Uno de los avances recientes más importes en el ,NET Framework es el nuevo modelo de programación asíncrona introducido por C # 5, Visual Basic 11 en. NET 4.5. Este cambio es especialmente relevante, ya que Windows Phone 8 se ejecutará en hardware multinúcleo. Podemos sacar muchas ventajas de usar async y la popular Task Parallel Library, entre ellas que nos resultará mucho más fácil para proporcionar una experiencia de interfaz de usuario alineada con los principios de diseño de las aplicaciones Windows (Metro anteriormente), en donde predomina la fluidez y el movimiento. (1)
Es bueno tener esta herramienta ahora disponible, si bien es excelente que este disponible Windows Phone 8, hay que recordar que por ahora la base instalada más grande es de Windows Phone 7.5. La buena noticia es que todas nuestras apps de 7.5 serán soportadas sobre 8, razones por las que trabajar en 7.5, además de bueno, aún es necesario.
La mayoría de los métodos asincrónicos en la NET se incluyen en Windows Phone 8 SDK y están disponibles por defecto si hacemos aplicaciones para Windows Phone 8, sin embargo para Windows Phone 7.5 en Visual Studio 2012 usando .NET Framework 4.0 (con KB2468871), Silverlight 4 y las bibliotecas de clases portables, debemos descargar los otros métodos asincrónicos (en concreto, System.Net API) a través del paquete Nuget Microsoft.Bcl.Async y asegurarnos de que tenemos disponibles todos los archivos necesarios.
Recuerda que para instalarlo debemos tener instalado NuGet 2.1 o superior y si no lo tienes puedes instalarlo a través del Add-in manager en Visual Studio 2012.
Luego de eso debes instalar el Microsoft.Bcl.Async
Tambien podrás instalarlo a través de la consola usando install-package Microsoft.Bcl.Async –pre
Se nos pide confirmar sobre que proyectos se realizará la instalación
Y luego aceptar los términos de la licencia
La parte muy positiva en mi caso es que terminé mi aplicación primero en Windows 8, así que teniendo async ahora podré reutilizar gran parte del codigo de mi aplicación, el cual les compartiré por supuesto en mi Github :)
Espero que lo disfruten mucho :)
Sorey
الأربعاء، 31 أكتوبر 2012
When will you switch to Windows Server 2012?
It's finally out. Windows Server 2012 has been released and thousands have started integrating it into their network. It had been over 3 years since its predecessor Server 2008 R2 was released and many were beginning to twitch for an updated release. After months of playing with it, Firebrand had many Server 2012 questions answered and got an inside look into its many features; Hyper-V replica, the new ReFS file system, new server manager, Dynamic Access Control, etc…
But there was still one question hanging over our heads; when is the tech industry planning to integrate Windows Server into their network?
To answer this question, Firebrand surveyed over a thousand techies ranging from Database Administrators to CEOs; and from start-ups to FTSE 100 organisations.
What Firebrand found might surprise you.
Follow this link for the original post:
To embed this Infographic copy the text in the box below:
الثلاثاء، 30 أكتوبر 2012
Exam tips and preparation: VWware vSphere 5
The VMware Certified Professional for vSphere 5.0 certification demonstrates that the professional has a strong understanding of vSphere 5.0 with knowledge of all its new features.
In order to gain this certification, you will only be required to pass one exam: VCP-510.
You are also required to attend a class with a VMware Certified Instructor.
VMware professional are highly in demand. The average salary is £45,000 according to itjobswatch.co.uk.
The Exam
The exam covers a variety of topics, including:
· vCenter Server and VMware ESXi
· vSphere Networking and Storage
· Virtual Machines and vApps
· Maintaining Service vApps
· Troubleshooting
· vSphere Implementation and vCentre Server Alarms
It will consist of 85 multiple-choice questions including a short pre exam survey and lasts 90 minutes.
To pass the exam you will need to get 300 out of 500.
Tips for difficult areas
The following topics are the ones that seem to be the most difficult for students, so here are some tips to deal with them:
Question construction – The questions is often more questions within the question. We recommend you have working knowledge of VMware vSphere.
