic 🙂

  2. Anil: Cool, I did not realize you had so much to do with the PAG book. Good work!

    Have you done any work with test driven development in conjunction with CAS? It seems to me that since the CAS architecture is so complex, it would be useful to do TDD in a "negative" fashion; for example if your assembly is supposed to be callable only by a specific strongly named assembly, write tests that verify that calls from other assemblies do indeed fail.

  3. Just read your article at IDG regarding Alan Kay/Smalltalk – and it was good. For once not a single glaring misconception regarding Smalltalk 🙂 – I am a bit jaded by all people throwing around "truths" about Smalltalk without having actual experience themselves. So kudos for that. 🙂

    Above though it sounds like you are saying that Java would mean a lower risk than Smalltalk for larger projects or projects in which the developers are of "average" or "mixed" level. That I definitely do NO agree with on the other hand. 😉

    I have worked extensively in Java AND Smalltalk on both smaller and quite large projects. I have taught both languages and OO to developers. I have solid experience of at least 5 different Smalltalk environments including ENVY and GemStone aimed at large scale development. I also have experience of various Java tools. I am writing this because I know both sides of the story – while most others seem to only know Java and have some vague idea about Smalltalk. Most Smalltalkers know Java just fine and 99% of them prefer Smalltalk any day.

    So my experience is the exact opposite. I claim that less experienced developers can more easily be made productive in Smalltalk than in Java. I have repeatedly taught OO *and* the basics of Smalltalk in a single day including practice and then had these pupils find bugs and complement a working small system the next day.

    This 2-day course was later attempted to be reshaped using Java without success – the teacher who is one of the best teachers in Sweden IMHO – said to me it couldn’t be done, even though he really tried. Java simply can not practically be taught that quick – there are too many things in the language tripping up the newbie and clouding the vision.

    Also, the idea that there is something inherent in Smalltalk making it unsuitable for large scale development is simply not true either. And there is ample evidence for that.

    There are very large systems having been built in Smalltalk with great success over a long period of time. And I mean *large*. 14000 classes, 65 developers/staff, 500 users etc, see for example the "Kapital" system at JP Morgan Bank, https://secure.cwheroes.org/briefingroom_2004/pdf_frame/index.asp?id=4909)

    Now, I do not have time to write more just now – but I will gladly answer any questions on this topic! 🙂

    regards, Göran

  4. >Have you done any work with test driven development in conjunction with CAS?

    LOL :-), Take a look at one of my earlier posts @

    I am actually exploring TDD in the context of Secure Coding. Not just for testing CAS issues, but for input validation and more… I agree with your assessment that TDD (at least the the concept of using xUnit framework for testing) definitely maps into this area. I am just coming up to speed on using NUnit right so am not that far along right, but it is something that I believe is very worthwhile.

Kommentarer kan inte lämnas på detta inlägg.