Important information on ASP.Net Forms Authentication:
http://visualstudiomagazine.com/articles/2010/09/14/aspnet-security-hack.aspx

This basically allows a user to determine the Machine Key used to encrypt the cookie on any site. This is apparently 100% reliable and can be used for any site within 30 - 50 minutes. This would allow a user to create spoofed authentication cookies to assign administrator privileges.

The solution? Use one of the other Encryption mechanisms eg. Triple DES.



Just an interesting observation:

Currently there are "normal" phones that can perform about 8 MFLOPS (Million Floating Point Operations per Second)
http://briefmobile.com/tag/cpu

To put this into perspective, Up till the time of the first moon landing in 1969, the fastest supercomputer in the world could run at 3 MFLOPS. http://en.wikipedia.org/wiki/Supercomputer

So, you probably have more power in your pocket than was used in launching Apollo 11...

The end is nigh! Just kidding... Windows 7 is to be released shortly and apparently it'll be the best release ever - only time will tell whether this release will "save" Windows mobile or whether Linux based phones take over the majority of the market as predicted. Either way - it'll probably be a bit of a shake-up in the mobile market.

"Today is the day that the Windows Phone team has been driving towards,
and we’re very excited to say that we’ve reached the biggest milestone
for our internal team – the release to manufacturing (RTM) of Windows
Phone 7!  While the final integration of Windows Phone 7 with our
partners’ hardware, software, and networks is underway, the work of our
internal engineering team is largely complete."

link to source


Twitter Delicious Facebook Digg Stumbleupon Favorites More

    Subscribe