Preparation Hints
Focus of the following five key areas:
1. Configuration maximums
2. Any new feature on vSphere 5.0
3. Ports
4. Tables
5. Dialog boxes
Good luck.
Memorias Colombia 3.0
Como muchos dicen, es bueno ver que en Colombia se den este tipo de iniciativas, en especial por que seguimos en el camino de proyectar el pais y los talentos existentes en el, y las posibilidades de venir aquí, invertir y creer en nuestra gente. Pero aún más creo que es un esfuerzo que debe continuarse y acrecentarse con más talento local, para que tambien nuestra gente sepa que hay cosas que están pasando por que nosotros podemos hacer posibles muchas cosas.
Estuve participando como conferencista del evento hablando sobre mi perspectiva personal y experiencias sobre lo que sucede hoy con los nuevos actores de la industria del software. Además conocí y compartí con Javier Garzas, a quien admiro bastante y que estuvo en el evento hablando sobre metodologías ágiles.
Les comparto las memorias de mi conferencia y además los invito a ver ambas charlas desde el streaming de Streaming de Colombia 3.0 junto con las demás conferencias del área de desarrollo, los videos estarán pronto en el canal de You Tube del Ministerio de Tecnologia y Comunicaciones
A new Cold War - worlds most complex virus
Stuxnet was what many call a wake-up call to countries around the globe (read about Stuxnet here). Iran has already responded to this attack by amassing the second largest online army in the world. The internet has taken over and is quickly becoming the next platform for war. The only problem is, you don’t know who is waging it.
Wiper was so complex and sophisticated that even Kaspersky, the Russian security could not find the virus or any information on the creator/s. The malware wiped hard drives clean, including its own coding.
Stuxnet was a weapon, and the first to be made entirely from code. Since then, several viruses have been identified. One in particular, which has been dubbed Wiper was believed to be deleting data in the Middle East and from computers belonging to the Iranian oil industry.
By DGH source: Technology Moral Dilemma blog July 1, 211 |
But who could finance this kind of technology? It was clearly not a teenage boy in his room doing a prank. This virus had a goal and a target.
The 15 year old security firm did not give up. They eventually found an MD5 hash and file name on computers in Iran. When they put everything together they found something big, of a complexity never seen before… Flame.
Kaspersky Lab researcher Alexander Gostev stated that “Flame is a huge package of modules almost 20mb in size when fully deployed. Because of this, it is an extremely difficult piece of malware to analyse”
He added “Overall, we can say Flame is one of the most complex threats ever discovered. In addition, the geography of the targets and the complexity of the threat leave no doubt it being a nation state that sponsoredthe research behind it.”
Competitor security firm Symantec agreed with Kaspersky, stating that “This code was not likely to have been written by a single individual but by an organised, well-funded group of people working to a clear set of directives. Certain file names associated with the threat are identical to those described in an incident involving the Iranian oil ministry.”
Morgan wright – Cyberterrorism Analyst stated that the virus had 20 times more coding in it than Stuxnet, the virus that knocked down Iran’s nuclear centrifuges. He added that Flame was not only designed for recognisance, but also to steal documents, audio data, screenshots and to wipe clean hard drives with important information.
For the victims of Flame, it was like having a spy with direct control of their computer.
Learn how to take Flame and Stuxnet apart and use forensic techniques to uncover the culprits. The EC-Council C|HFI v8 certification course will teach you the entire digital forensics process. You'll learn how to secure the scene, collect evidence, and send it to the lab for testing. You will learn the following:
Here is an interesting video on the deconstruction of the Flame virus:
- How to investigate cyber crime, and the laws involved
- Different types of digital evidence, and the examination process
- The first responder toolkit - how to secure, preserve and evaluate the electronic crime scene
- How to recover deleted files and partitions in Windows, Mac OS X, and Linux
- How to use steganography, and the AccessData forensic toolkit
- Password cracking and how to investigate password-protected file breaches
- Log capturing and management
- How to investigate logs, network traffic, wireless attacks, and web attacks
- How to track emails and investigate e-mail crimes
Train to be the police of the future - get certified.
