Threads Life Cycle 14 March 2008
Posted by Ahmed Abdul Moniem in General Articles.add a comment
When a thread is scheduled for execution it can go through several states, including unstarted, alive, sleeping, etc. The Thread class contains methods that allow you to start, stop, resume, abort, suspend, and join (wait for) a thread. We can find the current state of the thread using its ThreadState property, which will be one of the values specified in the ThreadState enumeration:
-
Aborted – The thread is in the stopped state, but did not necessarily complete execution
-
AbortRequested – The Abort() method has been called but the thread has not yet received the System.Threading.ThreadAbortexception that will try to terminate it – the thread is not stopped but soon will be.
-
Background – The thread is being executed in the background
-
Running – The thread has started and is not blocked
-
Stopped – The thread has completed all its instructions, and stopped
-
StopRequested – The thread is being requested to stop
-
Suspended – The thread has been suspended
-
SuspendRequested – The thread is being requested to suspend
-
Unstarted – The Start() method has not yet been called on the thread
-
WaitSleepJoin – The thread has been blocked by a call to Wait(), Sleep(), or Join()
The Road To Be:: MCPD 8 February 2008
Posted by Ahmed Abdul Moniem in Microsoft Certifications.2 comments
Step1: Be Clear, Say Your Word:
Your first step is to identify the technology which you want to be a specialist in it. If your are a web-developer for instance you will select one road, if your are a windows developer you have a completely different second road. So you have to be clear with your self, and just say your word: What is your preferred or needed technology?!
As a case study we will say the word on behalf of you: “I wanna be a specialist in web-development”.
Step2: Select Your Right Door:
Now, as you have selected to be a web-developer, you have to enter from the right door to be a MCPD in web development.
Mainly you have three doors to choose between them:
- Technology Specialist: .NET Framework 2.0 Web Applications.
- Technology Specialist: .NET Framework 2.0 Windows Applications.
- Technology Specialist: .NET Framework 2.0 Distributed Applications.
As you are a web developer you will select the first door, Technology Specialist: .NET Framework 2.0 Web Applications.
NOTE:
If you select a different door you will completely have a different route to your aim. So you can use the link at the end of this post for more information about the other roads.
Step3: You Are Missing a key, Find it!
To open one of the three doors here, you have to own a key! only one key for all the doors. It is: [Exam 70-536: TS: Microsoft .NET Framework 2.0 - Application Development Foundation].
If you got this key you will be able to open your door. So to gain this key Microsoft will provide you by some help. Here are some help:
Programming Microsoft Visual C# 2005: The Language
Programming Microsoft Visual Basic 2005: The Language
Step4: Open The Door:
When you gain the key, you will be able to open your chosen door. But, surprise!, this is not the end. You will be faced by two obstacles. You have to overcome these obstacles to reach your target as a MCPD.
As you have chosen to be a web-developer, your first obstacle is: [Exam 70-528: TS: Microsoft .NET Framework 2.0 - Web-Based Client Development].
And here are some help to overcome the first obstacle:
Programming Microsoft Visual C# 2005: The Language
Programming Microsoft Visual Basic 2005: The Language
Programming Microsoft ADO.NET 2.0 Core Reference
Programming Microsoft ASP.NET 2.0 Core Reference
Step5: One More obstacle:
Don’t be tired, you are almost reaching your target man!. The last obstacle as a web-developer is: [Exam 70-547: PRO: Designing and Developing Web Applications by Using the Microsoft .NET Framework].
And here are some help:
Programming Microsoft ASP.NET 2.0 Applications: Advanced Topics
Debugging, Testing, and Tuning Microsoft .NET 2.0 Applications
Step6: Make a Party:
Be cool! no more steps. You have reached your target man! Congratulations!
You are now MCPD: Web Developer.
The New Generation of Microsoft Certifications 8 February 2008
Posted by Ahmed Abdul Moniem in Microsoft Certifications.add a comment
The New Generation of Microsoft Certifications
The new generation of Microsoft certifications is more specific and targeted to reflect the detail of what you do and to prove your expertise to those who need to know.
Consisting of three series and four credentials, the new generation of Microsoft certifications provides a simpler and more targeted framework for IT managers to validate core technical skills, professional skills, and architectural skills. It also provides professionals in the IT industry with a more relevant, flexible, and cost-effective way to showcase their skills.
