Monday, 30 October 2006 4:43 PM
mitch
Windows Vista Security Enhancements for Developers
First: Get well Frank. Frank would have to be the most loved 'softie in Australia I reckon. Chuck would be in the running if going anywhere near water with him wasn't so dangerous. Speaking of Charles Sterling - he has given us an update on how Frank is going and provided a link to patient e-mail system that we can use to send messages Frank. I decided to take some time out to craft a little status update for TechTalkBlogs.
"We are looking after TechTalkBlogs for you mate. In your absence we have decided to turn it into a Linux advocacy site. Hope you don't mind.
Go tux!
(Note to medical staff: If Frank goes into convultions after reading this e-mail whisper "zune is coming, zune is coming" into his ear).
Anyway - hopefully he feels better after getting my e-mail. I figure that since he can't get a net connection out it is going to be atleast 24 hours before my TTB credentials are revoked :) Seriously though - hope you start feeling better soon Frank!
On with the show . . .
On Thursday (at the Ready Summit in Sydney) I will be presenting a 45-minute session on the security enhancements that have been incorporated into Windows Vista and how they will affect application developers. In the session I will be touching on the following topics:
- User Access Control
- Why?
- Consent Dialogs and Shield Indicators
- Tokens and Privilege Elevation
- Application Manifests
- Installer Detection
- "Run as administrator"
- Application Compatibility Strategies
- Registry and File System Redirection
- Application Compatibility Shims
- Admin Code Seperation Strategies
- Service Broker Strategy
- Side-by-Side Process Strategy
- Elevated COM Component Strategy
- Network Access Protection
- CardSpaces
- Lessons from Passport
- The Laws of Identity
- What is CardSpaces?
I think the ones that most people will be interested in will be UAC - mostly because there is a perception of pain there, although I've been running Vista pretty much solid for quite a while now as a developer and its not too bad - and there a few tricks we can use to make sure that our users don't have problems installing our apps.
After that I think the next big exciting thing for developers is CardSpaces, mostly because it represents a shift away from monolithic security mechanisms to more flexible user-orientated identity management systems.
I'm looking forward to a fast paced session with this one with lots of interaction - especially around UAC.