security

Avoid double login in Windows 10 with Bitlocker

By Mirek on (tags: BitLocker, login, Windows 10, categories: tools, security)

I am using Microsoft Windows 10 on my PC and to encrypt my disk I enabled the Bitlocker on it. Bitlocker is awesome. It works seamlessly encrypts and decrypts data on the fly. Unfortunately my PC doesn’t have the TPM module and I was forced to use a password prompt at computer start to decrypt drives. And here comes the issue.

code

Using Azure Active Directory application roles

By Dawid on (tags: active directory, asp.net 5, azure, role, categories: azure, code, security)

In this post I’ll try to explain how we can build an MVC application that uses Azure Active Directory Application Roles for authorization. This kind of authorization is implemented using role based access control – RBAC. When using this kind of authorization we can grant permissions to roles, not to individual users or groups. The administrator can then assign roles to different users and groups. Thanks to that he can control who has access to what content and functionality.

code

Breaking strong name in .net library assemblies.

By Mirek on (tags: Assembly signing, .net, Strong name, categories: code, security)

Recently I was digging in Strong naming and signing in .net. I have found an interesting article on code project Building Security Awareness in .NET Assemblies which describe how the strong name can be easily removed and beaked from an executing assembly. I would like to present the approach that can be used with library assemblies in .net. What is a strong name (also called st…

Software licensing

By Mirek on (tags: activation, copyright protection, licensing, product key, serial key, categories: licensing, security)

In this post I would like to briefly describe the topic of software licensing and present few solutions I found on the internet. Licensing topic is highly connected with application security and piracyproof so to speak. We generally provide licensing mechanism when we want to assure that nobody who did not paid for the application can not access this application. We want to protect our intellectual property and give the access to the application only those people who paid us for that.

How this all looks in practice ?

infrastructure

TrueCrypt whole disk encryption step by step

By Mirek on (tags: disk encryption, TrueCrypt, categories: infrastructure, security)

Although TrueCrypt has a rich documentation (available here) I could not find any quick step by step tutorial on how to easily encrypt whole system. So this was the reason for this screenshot-based beginner’s tutorial. 

Every confusing topic and phrase is well documented in TrueCrypt documentation so I will limit the comments to the very minimum.

Before you start installing TrueCrypt and encrypting your system drive prepare one blank DVD or CD which will be used for rescue purposes. If you already got one, we can start…