I hit a couple of little hurdles with Subversion this week which I thought I’d share simply because I couldn’t find much public information about it and it was only through trial and error it got resolved. The context was I was adding an externals [http://svnbook.red-bean.com/en/1.0/ch07s03.html] to a project from another repository and there were two little barriers that threw a spanner into the works. For the sake of simplicity, here’s a recreation of the scenario: The first problem is t...

So “Plan A” was to try and maintain a bit of momentum on the OWASP Top 10 for .NET developers [https://www.troyhunt.com/2010/05/owasp-top-10-for-net-developers-part-1.html] blog series and post every few weeks. Unfortunately a couple of weeks of work travel preceded by several weeks of preparing material pretty much killed any chance of avoiding a blog free month. Still, the crisitunity [http://www.urbandictionary.com/define.php?term=Crisitunity] of it all has presented new material in the form...

This content is now available in the Pluralsight course "OWASP Top 10 Web Application Security Risks for ASP.NET" [http://www.pluralsight.com/courses/owasp-top10-aspdotnet-application-security-risks] In the first post of this series [https://www.troyhunt.com/2010/05/owasp-top-10-for-net-developers-part-1.html] I talked about injection and of most relevance for .NET developers, SQL injection. This exploit has some pretty severe consequences but fortunately many of the common practices employed wh...

This content is now available in the Pluralsight courses "OWASP Top 10 Web Application Security Risks for ASP.NET" and "Ethical Hacking: SQL Injection" [http://www.pluralsight.com/courses/owasp-top10-aspdotnet-application-security-risks] There’s a harsh reality web application developers need to face up to; we don’t do security very well. A report from WhiteHat Security [http://www.slideshare.net/jeremiahgrossman/whitehat-security-8th-website-security-statistics-report] last year reported “83%...

Something that has always struck me as a bit unique about the software industry is the huge variances we see in professionalism. Consider industries such as medicine or aviation; the lower bounds of their professionalism is comparatively high and the deviation of expertise within the practitioners is comparatively low when compared to software development. Of course there are exceptions – every now and then a doctor malpractices or a pilot crashes – but these are relatively rare occurrences comp...

I thought I was a bit of a latecomer to Twitter when I jumped on board two years ago but given the growth rate since then – it’s gone from 100 million tweets in Q4 of ‘08 to 4 billion tweets in Q1 of 2010 – I appear to be a relative sage of the Twittersphere. Having now reached a point where I consider Twitter a “must have” business tool, I’m enjoying encouraging others to seek out the same benefits. However it’s always difficult to articulate the virtues in a casual conversation so here are 20...

So I got a little bit inspired the other day after watching Scott Hanselman’s Web Deployment Made Awesome: If You're Using XCopy, You're Doing It Wrong [http://www.hanselman.com/blog/WebDeploymentMadeAwesomeIfYoureUsingXCopyYoureDoingItWrong.aspx] from MIX10. With a perfect candidate ASP.NET 3.5 web app and VS2010 RC I dived in and generated Web.Release.config and Web.Debug.config files then went to publish. Unfortunately it didn’t all go to plan and all I got was this particularly uninformati...

Another year, another MIX conference in Vegas and another three days of reading all the news from afar. Fortunately the Twitter age doesn’t leave those of us on the other side of the world completely isolated and there has been some really interesting news shared by those on the ground in the US. Here’s a summary of what I found interesting and what I see is significant for the technologies involved. It’s by no means a comprehensive review – one look at the sessions list [http://live.visitmix....

It’s a hot summer day in Perth over on the western seaboard of Australia and the local pub is packed with patrons downing cold beers. You’re in your shiny new Ferrari – red, of course – and come cruising past the pub in full view of the enthralled audience. As any red-blooded, testosterone fuelled Aussie bloke would do, you give the Italian thoroughbred a full redline launch to the delight of the crowd. Right up until you run into the street sign: Why did this happen? Well there’s the fact th...

As a new parent, I obsess about what the baby is doing. Is he awake, asleep, sucking his thumb or even still breathing? I mean I want to be quite, just not too quite. Do I try and sneak in commando style just to make sure he’s all good and risk waking a sleeping baby (this is never a good idea!), or do I sit in anticipation waking for the baby monitor to confirm signs of life? I’m sure new parent paranoia is not unique to me but I like to have a little more control over my environment than just...