Thursday, July 12, 2007
Vista Sidebar Gadget Development, Windows Performance Tweaks and Outlook SPAM Management
Sidebar Gadget Security: Inspect Your Gadget
Review a Gadget for Security Bugs
As a first order analysis, the following should be carefully reviewed to make sure they are not introducing security bugs.
* Verify that all innerHtml constructs render only trusted or sanitized data.
You can use the innerText property to add untrusted data into the DOM safely.
* Verify that all document.write method calls render only trusted or sanitized data.
Again, use the innerText property to add untrusted data into the DOM safely.
* Verify that all calls into the Gadget object model or ActiveX controls instantiated in the Gadget pass validated data. As an example, be careful when calling System.Sidebar.Execute.
* Verify that all calls to eval() pass validated data.
* Verify that all ActiveX controls used by the Gadget are secure (no buffer overruns, integer overruns, and such).
Lawrence James
A further link: Guidance on how to develop secure Vista Sidebar Gadgets
Simple Tweaks to Improve the Performance of your Windows PC
Here are four simple tweaks for your PC that will help improve your overall computing and internet browsing experience.
Step 1: Change the IE Concurrent Download Limit - Internet Explorer's default settings only enable you to download up to two downloads at the same time. Optimizing the download settings enables you to download up to 16 files concurrently from the same server.
Method - Open registry editor and navigate to the following key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Right click the right pane and select New->DWORD Value. Type MaxConnectionsPer1_0Server and give it a value of 16. Add another DWORD using the same process - call it MaxConnectionsPerServer with the same value - 16.
Step 2: Disable Windows Indexing Service - The indexing feature consumes system resources, and may adversely affect your system's performance. By disabling the indexing feature, you free up disk space on your computer and may improve its performance.
Method - Goto Control Panel -> Administrative Tools -> Services. Find the Indexing Service, right click and select "Disable".
Step 3: Resize your Internet Explorer Cache - The default cache settings of IE are configured to hold a large number of cached temporary Internet files. However, storing many small files on your hard disk consumes valuable disk space and can cause disk fragmentation. Reduce the maximum size of IE cache to 128MB for optimal performance.
Method - Start Internet Explorer, Select Tools -> Internet Options ->General. Under Temporary Internet Files click the Settings button and type the amount of disk space to use.
Step 4: Windows Menu Display Speed - Menus are displayed on your computer according to Windows' default settings. By optimizing these settings, you speed up your computer's ability to display (and hide) these menus.
Method - Goto Start -> Control Panel -> System. Click the Advanced tab, and under Performance, click the Settings button. Clear the Fade or slide menus into view check box, and then click OK.
Amit Agarwal
Postmarking: helping the fight against SPAM
Postmarking is a new part of the Outlook 2007 junk e-mail feature; it complements the existing feature set to reduce the amount of spam in your inbox.
One of the great advantages of e-mail is that it is easy and cheap to send. Unfortunately, this is the very same reason that makes it so useful to spammers as it enables them to send huge amounts of email in bulk.
Think of Postmarking as computational “postage” imposed when sending email. This is a small burden for an individual user, but is a very large burden for spammers. Spammers rely on being able to send thousands of mails per hour, and in order to be able to send spam with postmarking turned on, they would have to invest a very large amount of money to expand their computational power.
Postmarking generation is only present in Outlook 2007 and postmark validation is present in Outlook 2007, Windows Live Mail , Exchange 2007, and Windows Mail in Vista.
Alessio Roic
Labels: Debugging, gadgets, outlook 2007, Sidebar, SPAM, Tweaks, Vista, windows
Technet in a Vista Sidebar Gadget, More Web 2.0 goodness, and YouTube news
The Microsoft TechNet Gadget for Australia and New Zealand delivers information from several of the common news feeds and security alerts.
It supports up to 6 feeds with TechNet Highlights and Basic Security Alerts as default options. You can see items that have been read or unread at a glance. The security ticker glows red when there is something that you have not seen before.
The integrated TechNet Search means you can type a search query and it will launch a web browser window with the TechNet Search results.
itproaustralia
Tupalo
Explore your city, find places to eat, shop or hangout. Share your favourites and connect with friends.
anywr
Socialize with your contacts from anywhere.With anywr you can import and organize your contacts from the tools you already use, for FREE! You can interact with your contacts, manage your calendar and back up your mobile.
Single Sign-On for YouTube and Google Account
Good news YouTube fans - you have one less username / password combination to remember since you can now move your YouTube data to Google account.
And if you have never signed-up for YouTube before, you can now create a new YouTube account with your existing Google Account. [you'll still need to supply an additional YouTube username though which is kind of strange]. Everything remains the same except that a new YouTube icon will show up in your Google Account Services page.
Amit Agarwal
Labels: gadgets, Sidebar, Vista, web2.0, YouTube