Orcas, Longhorn and more

[ update 20:43 27/4/7 - apologies to those reading via RSS if this is a duplicate, but I felt compelled to fix the typo pointed out by Mike as well as various other typos caused by writing a blog entry before the first coffee of the day!] 

I don't know. I turn my blogging back for 2 minutes and what happens? We release another raft of important betas and other stuff!


First off we have Visual Studio Orcas Beta 1 which is also available as a pre-configured VPC image if you don't want to go installing beta software on your main machine. Personally I've had beta 1 installed on my machine for a couple of weeks now (while it underwent final testing before public release) and I'm very happy with it. However remember it is a beta so tread carefully. We've not ironed out all the glitches yet but nonetheless it is pretty stable. If you want to know in detail what is new, there is a 13 page list of features included in the white paper "An Overview of Visual code name Orcas White Paper". [interestingly the document is available in 3 formats - docx (Word 2007), pdf and XPS (which you can view in IE if you have .NET Framework 3.0 installed]. One of the neat new features is JavaScript IntelliSense which my colleague Mike Ormond blogged about

Web security

I saw Mike yesterday at a free UK MSDN event about "Web Hacking" which was very interesting. It was presented by a guy called Joe Jaeger from SPI Dynamics and I learnt quite a lot and saw some cool (and scary!) demos of script and HTML injection attacks, SQL injection attacks, blind SQL injection attacks and more. SPI have a cool tool called DevInspect that plugs into the Visual Studio 2005 environment and runs all sorts of security analyses on your web projects and offers suggestions on how to fix them to be more secure. He also gave a pointer to a great blog by one of his colleagues which has lots of resources on the topic of web security.

Another interesting development in software security this week is the launch of the Microsoft Malware Protection Center, complete with a searchable database of known malware, definition files for Windows Defender and Forefront and various links to resources. 


The final minor thing that sneaked out the door this week was Longhorn Beta 3 which is now available for download. I've been waiting for this as I want to see if I can work with Longhorn as my primary OS for day to day work (I support server products, so I need to run a server OS).  Provided I can get Virtual Server to run reliably on it I should be ok as then I can use the virtual environment to test customer scenarios.  Of course, the most important new feature of Longhorn for the web developer is IIS7. Although we've had IIS7 for some time in Vista, Longhorn brings us the server implementation of IIS7. For more information on IIS7 check out the IIS7 resource centre.

Anyway, need to get some coffee now.

Happy debugging!