Technology Series: Proven core technical skills on Microsoft technologies
The Technology Series certifications enable professionals to target specific technologies and distinguish themselves by demonstrating in-depth knowledge and expertise in the broad range of specialized technologies. Microsoft Technology Specialists are consistently capable of implementing, building, troubleshooting, and debugging a particular Microsoft technology.
The Technology Series certifications:
| • | Typically consist of one to three exams. |
| • | Are focused on a key Microsoft product or technology. |
| • | Do not include job-role skills. |
| • | Will be retired when mainstream product support for the particular technology expires. |
There are currently 19 Microsoft Certified Technology Specialist certifications. More will become available as new technologies are introduced. A complete list of the MCTS certifications, including the new Microsoft Office Project 2007 certification family, is available on the MCTS overview page.
| • | Microsoft Certified Technology Specialist |
Professional Series: Professional skills and a proven ability to perform on the job
Professional Series credentials validate a comprehensive set of skills required to be successful on the job. These skills include design, project management, operations management, and planning, and they are contextual to the job role. By validating a more comprehensive set of skills, these credentials give candidates and their hiring managers a reliable indicator of on-the-job performance.
The Professional Series certifications:
| • | Typically consist of one to three exams. |
| • | Have one or more prerequisites from the Technology Series. |
| • | Are focused on a single job role. |
| • | Require certification refresh to maintain active status. |
Microsoft currently offers two Professional Series credentials:
| • | Microsoft Certified IT Professional |
| • | Microsoft Certified Professional Developer |
Architect Series: Exemplary business IT skills and a proven ability to deliver business solutions
The Microsoft Certified Architect (MCA) program identifies top industry experts in IT architecture. These prestigious professionals have a minimum of ten years of advanced IT industry experience, have three or more years of experience as a practicing architect, possess strong technical and managerial skills, and form an elite community. Unlike other industry certifications, this credential was built and is granted by the architect community. Candidates must pass a rigorous review by the Review Board, which consists of previously certified peer architects.
The Architect Series certifications:
| • | Have a rigorous and competitive entry process. |
| • | Require the candidate to work closely with a mentor who is a Microsoft Certified Architect. |
| • | Culminate in an oral review in front of previously certified architects. |
| • | Require certification refresh. |
Learn more about the Microsoft Certified Architect program
Source: Here
Top 10 Secure Coding Practices 4 January 2008
Posted by Ahmed Abdul Moniem in General Articles.add a comment
Top 10 Secure Coding Practices
Added by Robert Seacord on Jun 21, 2007
- Validate input. Validate input from all untrusted data sources. Proper input validation can eliminate the vast majority of software vulnerabilities. Be suspicious of most external data sources, including command line arguments, network interfaces, environmental variables, and user controlled files [Seacord 05].
- Heed compiler warnings. Compile code using the highest warning level available for your compiler and eliminate warnings by modifying the code [C MSC00-A, C++ MSC00-A].
- Architect and design for security policies. Create a software architecture and design your software to implement and enforce security policies. For example, if your system requires different privileges at different times, consider dividing the system into distinct intercommunicating subsystems, each with an appropriate privilege set.
- Keep it simple. Keep the design as simple and small as possible [Saltzer 74, Saltzer 75]. Complex designs increase the likelihood that errors will be made in their implementation, configuration, and use. Additionally, the effort required to achieve an appropriate level of assurance increases dramatically as security mechanisms become more complex.
- Default deny. Base access decisions on permission rather than exclusion. This means that, by default, access is denied and the protection scheme identifies conditions under which access is permitted [Saltzer 74, Saltzer 75].
- Adhere to the principle of least privilege. Every process should execute with the the least set of privileges necessary to complete the job. Any elevated permission should be held for a minimum time. This approach reduces the opportunities an attacker has to execute arbitrary code with elevated privileges [Saltzer 74, Saltzer 75].
- Sanitize data sent to other systems. Sanitize all data passed to complex subsystems [C STR02-A] such as command shells, relational databases, and commercial off-the-shelf (COTS) components. Attackers may be able to invoke unused functionality in these components through the use of SQL, command, or other injection attacks. This is not necessarily an input validation problem because the complex subsystem being invoked does not understand the context in which the call is made. Because the calling process understands the context, it is responsible for sanitizing the data before invoking the subsystem.
