No Image

Windows Community Standup discussing the Always Connected PC

2018-01-23 KENNETH 0

Windows Community Standup discussing the Always Connected PC During our January 2018 Windows Community Standup, we discussed the Always Connected PC and what that means for developers. Kevin Gallo (CVP), Erin Chapple (GM) and Hari Pulapaka (Principal Group Program Manager) discussed the ARM architecture and Qualcomm chip, how the OS is natively recompiled with full feature support, how we extended our WoW abstraction layer to support x86 applications, and much more. Watch the segment to learn how to debug and test your app on a Windows on ARM device and what you should be thinking about when developing for Windows 10 on ARM. Source: Windows Community Standup discussing the Always Connected PC

[도서] CSI 창의융합코딩 표준 과정

2018-01-23 KENNETH 0

[도서] CSI 창의융합코딩 표준 과정 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]CSI 창의융합코딩 표준 과정 이재호,김강현,김태훈,박재일,백승욱,유경일, 공저 | 정일 | 2018년 02월 판매가 11,800원 (0%할인) | YES포인트 0원(0%지급) 이 책은 스크래치를 이용하여 처음으로 SW 코딩을 시작하는 학생들을 위한 것이다. 이러한 학생들뿐만 아니라 스크래치를 배운 경험이 있는 학생들도 교재 없이 SW 코딩을 하지 못한다면, 이 책으로 다시 시작하기를 Source: [도서] CSI 창의융합코딩 표준 과정

[도서] 탐색적 자료분석(EDA)

2018-01-23 KENNETH 0

[도서] 탐색적 자료분석(EDA) 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]탐색적 자료분석(EDA) 송인식 저 | 이담북스(이담Books) | 2019년 02월 판매가 34,200원 (10%할인) | YES포인트 1,900원(5%지급) Source: [도서] 탐색적 자료분석(EDA)

No Image

Using ModSecurity to Virtual Patch Apache Struts CVE-2017-5638

2018-01-23 KENNETH 0

Using ModSecurity to Virtual Patch Apache Struts CVE-2017-5638 Many security vulnerabilities are found in libraries used by application code. When it’s impractical to quickly deploy a fix to code in a library, you may be able to use ModSecurity to intercept an exploit, “virtually patching” the affected code until you can upgrade the affected libraries. The Apache Struts application library vulnerability (CVE-2017-5638), which led to the breach of 143 million accounts at Equifax, is an example of exploit that can be virtually patched. The signature of the vulnerability is the presence of #cmd= or #cmds= strings in the Content-Type, Content-Disposition, or Content-Length HTTP headers. (More detailed explanation below) Using ModSecurity, we can create a virtual patch with a simple rule that searches for the malicious strings in the affected HTTP headers: SecRule REQUEST_HEADERS:Content-Type|REQUEST_HEADERS:Content-Length|REQUEST_HEADERS:Content-Disposition “@rx #cmds?=” “id:5638,auditlog,log,deny,status:403” Using SecRule we specify [ more… ]

No Image

#ifdef WINDOWS – 3D launchers and glTF toolkit

2018-01-23 KENNETH 0

#ifdef WINDOWS – 3D launchers and glTF toolkit With the Windows 10 Fall Creators Update, when developing experiences for Windows Mixed Reality, a 3D launcher can be defined to override the default 2D launcher and provide a richer experience launching a game or app from the mixed reality home. Roberto Sonnino and Tom Mignone from the mixed reality team dropped by my office to give me a hands on demonstration as we discussed why developers should consider creating 3D launchers and what is possible when creating 3D tiles. We also covered why the team chose glTF as the file format and how they created the glTF toolkit to make it very easy for developers to modify and optimize glTF assets. Check out the full video above and feel free to reach out on  Twitter or in the comments below. Happy coding! Source: #ifdef WINDOWS – 3D launchers and glTF toolkit