Training for Software Developers

Posted on May 20, 2013 by

In this article I want to discuss different types of training for software developers. Most of what I say here is purely subjective and forms my own view of the best types of training, but I would like to hear what you think on this, including the training resources that work for you..

There are different types of training that as a software developer you can make use of. They are Classroom / Teacher led courses, Online video training, Books (both electronic and dead tree), and writing lots of code and good old experimentation.

Classroom / Instructor Led Courses

Class Room and Instructor Led Training

Class Room and Instructor Led Training

I have always had a problem with technical courses where you have to learn in a group. I personally don’t find it an effective way to learn a technology. Don’t get me wrong, non-technical courses like leadership training, personal skills etc work very well as an instructor led course as these are all about working with people, but for technical courses I don’t find them very good. Also they are very expensive, you can end up paying thousands of pounds for a 5 day course and that doesn’t even include travel and expenses.

I do think conferences are a good thing though. I have been to a number of these before including Microsoft’s TechED and find these very valuable as you get to see what new technologies are coming along and mix/socialise with other engineers from different companies and industries.

I am sure people will disagree with me on this and prefer instructor led courses to online videos and books, and that is fine as everyone has different learning styles. Personally I find learning a new technology a solitary thing. I just like to sit down by myself, watch some videos, read some articles and then just fire up the compiler and dig in.

Continue reading

Posted in Training | Tagged | 2 Comments

Cryptography in .NET : Hybrid Encryption Protocols

Posted on May 18, 2013 by

This is the 4th and final article in a series on cryptography with .NET. So far in this series we have looked at some of the built in cryptographic primitives build into .NET including, Symmetric Encryption with AES, Asymmetric encryption using RSA, Cryptographic random number generation and hashing.

Cryptography in .NET : Hybrid Encryption Protocols

Cryptography in .NET : Hybrid Encryption Protocols

What I want to do in this final part is talk about using these different cryptographic primitives to do what is called Hybrid Encryption.

What is Hybrid Encryption?

So, what is hybrid encryption? Let’s start off with Wikipedia’s definition.

In cryptography, public-key cryptosystems are convenient in that they do not require the sender and receiver to share a common secret in order to communicate securely (among other useful properties). However, they often rely on complicated mathematical computations and are thus generally much more inefficient than comparable symmetric-key cryptosystems. In many applications, the high cost of encrypting long messages in a public-key cryptosystem can be prohibitive. A hybrid cryptosystem is one which combines the convenience of a public-key cryptosystem with the efficiency of a symmetric-key cryptosystem.

A hybrid cryptosystem can be constructed using any two separate cryptosystems:

  • a key encapsulation scheme, which is a public-key cryptosystem, and
  • a data encapsulation scheme, which is a symmetric-key cryptosystem.

The hybrid cryptosystem is itself a public-key system, who’s public and private keys are the same as in the key encapsulation scheme.

Note that for very long messages the bulk of the work in encryption/decryption is done by the more efficient symmetric-key scheme, while the inefficient public-key scheme is used only to encrypt/decrypt a short key value.

Continue reading

Posted in Coding, Cryptography | Tagged , | Leave a comment

Training : Windows Phone 7 and 8 Development

Posted on May 12, 2013 by

In this article I thought I would post links to some free training resources for Windows Phone 8 Development. I have started playing around with Windows Phone 8 Development so I thought these resources would be useful for other people too.

I will keep adding to this page as I find other useful, free, resources. If you have any videos or articles that you feel would be useful here then please let me know in the comments and I will add them to the post. I would like it to be an archive of good material.

Developing Applications for Windows 8

Developing Applications for Windows Phone 8 : Charles Sturt University

Developing Applications for Windows Phone 8 : Charles Sturt University

Developing Applications for Windows Phone 8 (Short Course) – Week 1

Developing Applications for Windows Phone 8 (Short Course) – Week 2

Developing Applications for Windows Phone 8 (Short Course) – Week 3

Developing Applications for Windows Phone 8 (Short Course) – Week 4

Continue reading

Posted in Training, Windows Phone 8 | Tagged , | Leave a comment

Cryptography in .NET : Random Numbers and Hashes

Posted on May 12, 2013 by

This is the 3rd part in a short series on cryptography in .NET. In the previous 2 articles I covered using Symmetric algorithms like AES and Asymmetric algorithms like RSA. In this section I want to cover random number generation and hashing. This will lead into the final article which will be about combining cryptographic primitives to create hybrid encryption protocols.

