twitter
    Find out what I'm doing, Follow Me :)

Tuesday, February 23, 2010

Top 25 Most Dangerous Programming Errors

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.

The Top 25 list is a tool for education and awareness to help programmers to prevent the kinds of vulnerabilities that plague the software industry, by identifying and avoiding all-too-common mistakes that occur before software is even shipped. Software customers can use the same list to help them to ask for more secure software. Researchers in software security can use the Top 25 to focus on a narrow but important subset of all known security weaknesses. Finally, software managers and CIOs can use the Top 25 list as a measuring stick of progress in their efforts to secure their software.
The list is the result of collaboration between the SANS Institute, MITRE, and many top software security experts in the US and Europe. It leverages experiences in the development of the SANS Top 20 attack vectors (http://www.sans.org/top20/) and MITRE's Common Weakness Enumeration (CWE) (http://cwe.mitre.org/). MITRE maintains the CWE web site, with the support of the US Department of Homeland Security's National Cyber Security Division, presenting detailed descriptions of the top 25 programming errors along with authoritative guidance for mitigating and avoiding them. The CWE site contains data on more than 800 programming errors, design errors, and architecture errors that can lead to exploitable vulnerabilities.

  • Guidance for Using the Top 25

  • Brief Listing of the Top 25

  • Category-Based View of the Top 25

  • Focus Profiles

  • Organization of the Top 25

  • Detailed CWE Descriptions

  • Monster Mitigations

  • Appendix A: Selection Criteria and Supporting Fields

  • Appendix B: What Changed in the 2010 Top 25

  • Appendix C: Construction, Selection, and Scoring of the Top 25

  • Appendix D: Comparison to OWASP Top Ten 2010 RC1

  • Appendix E: Other Resources for the Top 25
  • Read more

    Saturday, February 20, 2010

    Microsoft Begins Testing Browser Choice Screen


    Next week Microsoft will begin testing a new browser choice screen that will let users choose a web browser rather then having Internet Explorer installed as the default.

    Unbelievably the company has been forced to provide this choice screen by EU regulators that claim bundling Internet Explorer with Windows is unfair to developers of third-party web browsers such as Firefox and Opera.

    Microsoft has now posted images of what the browser choice screen will look like. A user will be presented with five major browsers randomly ordered. There will also be the ability to choose from several additional browsers. If you choose a browser other than Internet Explorer, you’ll get a shortcut of that browser on your desktop, and Internet Explorer will be unpinned from the taskbar.

    Testing of the browser choice screen begins next week in the UK, Belgium and France. It will be available via a software update from Windows Update. A phased rollout of the update will happen across Europe beginning March 1st.

    Read More [via Mashable]






    Read more

    Thursday, February 11, 2010

    VS2010 Professional RC is available for non-MSDN subscribers

    Here it is for those who are not the MSDN Subscribers.
    VS 2010 RC Download Page

    [UPDATED]
    Note that you can run 2010, 2008 and 2005 side by side, but you must have to uninstall Beta.
    For further reading...
    Read more

    Tuesday, February 09, 2010

    Visual Studio 2010 and .NET Framework 4 Release Candidate

    VS2010 RC  is available to MSDN subscribers on Monday, February 8th, with general availability on February 10th.

    Release Candidate Highlights


    Check out this diverse collection of walkthroughs for RC. They provide step-by-step instructions for common scenarios and are a good place to start.

    Please note: The Microsoft Visual Studio 2010 RC release does not support Silverlight 4 development. If you are developing a Silverlight 4 application you should continue to use Microsoft Visual Studio 2010 Beta 2.
    Read more

    Friday, February 05, 2010

    Lock Calendar Update – Display Calendar Events on Lock Screen

    From the very first day, I have been using this and every time I update the OS, I forget its name. Here I am adding this for future info.

