Your Rights in the Workplace

In this article I want to cover what some of your rights are in the workplace. With this I don’t mean things like the right to regular breaks and access to coffee etc. What I mean is your professional rights when working on projects in a team, and these rights are very important if you are ever in a position of conflict with another person on your team. It is in times of conflict that rights are very important, so they are described below from that perspective.

Your Rights in the Workplace

Your Rights in the Workplace

The rights are:

  • To be treated with respect. No matter what you dispute is, you all deserve to be treated with respect no matter what the outcome is.
  • To hold my views and have them heard. You have the right to an opinion just as the other people in a conflict do, and it is all your right to express these viewpoint as long as you treat each other with respect.

Continue reading

Universal Windows Platform Guidance for Windows 10

Fellow Pluralsight author Lars Klint has released a Free Pluralsight webinar to help developers get started with Universal Windows Platform development under Windows 10.

If you are serious about  getting started with this platform, then I also recommend the Microsoft Virtual Academy series which will help jump start you

Microsoft Article : Simple Async Await Example for Asynchronous Programming

Simple Async Await Example for Asynchronous Programming

Simple Async Await Example for Asynchronous Programming

I have written another article for Microsoft called Simple Async Await Example for Asynchronous Programming. The article walks through a simple example to help you get your head around using Async and Await.

Microsoft Article : Using Code Metrics to Guide Code Reviews

Using Code Metrics to Guide Code Reviews

Using Code Metrics to Guide Code Reviews

This week I have published a new article on the Microsoft Developer Blog. The article is called “Using Code Metrics to Guide Code Reviews” and talks about how you can use the code metrics in Visual Studio as a way to run a code review to stimulate discussions about code quality.

The article also takes a look at the NDepend tools and how they can give you an ever deeper insight into what’s happening in your code.

Microsoft Article : How to Securely Store Passwords and Beat the Hackers

How to Securely Store Passwords and Beat the Hackers

How to Securely Store Passwords and Beat the Hackers

I have just written my first article for the Microsoft UK Developer site on How to Securely Store Passwords and Beat the Hackers. The article talks about the best way to protect passwords by first exploring ways that you shouldn’t protect and store passwords.

Password Based Key Derivation Function Iteration Counts

I have already spoken about Password Based Key Derivation Functions before on this blog and I have discussed secure password storage with PBKDF2 at length in my Pluralsight course, Practical Cryptography in .NET, but in this post I want to expand this a bit and talk about picking suitable iteration lengths for the PBKDF2 key derivation process.

Choosing a good number of iterations for PBKDF2

Choosing a good number of iterations for PBKDF2

A reader of this blog, Geoff Hirst, gave me a heads up to an episode of the Security Now podcast and specifically episode 512 where the recent security breach at LastPass was discussed. Luckily no one’s data was actually at risk due to their security policies and good use  of encryption, but the podcast talked about something that was interesting and that was, what should you set your PBKDF2 iteration count too?

I must admit I have always used round numbers like 50,000 or 100,000 but the podcast says this isn’t a good idea and you should use 5 figure number, beginning with a number larger than 2, but a random number which isn’t rounded up to specific whole number, as in 50,000 or 100,000.

By making this a random number that you do not disclose you are making an attackers life much harder as they have to get the iteration count correct. Of course you shouldn’t rely on this as a main piece of security information, but anything that can make an attackers life a little harder has to be a good thing.

If you are dealing with a system that has multiple users, why not randomly generate different iteration counts per user. Then if one user does get compromised and their password recovered, your other users are still safe as the attacker would still need to guess their number of iterations.

Message Queueing with RabbitMQ Succinctly Released

My 2nd book with Syncfusion has been released today. It is called Message Queueing with RabbitMQ Succinctly. The book is around 100 pages in length and is designed to get you up and running with RabbitMQ very quickly.

Message Queueing with RabbitMQ Succinctly

Message Queueing with RabbitMQ Succinctly

The official book bio is:

An introduction to the RabbitMQ integration platform with an emphasis on C# and .NET development. Author Stephen Haunts introduces the powerful message broker and queuing system, and guides novices from installation to practical coding. With Message Queuing with RabbitMQ Succinctly, developers of all levels will be able to integrate multiple systems with ease.

The book is split into the following chapters.

  1. Message Queuing Overview
  2. RabbitMQ Overview
  3. AMQP Messaging Standard
  4. Installing and Configuring RabbitMQ
  5. Overview of the Management Plug-in
  6. Administration via the Command Line
  7. Basic Queue and Message Example
  8. Working Examples

All the source code from the book is available on BitBucket. The link to the BitBucket repository is in the book. I am also currently doing talks on RabbitMQ around various user groups in the UK.

I would love to know what you think about the book.