- Practice defense in depth. Manage risk with multiple defensive strategies, so that if one layer of defense turns out to be inadequate, another layer of defense can prevent a security flaw from becoming an exploitable vulnerability and/or limit the consequences of a successful exploit. For example, combining secure programming techniques with secure runtime environments should reduce the likelihood that vulnerabilities remaining in the code at deployment time can be exploited in the operational environment [Seacord 05].
- Use effective quality assurance techniques. Good quality assurance techniques can be effective in identifying and eliminating vulnerabilities. Penetration testing, fuzz testing, and source code audits should all be incorporated as part of an effective quality assurance program. Independent security reviews can lead to more secure systems. External reviewers bring an independent perspective; for example, in identifying and correcting invalid assumptions [Seacord 05].
- Adopt a secure coding standard. Develop and/or apply a secure coding standard for your target development language and platform.
Bonus Secure Coding Practices
- Define security requirements. Identify and document security requirements early in the development life cycle and make sure that subsequent development artifacts are evaluated for compliance with those requirements. When security requirements are not defined, the security of the resulting system cannot be effectively evaluated.
- Model threats. Use threat modeling to anticipate the threats to which the software will be subjected. Threat modeling involves identifying key assets, decomposing the application, identifying and categorizing the threats to each asset or component, rating the threats based on a risk ranking, and then developing threat mitigation strategies that are implemented in designs, code, and test cases [Swiderski 04].
Bonus Photograph
I found the following photograph on the Web, and I’m still trying to figure out who owns the rights to it. If you know, please comment below.
I like this photograph because it illustrates how the easiest way to break system security is often to circumvent it rather than defeat it (as is the case with most software vulnerabilities related to insecure coding practices).
References
[Saltzer 74] Saltzer, J. H. “Protection and the Control of Information Sharing in Multics.” Communications of the ACM 17, 7 (July 1974): 388-402.
[Saltzer 75] Saltzer, J. H. & Schroeder, M. D. “The Protection of Information in Computer Systems.” Proceedings of the IEEE 63, 9 (September 1975), 1278-1308.
[Seacord 05] Seacord, R. Secure Coding in C and C++. Upper Saddle River, NJ: Addison-Wesley, 2006 (ISBN 0321335724).
[Swiderski 04] Swiderski, F. & Snyder, W. Threat Modeling. Redmond, WA: Microsoft Press, 2004.
Extending the ImageMap HTML Control with AJAX 1.0 Extensions 4 January 2008
Posted by Ahmed Abdul Moniem in Web Application Development.add a comment
In this article, Bilal Haidar will show you how to extend the HTML ImageMap control by adding clickable hot spots so that when hovered over will popup a tiny window informing the user with more information on the spot selected using the AJAX Services. |
 |
| by | |
Setting up and running Subversion and Tortoise SVN with Visual Studio and .NET 4 January 2008
Posted by Ahmed Abdul Moniem in General Articles.add a comment
by Rick Strahl
What’s covered:
- Introduction to Subversion
- Installation
- Adding Projects and Files to Source Control
- Creating a local Copy from the Repository
- Up and Running with Subversion and Tortoise SVN
- Subversion and Visual Studio
This document describes the steps to install and configure Subversion, create a new repository and then walks through the basic steps required to set up local Visual Studio projects using Tortoise SVN.
This isn’t meant to be an all comprehensive tutorial on Subversion, but rather a quick step by step of the essential things to install and configure to get up and running. For more detail you can use the excellent Subversion and Tortoise SVN documentation.
See full article from here
ASP.NET 2.0 CSS Friendly Control Adapters 1.0 4 January 2008
Posted by Ahmed Abdul Moniem in Web Application Development.add a comment
Introduction
See full site from here
Welcome! ASP.NET is a great technology for building web sites but it would be even better if it provided more flexibility for customizing the rendered HTML. For example, the Menu control makes it simple to add a menu to a web site, but it would be better if it didn’t create <table> tags and was easier to style using CSS. Happily, it’s easy to customize and adapt the Menu control to generate better HTML. Indeed, you can modify any ASP.NET control so it produces exactly the HTML you want.
The key is to use something that may be new to you: control adapters. These are little chunks of logic that you add to your web site to effectively “adapt” an ASP.NET control to render the HTML you prefer. The ASP.NET 2.0 CSS Friendly Control Adapters kit provides pre-built control adapters that you can easily use to generate CSS friendly markup from some of the more commonly used ASP.NET controls.