    Available In: Cydia       Price: Free  
    Lock Calendar It looks like Lock Calendarversion 1.0 has been released. I’m not sure if it has been a while since I have done a review of Lock Calendar or just a while since they have updated it! Either way…there are some new features in the app. In the settings for Lock Calendar (which is location in your stock Settings applicaiton) you now have the ability to choose a specific calendar to display on your lock screen (which is a great faeture) and the ability to do a lot more customizing of the app. You are able to select the seperator color, the background color and transpaency and the text color, current color, font type and font size for the Date Bar, Title, Location and Time. You can pretty much customize the app to look however you want now! I will say that it is not the most user friendly interface but, after a little time…you will get the hang of it.

     Read the entire article...
    Read more

    Tuesday, February 02, 2010

    50 Brilliant CSS3/JavaScript Coding Techniques

    CSS3 is coming. Although the browser support of CSS 3 is still very limited, many designers across the globe experiment with new powerful features of the language, using graceful degradation for users with older browsers and using the new possibilites of CSS3 for users with modern browsers. That’s a reasonable solution — after all it doesn’t make sense to avoid learning CSS3 (that will be heavily used in the future) only because these features are not supported yet. The point of this article is to give you a glimpse of what will be possible soon and what you will be using soon and provide you with an opportunity to learn about new CSS3 techniques and features.
    In this post we present 50 useful and powerful CSS3/jQuery-techniques that can strongly improve user experience, improve designer’s workflow and replace dirty old workarounds that we used in Internet Explorer 6 & Co. Please notice that most techniques presented below are experimental, and many of them are not pure CSS3-techniques as they use jQuery or other JavaScript-library.
    [Offtopic: by the way, have you already visited Smashing Magazine's Facebook fan page? Join the community for a stream of useful resources, updates and giveaways!]

    Visual Effects and Layout Techniques With CSS3

    CSS3 Analogue Clock
    Analogue clock created using webkit transition and transform CSS. JavaScript is only used to pull in the current time.
    Css-132 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Use CSS3 to Create a Dynamic Stack of Index Cards
    We will create a dynamic stack of index cards solely with HTML and CSS3 and use such CSS3 features as transform and transition (for the dynamic effects) and @font-face, box-shadow and border-radius (for the styling).
    Css3-new-03 in 50 Brilliant CSS3/JavaScript Coding Techniques
    dynamic PNG shadow position & opacity
    When the light is turned on, the position and opacity of the logo shadow will change dynamically, depending on the position and distance of the light bulb. Don’t forget to drag the logo and/or the light bulb around!
    Css3-new-00 in 50 Brilliant CSS3/JavaScript Coding Techniques
    How To Create A Sexy Vertical Sliding Panel Using jQuery And CSS3
    So, what about a vertical sliding panel that would act as some sort of drawer instead of the usual top horizontal sliding panel that pushes everything else down when it opens? While thinking of alternatives to the usual horizontal panels, I thought it would be nice to create something that works in a similar way, but that is a bit more flexible.
    Css3-last-08 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Awesome Overlays with CSS3
    The trick with these overlays is the gradient border, going form a lighter to darker orange as you go from top to bottom. To create that effect we used to the border-image property, which is a tricky little addition to CSS.
    Css3-last-11 in 50 Brilliant CSS3/JavaScript Coding Techniques
    CSS3 & Flexible UI: Avoid Recutting UI Graphics for Mobile
    What if we could replace almost all of the graphical UI elements within Fennec with CSS created equivalents? As a designer, am I comfortable bypassing Photoshop and letting CSS run the pixel rodeo? After a few initial tests, the answer to both of those questions was a very solid “yes”. A solid “friggin’ right” if in Cape Breton.
    Css-144 in 50 Brilliant CSS3/JavaScript Coding Techniques
    How To Create Depth And Nice 3D Ribbons Only Using CSS3
    We will use box-shadow to create a drop-shadow with RGBa, a color model that allows an optimized contrast with any kind of backgrounds. RGBa is the standard RGB model (0,0,0 – 255,255,255) and it adds the last option (a) for the opacity. We can use this model also for other properties and it works with the new browser.
    Css-197 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Create a Beautiful Looking Custom Dialog Box With jQuery and CSS3
    This custom dialog box is one of the scripts in that website and I think it will be quite useful for all of us. The reason I have this custom dialog box is to overcome the inconsistencies across different browsers. And, of course, it uses CSS3 to style everything.
    Css3-last-00 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Drop-In Modals with CSS3
    For those using WebKit based browsers (Safari and Chrome), CSS3 effects and properties can help you create fast, simple modals by using transforms, animation, and some subtle design cues.
    Css3-last-13 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Newspaper Layouts with Columns and Image Masks
    The faux-newspaper look goes in and out of style online pretty frequently, but these tricks can be used for quite a few cool applications. What we’ll talk about here is using -webkit-mask-image and -webkit-column-count.
    Css3-last-14 in 50 Brilliant CSS3/JavaScript Coding Techniques