Cryptography in .NET : Random Numbers

Cryptography in .NET : Random Numbers

The primitive I want to discuss is generating cryptographically strong random numbers. This is useful if you want to generate random session keys for AES for example. To generate a random number you use the RNGCryptoServiceProvider class in .NET. Once you have constructed the object you just call GetBytes() and pass in the length in bytes of the random number you want to generate.

Continue reading

Posted in Coding, Cryptography | Tagged , | 2 Comments

Book Review : Brute Force – Cracking the Data Encryption Standard

Posted on April 12, 2013 by

The Data Encryption Standard (DES) was a standard encryption system used for many years, but it had a flaw, the key strength was only 56bits. This books is about a group of people that started an experiment to try and crack the algorithm by a brute force search of the DES Key-space.

Amazon.com Paperback Kindle

Amazon.co.uk Paperback | Kindle

Brute Force: Cracking the Data Encryption Standard

Brute Force: Cracking the Data Encryption Standard

The book description is as follows :

“In 1996, the supposedly uncrackable US federal encryption system was broken. In this captivating and intriguing book, Matt Curtin charts the rise and fall of DES and chronicles the efforts of those who were determined to master it.

That description sums up the book perfectly. This book is very interesting if you have an interest in cryptography, a bit of computing history, the change in the American encryption laws and grid computing by using available spare resources on peoples machines connected to the internet.

The book is very well written. This subjected could have been presented in such a dry way, but the author has really captured the subject well and it is an engaging read.

Posted in Book Review, Cryptography | Tagged , | Leave a comment

Safe Pad Solution Structure

Posted on April 7, 2013 by

In a previous article on Safe Pad I explained why I decided to write a little application called Safe Pad which I have open sourced on Code Plex under the GNU Public license.

This documentation is against the first Safe Pad release, version 1.0.

Safe Pad : Rich Text Editor with strong encryption.

Safe Pad : Rich Text Editor with strong encryption.

In this article I am going to cover how the code is structured. To demonstrate the code structure I will use the Architectural Dependency diagrams in Visual Studio 2012.

Safe Pad : Solution Structure

Safe Pad : Solution Structure

The main solution file is split into 3 projects. There is the SafePadClientLibrary which contains the code for encrypting the documents, compression, and the handling of the SafePad file format. The domain objects in this library contain all the important routines for making the project work.

Continue reading

Posted in Coding, General | Tagged , | 1 Comment

Safe Pad: Secure Text Editor Open Source Project

Posted on April 6, 2013 by

Recently I have been doing a bit of travelling for work to visit vendors and this has involved some lengthy train journeys. On these journeys I decided to set about writing a small little application that I had a use for. Initially I wanted a password vault, but when I thought about it more, I realised I wanted a secure way to store all sorts of information, like passwords, license keys, financial data etc.

Safe Pad : Rich Text Editor with strong encryption.

Safe Pad : Rich Text Editor with strong encryption.

So, whilst whiling away the hours on the train I started developing Safe Pad. The application is a pretty typical Rich Text based editor, but when you save your documents they are compressed and then stored by encrypting it with AES 256 three times using 2 passwords. This is a similar theory as to when the DES algorithms life was extended by using it to triple encrypt.

AES 256 is already a very strong algorithm, but when used in an application like this people still tend to use rather weak passwords which makes them susceptible to dictionary attacks. Because this application triple encrypts you are prompted to enter 2 passwords, therefore the program encrypts with password 1, then password 2, and then password 1 again. It adds that extra layer of protection for your secrets. Of course, this isn’t an excuse to use weak passwords, I still recommend using strong passwords made up of mixed case letters, numbers and non alpha-numeric symbols.

I have developed the program enough to a stable 1.0 release. It is quite basic, but then again it doesn’t need to be complicated. I have released the source code on CodePlex under the GNU Public license and this marks my first foray into the world of open source software development. Feel free to download the application if you think it will be useful to you. It costs nothing.  If you are not interested in messing around with the source code, then there is an installer you can use to install the application. If you feel like adding some features, then the source code is available for you to play around with.

I have also written a blog post explaining the solution and code structure of Safe Pad should anyone wish to contribute to it.

Posted in Coding, General | Tagged , | 2 Comments