ClickOnce and Security

ClickOnce deployment is another area where Code Access Security needs to be kept in mind. ClickOnce deployments will often be used to deploy Visual Basic .NET (or hybrid Interop Toolkit) applications from a website or network file share. In these cases, the applications don’t get the standard Full Trust permissions in CAS. Instead they get…

0

Introducing code obfuscation

If you recall from an earlier post, I said that the main reason for signing an assembly and giving it a strong name was to prevent it being tampered with. For example, many of the assemblies that make up the .NET framework itself are strong-named assemblies that sit in the GAC. If I disassembled one…

1

Code Access Security in action – calling Unmanaged Code

The following is an example of how code access security might affect your code when calling unmanaged code. Unmanaged code is a posh way of saying “It isn’t .NET code, it is the stuff you used to write before .NET” 🙂 In VB6 making a call to a Windows API function wasn’t affected by any…

0

Authenticode and ActiveX controls

For VB6 developers, one area where asymmetric keys and digital signatures cropped up was the requirement to sign downloadable ActiveX controls using Authenticode. The idea was to sign the controls using a digital signature so that the origin of the control could always be established. There are a couple of related concepts in .NET that…

0

Cryptography

The second big security area in the .NET framework after Authentication and Authorisation is cryptography. Again, the framework contains a lot of powerful functionality, and again there is an application block that makes it all a bit easier to use. The classes and namespaces that deal with cryptography cover three key areas: Symmetric Key Encryption/Decryption…

0

Authentication and Authorisation

As promised, the first in a series of posts about security relevant to a developer new to .NET (such as a VB6 developer). These are what most people will immediately think of when security is discussed. Authentication This is proving your identity by some means, whether it’s knowing your password, having the right swipe card…

0

Visual Basic .NET and Security – a few posts are required

One of the reasons for moving to VB.NET from VB6 may be the more advanced security models available in the .NET Framework – this is particularly relevant in the ASP.NET world where many .NET applications will need a security system. In the desktop arena, there may also be requirements for security features over and above…

1

In VB6 we had the API Viewer, In VB .NET you get the P/Invoke Interop Assistant

VB6 programmers will remember a useful little utility called the API Viewer, the helped out when you needed to make a Windows API call. There is now an equivalent tool for .NET, the P/Invoke Interop Assistant (http://www.codeplex.com/clrinterop ). Not surprisingly it does a little bit more, so as well as enabling you to look up…

1

Enhancing your VB6 Application with Interop

I’ve been having a look at some of the samples on the Visual Basic Resource Center to see what’s possible when we start using interop between VB6 and .NET. Here are some of my favourites. This article, “Sharing ADO Recordsets Between Visual Basic 6 and Visual Basic 2005”, looks at approaches to sharing data between…

1

Adding to the My namespace in VB .NET

Just as an aside – after experimenting with the Interop Forms Toolkit earlier this year I wondered how InteropToolbox ended up in the My namespace – it seems like a useful thing to be able to do. I didn’t have to look far, the answer was in the ActiveXControlHelpers.vb file in my Usercontrol project: 1:…

1