    Navigation Menus With CSS 3

    Sweet AJAX Tabs With jQuery 1.4 & CSS3
    This post is a tutorial of making an AJAX-powered tab page with CSS3 and the newly released jQuery 1.4.
    Sweet-tabs in 50 Brilliant CSS3/JavaScript Coding Techniques
    Sweet tabbed navigation bar using CSS3
    Although I don’t understand why animations have been added in CSS3, this upcoming standard does have a couple of very neat features added to the CSS we’re using today. I wanted to take a couple of these new things, and create a Sweet tabbed navigation using CSS3.
    Css-041 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Halftone Navigation Menu With jQuery & CSS3
    Today we are making a CSS3 & jQuery halftone-style navigation menu, which will allow you to display animated halftone-style shapes in accordance with the navigation links, and will provide a simple editor for creating additional shapes as well.
    Css3-last-05 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Building Coverflow With CSS Transforms
    I was able to create a coverflow effect that actually flows and animates in real-time, without using canvas or prerendered graphics.
    Css3-last-04 in 50 Brilliant CSS3/JavaScript Coding Techniques
    CSS3 Hover Tabs without JavaScript
    With the new techniques in CSS3 and clever applications of existing CSS it is increasingly stepping on the toes of JavaScript. Which to be honest isn’t necessarily a bad thing. I thought I’d try my hand at something so here is a basic CSS tabbed content section that changes on hover.
    Css-186 in 50 Brilliant CSS3/JavaScript Coding Techniques