Getting Started
Before trying to learn how control adapters work, it’s helpful to see them in action. Use the Examples menu at the top of this page to see the impact of adapting some of the ASP.NET controls.
Each example page lets you enable/disable the adapters so you can immediately see their impact. Likewise, you can dynamically change themes, swapping in a different set of CSS files without changing the HTML markup. A source code viewer lets you study how each sample is constructed.
These sample control adapters demonstrate how to build an ASP.NET web site that is particularly easy to style with CSS. Feel free to use, copy, clone and modify the markup, CSS and code that you find here. To experiment with a local copy of this web site:
- Install Visual Web Developer (VWD) or Visual Studio 2005 (VS).
- Download this kit’s VSI file. It adds a new web site template to your installation of VWD/VS.
- Use the File menu in VWD/VS to create a new web site that uses the new template: Tutorial on ASP.NET CSS Friendly Control Adapters.
- Run the new web site using the built-in Cassini web server (F5 key in VWD/VS).
Also you can see this video tutorial: How Do I: Utilize the CSS Friendly Control Adapters? from here
Web Embedding Fonts Tool (WEFT) 4 January 2008
Posted by Ahmed Abdul Moniem in Web Application Development.add a comment
About WEFT
The Web Embedding Fonts Tool (WEFT) lets Web authors create ‘font objects’ that are linked to their Web pages so when viewed through the browser, pages are displayed in the style contained in the font object.
see the full article from here
Read/Write App.Config File with .NET 2.0 4 January 2008
Posted by Ahmed Abdul Moniem in Windows Application Development.add a comment
Introduction
Author: Alois Kraus and the full article from here
This is my first CodeProject article. I would like to show you the most important changes in the System.Configuration namespace with .NET 2.0. I have looked at my blog referrer statistics and saw about 20 hits/day by Google. Most of them were searching information on how to configure the new Enterprise Library but there are also a significant number of people that seem to seek answers to the following questions:
- How to read/write to App.Config?
- How to store a list of objects in a config file via the
System.Configurationmechanism?
Reason enough for me to shed more light on the System.Configuration namespace. The main changes from .NET 1.0/1.1 in the System.Configuration namespace are:
- Write to your App.Config file through the Configuration class
- New configuration model for Windows Forms applications
- Store complex objects including object collections in your
App.ConfigFile - It is possible to store Connection Strings in the App.Config file. See ConnectionSettings which enables you to store your settings on an SQL Server. The Enterprise Library for Sample
SqlConfigurationexercises this by implementing aSqlConfigurationSourcewhich can store and retrieve a ConfigurationSection
So where to start? I think first I will show you the config file and explain how you can create it programmatically in your application.
Lutz Roeder’s Programming Tools 22 December 2007
Posted by Ahmed Abdul Moniem in General Articles.add a comment
Reflector for .NET
Reflector is the class browser, explorer, analyzer and documentation viewer for .NET. Reflector allows to easily view, navigate, search, decompile and analyze .NET assemblies in C#, Visual Basic and IL.
Reflector.zip – .NET Reflector, Version 5.0.50.0, Add-Ins
Resourcer for .NET
Resourcer is an editor for .resources binaries and .resX XML file formats used with the .NET platform. Resourcer allows editing of name/string pairs, import of bitmaps/icons and and merging of resources from different sources.
Resourcer.zip – .NET Resourcer files
CommandBar for .NET
The CommandBar class library extends Windows Forms with classes for CommandBar, ReBar, CoolBar, and bitmaped menu controls. 24 bit alpha channel images are supported on Windows 2000.
CommandBar.zip – Library and C# source code
Writer for .NET
Writer is a simple WYSIWYG editor for HTML files. The program allows you to edit HTML files using simple editing functionality like Undo, Redo, Cut, Copy, Paste, Find, Replace. Writer also supports text layout and formatting, hyperlink editing and insertion of dates and pictures.
Writer.zip – Executable and C# source code
Mapack for .NET
Mapack is a .NET class library for basic linear algebra computations. It supports Norm1, Norm2, Frobenius Norm, Determinant, Infinity Norm, Rank, Condition, Trace, Cholesky, LU, QR, single value decomposition, least squares solver and eigenproblems.
Mapack.zip – Library and C# source code
