Channel 9 Forums - The Sandbox - CBT-DB ~ 20 Deadly Sins of Software Security

The Sandbox - CBT-DB ~ 20 Deadly Sins of Software Security

iStation — Wed, 10 Aug 2005 09:04:20 GMT

Let's test your security knowledge!

This is a database file for CBT application.
Please overwrite a database file in the CBT application folder with this one.

You can download CBT application from...
http://channel9.msdn.com/ShowPost.aspx?PostID=71128

The Sandbox - CBT-DB ~ 20 Deadly Sins of Software Security

Minh — Wed, 10 Aug 2005 12:18:34 GMT

This is of interest to me, but, sorry, having to run an .EXE only to access this makes me nervous. Now, if you could release the source to the .EXE, that'd be great.

The Sandbox - CBT-DB ~ 20 Deadly Sins of Software Security

iStation — Wed, 10 Aug 2005 13:17:51 GMT

Hi Minh,
Don't worry.
This is a very safe managed code!

≡

The Sandbox - CBT-DB ~ 20 Deadly Sins of Software Security

Minh — Wed, 10 Aug 2005 18:36:21 GMT

iStation wrote:

Hi Minh,
Don't worry.
This is a very safe managed code!

≡

I'm sure it's safe -- But maybe more people would give your app try if it can be proven safe.

The Sandbox - CBT-DB ~ 20 Deadly Sins of Software Security

Maurits — Wed, 10 Aug 2005 19:11:22 GMT

I've been trying -- unsuccessfully -- to convince myself that there's a justification for posting Sandbox projects that don't include source.

I just don't see it. I thought the point of Sandbox was to share code.

The Sandbox - CBT-DB ~ 20 Deadly Sins of Software Security

iStation — Wed, 10 Aug 2005 20:19:39 GMT

Sorry, it contains some license matters.
So, I can't disclose the source code, right now.
Please enjoy the contents.
≡

The Sandbox - CBT-DB ~ 20 Deadly Sins of Software Security

AndreasJ — Mon, 15 Aug 2005 14:35:35 GMT

It only takes one deadly sin to get you killed.

I would imagine one would be running untrusted code and I do not trust this code.

So what are the 19 other deadly sins of software security?

http://blogs.msdn.com/michael_howard/archive/2005/07/11/437875.aspx

The Sandbox - CBT-DB ~ 20 Deadly Sins of Software Security

iStation — Tue, 16 Aug 2005 01:51:12 GMT

Bingo!?

http://www.amazon.com/exec/obidos/tg/detail/-/0072260858

This book is worth reading!

≡(

The Sandbox - CBT-DB ~ 20 Deadly Sins of Software Security

zproxy — Tue, 22 Aug 2006 10:52:33 GMT

What is this CBT thing about?

The Sandbox - CBT-DB ~ 20 Deadly Sins of Software Security

iStation — Tue, 22 Aug 2006 11:42:27 GMT

zproxy wrote:

What is this CBT thing about?

This CBT is for reviewing your security awareness.

BTW, at that time, I set protection for the all contents of this CBT-DB series. That's why some C9ers reacted with their messages. I wonder anyone could unlock this protection...

The Sandbox - CBT-DB ~ 20 Deadly Sins of Software Security

zproxy — Wed, 23 Aug 2006 11:36:55 GMT

What do you mean by protectyion?

Password protected office files?

The Sandbox - CBT-DB ~ 20 Deadly Sins of Software Security

iStation — Wed, 23 Aug 2006 12:44:54 GMT

zproxy wrote:

What do you mean by protectyion?

Password protected office files?

Hehe..., oh, yeah.
Password protected Access file.
Can you break it?