    CSS 3 Transitions and Animations

    Going Nuts with CSS Transitions
    I’m going to show you how CSS 3 transforms and WebKit transitions can add zing to the way you present images on your site.
    Css-010 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Sliding Vinyl with CSS3
    We take a standard album cover, a little HTML, and some CSS3 transitions and transforms to create a sliding vinyl effect for showing off the music you love.
    Css3-last-12 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Fun with CSS3 and Mootols
    These examples came about when experimenting with the extend property in MooTools. By extending the styles class I could add CSS3 properties into the Core MooTools framework and do CSS3 animations.
    Css3-last-171 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Star Wars HTML and CSS: A NEW HOPE
    There are a lot of CSS transitions experiments going on right now. Yesterday I discovered another HTML and CSS experiment which went “far far away”, compared with my simple CSS gallery.
    Guillermo Esteves presented a piece of history translated for tomorrows browsers: the Star Wars Episode IV opening crawl in HTML and CSS.
    Css-130 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Fun with 3D CSS and video
    Zach Johnson has been having fun with 3D effects via CSS such as his isocube above, which is brought to you with simple HTML (including a video tag for a playing video on the surface!) and some CSS.
    Css-138 in 50 Brilliant CSS3/JavaScript Coding Techniques
    CSS3 animations and their jQuery equivalents
    This tutorial/these examples will show the use of the same HTML, with different classes for CSS3 and jQuery. You can compare both the codes and see which one you like more. Don’t forget to check the demo/download the source code to view how everything is working under the hood.
    Css-040 in 50 Brilliant CSS3/JavaScript Coding Techniques
    CSS Animations
    No matter how fast internet tubes or servers are, we’ll always need spinners to indicate something’s happening behind the scenes.
    Css-009 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Snowy CSS3 Animation
    It’s cold and snowy down here in Brighton, so to celebrate the falling white stuff (and of course the various festivities at this time of year) Clearleft’s very own Natbat has made a snowy CSS3 animation surprise for all you Safari and Chrome users out there.
    Css-005 in 50 Brilliant CSS3/JavaScript Coding Techniques
    What You Need To Know About Behavioral CSS
    In this article, we will take those properties a step further and explore transformations, transitions, and animations. We’ll go over the code itself, available support and some examples to show exactly how these new properties improve not only your designs but the overall user experience.
    Css-038 in 50 Brilliant CSS3/JavaScript Coding Techniques
    3D Cube using new CSS transformations
    The impression of a three dimensional cube can be created using modern CSS techniques, without the need for JavaScript, imagery, canvas or SVG. Using the proprietary transform property to skew and rotate shaded rectangles, individual cube faces can combine to form a 3D object.
    Css-139 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Playing around with WebKit Animations
    I’ve been playing around doing a KeyNote like animation done with CSS and some JS to hook up the necessary events. The animation is kind of like a deck of cards. When you go to the next one the current one zooms in and fades out, symbolizing getting closer to the viewer. The next card then zooms and fades in from the back and to give a fancy effect-
    Css-133 in 50 Brilliant CSS3/JavaScript Coding Techniques
    More on 3D CSS Transforms
    Various 3D CSS Transforms in an overview.
    Css3-last-15 in 50 Brilliant CSS3/JavaScript Coding Techniques

    Gradients, RGBA and HSL with CSS 3

    Working With RGBA Colour
    CSS3 introduces a couple of new ways to specify colours, and one of those is RGBA. The A stands for Alpha, which refers to the level of opacity of the colour, or to put it another way, the amount of transparency. This means that we can set not only the red, green and blue values, but also control how much of what’s behind the colour shows through. Like with layers in Photoshop.
    Css-007 in 50 Brilliant CSS3/JavaScript Coding Techniques
    CSS3 Gradients: No Image Aqua Button
    I played around with WebKit CSS3 gradient and created a useless but fun stuff – an Aqua button with no images! Back in the time when Mac OS X was first announced, there’re a plenty of web tutorials that describe how to create the sexy aqua button with Photoshop, and now I can show how to create one with CSS!
    Css-164 in 50 Brilliant CSS3/JavaScript Coding Techniques
    CSS3 HSL & HSLA
    A tutorial on using the HSL & HSLA declarations along with the quick + / – guide to which browsers currently support the herein effect.
    Css3-last-06 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Super Awesome Buttons with CSS3 and RGBA
    One of our favorite things about CSS3 is the addition of RGBA, a color mode that adds alpha-blending to your favorite CSS properties. We’ve kicked the tires on it a bit with our own projects and have found that it helps streamline our CSS and makes scaling things like buttons very easy. To show you how, we’ve cooked up an example with some super awesome, scalable buttons.
    Css-100 in 50 Brilliant CSS3/JavaScript Coding Techniques

    Using the Shadow-Property in CSS3

    Create a Letterpress Effect with CSS Text-Shadow
    The letterpress effect is becoming hugely popular in web design, and with a couple of modern browsers now showing support for the text-shadow CSS3 property it’s now simple and easy to create the effect with pure CSS. No Photoshop trickery here!
    Css-096 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Shadows and CSS3
    I’m currently working on a design that uses text-shadow and box-shadow, with RGBA in place to create the shadow color. I wanted to tweet about this technique because it’s simple and awesome, but to my surprise I couldn’t find a good, quick tutorial that covered the use of both text and box-shadow, along with RGBA. So I decided to create one.
    I learned this technique from Dan Cederholm’s Handcrafted CSS book, so if you’re able I’d recommend just going out and grabbing that, as he explains it much more elegantly and thoroughly than I ever could.
    Css-003 in 50 Brilliant CSS3/JavaScript Coding Techniques

