Episode 3

Posted By: Charles | Feb 23rd, 2006 @ 2:22 PM | 144,732 Views | 26 Comments
In this episode of The Code Room a small group of rogue hackers finds its way into the systems for High Roller Player's Club at the famous Plaza Hotel & Casino in Las Vegas Nevada. When the Casino finds out they call in the "A Team" to get to the bottom of this. Watch the games as the Black Hats go for high stakes against the White Hats and the games unfold in this episode.

Episode 2
Episode 1
Media Downloads:
Rating:
0
0
#Mar 5th, 2006 @ 11:34 PM
junior882
junior882
Developing ASP.NET as posed
First, I thought it was very well done, and interesting. But, where's the code? That's what I'd like to see. I realize that the subject matter is too broad to do that in this case, but the first 2 epsiodes focussed on that a bit.
#Mar 17th, 2006 @ 9:32 AM
Elphaba
Elphaba
boys, you are missing the point entirely (well maybe not Toast).  Okay, so the show is called The Code Room, and you didn't see a lot of coding in the episode.  But the whole point of the episode is that WEB DEVELOPERS (you know, the folks who WRITE CODE) need to design their applications to defend against these kinds of attacks before they happen.  In this viewer's opinion, the episode wasn't designed to be a 30 minute How To Code Secure Web Applications lesson but to show what web devs are up against - SQL Injection, session hijacking, etc regardless of whose technology solutions they are using.  I suspect the goal was to motivate web devs (and the people who manage them, and the people who care about protecting their data) to go learn more about how to defend against these attack techniques. 

Sure, the screenplay won't win an emmy award.  But it was definitely edutainment.  And wouldn't you have been more annoyed if they'd used a bunch of know-nothing actors who can't tell a program from a process?   Wink

just enjoy the ride.

~Elphie
#Mar 22nd, 2006 @ 2:36 AM
slaneyrw
slaneyrw
I just went to order the Security resource kit, but it's only available for US people only Mad

The link on the page for Australia has absolutely not mention of this kit anywhere.

Can we poor backward folk from DownUnder order a copy, or are we going to be left to hassle our australian MS contacts ?
#Mar 22nd, 2006 @ 1:14 PM
Mark Brown
Mark Brown
Microsoft Web Platform
slaneyrw wrote:
I just went to order the Security resource kit, but it's only available for US people only

The link on the page for Australia has absolutely not mention of this kit anywhere.

Can we poor backward folk from DownUnder order a copy, or are we going to be left to hassle our australian MS contacts ?


I'll check into this. I was working with the MS Australia team on this and thought we had it available there.

Sorry for the troubles. Smiley
#Apr 4th, 2006 @ 9:22 AM
qwert231
qwert231
M Kenyon

I thought it was very good. Gave me some info that I will watch for in my code. It's too easy to have a script-kiddie coder come in and right a quick web site for a cheap price. One of the first things I was told when I started asking questions was 'Parameterized Queries'!!!

I think when it comes to demos for code, string queries SHOULD BE BANNED. I've seen to many demos where they drop in a SQL string, tie it to an adapter and some controls... and there's the page. I know they are trying to demo how the controls work, but I think security should be part of every demo, even if it's not mentioned. Don't show SQL strings in code, show your demos using parameters.

#Apr 25th, 2006 @ 10:05 AM
Pimp Daddy
Pimp Daddy
I haven't looked at the stuff on Channel9 for a while now due to me being buried in work, but I found this show and I think that all three episodes have been great.

Yes, the acting was hardly Oscar-winning, but I totally agree that acting is not the point of that episode and highlighting security risks is the point.

I find it amazing how weak the security can be in some big corporations, especially considering the wealth of resources that are out there to help improve the situation. I feel sorry for those companies who have to go through entire system rewrites and not just bug-fixes like the ones in episode 3.

By the way, Jessi Knapp is really attractive! Wink
#Jul 22nd, 2006 @ 1:13 PM
rahsoftware
rahsoftware
Me, Rob & my C9 Guy hard at work :-)
Hi,

That was really good I want to see some more videos like that!
#Jul 23rd, 2006 @ 6:02 PM
Scott Sutton
Scott Sutton

Greetings All,

I thought this Episode of The Code Room was very good. I can't say I was at all worried about the acting but all in all, it's the content that matters and in reality, this scenario is real and unfotunately monetary-fueled crime is common nowadays so, in terms of true-to-life concepts, I couldn't have thought of a better plot myself.I thought the addition of Joel Scambray in this Episode was excellent, he is an excellent Security Evangelist, Speaker and Co-Author of many a book on system Security and it was enjoyable to see his expertise being put to work.

I would have appreciated detailed explainations of the techniques being used but overall, I think the Episode is easy to understand and follow regardless of whether you're interested in Security or not, it's user-friendly and if we want to help others and educate
others about Security, then video-based scenarios are ideal.



Alternatively allow them to read "Secrets & Lies" by Bruce Schneier and tell you with a straight face that they are not at all worried about the Security of their home computer. It's an excellent book; I fully recommend it. Smiley

Regards,

Scott Sutton

#Nov 25th, 2006 @ 11:18 AM
timscarfe
timscarfe
I too want to raise my hand in support of this show - I thought it was a great episode and even though some of it is teaching us how to suck eggs; it really is critical stuff that every developer should know.

Bravo for the style and presentation.
Microsoft Communities