    Learning New CSS3 Selectors

    CSS3 + Progressive Enhancement = Smart Design
    Progressive enhancement is a good thing, and CSS3 is even better. Combined, they enable designers to create lighter, cleaner websites faster and easier than ever before.
    A Look at Some of the New Selectors Introduced in CSS3
    Here is a run-down of just some of the things that is possible with CSS3 selectors. Of course CSS3 isn’t supported at all by any IE browsers including IE8 but all latest versions of Safari, Firefox and Opera support most, if not all of them.
    Css-168 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Cleaner Code with CSS3 Selectors
    In this article I’m going to take a look at some of the ways our front and back-end code will be simplified by CSS3, by looking at the ways we achieve certain visual effects now in comparison to how we will achieve them in a glorious, CSS3-supported future. I’m also going to demonstrate how we can use these selectors now with a little help from JavaScript – which can work out very useful if you find yourself in a situation where you can’t change markup that is being output by some server-side code.
    Css-008 in 50 Brilliant CSS3/JavaScript Coding Techniques
    The CSS3 :target Pseudo-class And CSS Animations
    It’s no secret that I’m always looking for an easy way out using CSS instead of trying to replicate things with convoluted code — there are so many underused techniques that we could be applying to our designs as an enhancement layer! In this experience, I take a brief look into the :target pseudo-class and a very simple CSS animation.
    Css3-last-01 in 50 Brilliant CSS3/JavaScript Coding Techniques
    The CSS3 :not() selector
    There isn’t a lot of information to be found about the :not() selector. The specifications only offer 3 lines of text and a couple of examples. So lets see what it can do!
    Css3-last-02 in 50 Brilliant CSS3/JavaScript Coding Techniques
    IE CSS3 pseudo selectors
    ie-css3.js allows Internet Explorer to identify CSS3 pseudo-class selectors and render any style rules defined with them. Simply include the script in your pages and start using these selectors in your style sheets — they’ll work in IE… Honest…!
    Css3-new-02 in 50 Brilliant CSS3/JavaScript Coding Techniques

    CSS3 Galleries

    How To Create a Pure CSS Polaroid Photo Gallery
    Magical things can be done by combining various CSS properties, especially when some of the new CSS3 tricks are thrown into the mix. Let’s take a look at building a cool looking stack of Polaroid photos with pure CSS styling.
    Css-082 in 50 Brilliant CSS3/JavaScript Coding Techniques
    An Awesome CSS3 Lightbox Gallery With jQuery
    In this tutorial we are going to create an awesome image gallery which leverages the latest CSS3 and jQuery techniques. The script will be able to scan a folder of images on your web server and build a complete drag and drop lighbox gallery around it.
    Css-155 in 50 Brilliant CSS3/JavaScript Coding Techniques
    If That Is An Awesome CSS3 Gallery, How Would You Call Mine?
    Css-136 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Editable CSS3 Image Gallery
    We build a pretty typical image gallery design pattern, a grid of images that pop up larger when clicked. But this image gallery page makes use of hot semantic HTML5 markup, loads of visual treats with CSS3 and jQuery, and made editable through the CMS PageLime. Quick reminder, the demo is awesome-est in a WebKit browser (Safari or Chrome).
    Css-163 in 50 Brilliant CSS3/JavaScript Coding Techniques

    Replacing CSS Hacks with CSS 3

    Rounded corner HTML elements using CSS3 in all browsers
    This is a behavior htc file for Internet explorer to make CSS property ” border-radius ” work on all browsers. At present, all major browsers other than IE shows curved corner by adding 4 lines of css.
    Css3-last-03 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Using Rounded Corners with CSS3
    As CSS3 gets closer to becoming the new standard for mainstream design, the days of rounded corners through elaborate background images is fading. This means less headache and time spent working out alternatives for each browser.
    Css-058 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Better Image Preloading with CSS3
    Using CSS3’s new support for multiple background images, we can use a single, existing element to preload all of the required images.
    Css-194 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Saying Goodbye to the overflow: hidden Clearing Hack
    I’m now saying goodbye to overflow: hidden and the deciding factor for me is CSS3. Specifically box-shadow. At least in the sense that box-shadow was the first property I noticed being negatively impacted by the use of overflow: hidden. Like the positioned child elements mentioned above, box-shadow can get clipped when the parent (or other ancestor) element has overflow applied. And there are several other things to consider as we move forward using more CSS3. Text-shadow and transform can also potentially be clipped by overflow: hidden.
    Css-184 in 50 Brilliant CSS3/JavaScript Coding Techniques

    General articles about CSS 3

    How to bring CSS3 features into your design
    Top web browser (such as Firefox 3.5 and Safari 4) have introduce some cool features you can already use. Now, with just a few lines of css you can do things you used to do with images and javascript.
    Css-013 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Practical Uses of CSS3
    In this article I’ll show you some practical uses for CSS3.
    Css-032 in 50 Brilliant CSS3/JavaScript Coding Techniques
    11 Classic CSS Techniques Made Simple with CSS3
    We’ve all had to achieve some effect that required an extra handful of divs or PNGs. We shouldn’t be limited to these old techniques when there’s a new age coming. This new age includes the use of CSS3. In today’s tutorial, I’ll show you eleven different time-consuming effects that can be achieved quite easily with CSS3.
    Css-122 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Mobile optimised websites using CSS3 Media Queries
    A while ago I wrote about using CSS3 Media Queries on my website redesign to provide mobile visitors with an optimised view designed for smaller screens. I thought it might be useful if I went into a bit more detail on how I’m doing this.
    Css-023 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Code a Backwards Compatible, One Page Portfolio with HTML5 and CSS3
    HTML5 is the future of web development but believe it or not you can start using it today. HTML5 is much more considerate to semantics and accessibility as we don’t have to throw meaningless div’s everywhere. It introduces meaningful tags for common elements such as navigations and footers which makes much more sense and are more natural. This is a run through of the basics of HTML5 and CSS3 while still paying attention to older browsers. Before we start, make note of the answer to this question. Do websites need to look exactly the same in every browser?
    Css3-new-07 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Get the best out of CSS3
    Craig Grannell turns into a cross between Jeffrey Zeldman and Russell Grant, taking a peek at what the future of CSS has to offer – with a little help from Opera, Safari and Firefox
    Css3-last-07 in 50 Brilliant CSS3/JavaScript Coding Techniques
    Practical Uses of CSS3
    “One big item for me is how much we use CSS3. Yes I know, it is not fully supported across all browsers. If you still want everything to look exactly the same across all browsers, you should probably just close this article and not read about CSS for another 10 years. A user is not going to pull up your site in two different browsers to compare the experience, so they won’t even know what they are missing. Just because something is not fully supported, that does not mean that we can’t use it to an extent. In this article I’ll show you some practical uses for CSS3.”
    Css3-last-09 in 50 Brilliant CSS3/JavaScript Coding Techniques
    A Crash-Course in Advanced CSS3 Effects
    This video tutorial reviews a bunch of different neat effects that can be used in Safari 4, Chrome, and for all iPhone development.
    Css3-last-10 in 50 Brilliant CSS3/JavaScript Coding Techniques
    33 Must Read CSS3 Tips, Tricks, Tutorial Sites and Articles
    An extensive overview of CSS3-techniques, tools, articles and resources.
    Reference.
    Read more
    Related Posts with Thumbnails