الاثنين، 29 أكتوبر 2012
Exam tips and preparation: CompTIA Network+
The Network+ certification demonstrates that the professional has a strong understanding of networking arena, focusing mainly installing, troubleshooting and maintaining basic networks.
The Network+ exam is vendor natural. This means that the certification does not focus on one company’s product. Instead it focuses on larger range of technologies, services, hardware and software.
The Network+ cert is very well known in the industry and has great value in the marketplace. The average salary of a Network+ professional is £28,500 according to itjobswatch.co.uk.
It proves to employees that you have the necessary knowledge to complete your task with minimal supervision.
This cert, and the A+ and Network+ certifications, will only be valid for 3 years after which you will need to renew in order to stay up to date.
The Exam
The exam will cover the following 6 domains which include the following topics:
· Network technologies
· Network Installation and Configuration
· Network Media and Topologies
· Network Management
· Network Security
There are some additional changes to note from the N10-004 to the new N10-005 exams
· The Network Security topic has increased in weight from 11% to 19%
· Virtual Networking has been added to objectives
· Network Devices and Network Tools domain have been integrated into other areas
· Network Installation & Configuration is a new domain
It will consist of 100 questions. Most of them being multiple-choice and lasts 90 minutes.
To pass the exam you will need to get 720 out of 900. This is roughly 80%.
Tips for difficult areas
The following topics are the ones that seem to be the most difficult for students, so here are some tips to deal with them:
Wide coverage of networking topic – There is wide variety of topics, be sure to know all of them. Although it does not go deep into each topic, so basic knowledge will be ok
“Speeds and feeds”– this is hard as there are many varieties to these sections. For example: there are a variety of ethernet standards, with a variety of media types, a variety of speeds and with a variety of distance limitations. Try to focus on this area to remember it all.
Performing the binary math calculations – You should be able to have a given IP network and subnet it into a certain number of subnets to support a certain number of hosts and be able to identify the usable IP address range in each of these subnets.
Avoid distracot choices – remember to read through the whole question before answering.
Preparation Hints
Before you start the course and your exam, it is important to note that this certification is recommended for those who have a CompTIA A+ certification.
In addition, it is worth looking at the exam objectives found on the CompTIA site here:http://certification.comptia.org/Training/testingcenters/examobjectives.aspx
Here you will find the topics that will be covered and also the weighting for each domain.
Good luck.
Stuxnet – 2 years on and what we’ve learned
In June two years ago, the most sophisticated computer virus was discovered in power-plants, factories and traffic control systems all around the world. It was said to be 20 times more complex than any other virus code created before.
Stuxnet was a weapon, and it was the first to be made entirely out of code
Of course, we are talking about Stuxnet…
As a virus, it had a number of capabilities. It was able to turn up the pressure in nuclear reactors, switch off oil pipelines and while doing all this; it would tell all the system operators that everything was ok.
Unlike viruses before it, Stuxnet didn't forge fake security clearance. It actually had a real clearance stolen from one of the most reputable security systems in the world: Realtek. It also exploited security gaps that system creators where unaware of. These are called ‘Zero Days’ and they can go for up to $100,000 in the black market. How many ‘Zero Days’ did Stuxnet use? 20!
In the coding, it was designed to keep dormant until it reached its specific target, without that target it did not activate.
What was it planning to shut down?
It was designed to shut down the centrifuges that spin nuclear material at Iran’s enrichment facilities.
It was designed to shut down the centrifuges that spin nuclear material at Iran’s enrichment facilities.
The ISIS has stated that Stuxnet may have shut down over 1000 centrifuges at Natanz (Iran’s main enrichment facility). Last year, the Iranian government stated that the virus’s infection of the Bushehr’s nuclear facility meant that turning on the plant could lead to a national electricity blackout.
So what does that kind of scare do to a country?
Well Iran gathered an army of online security experts and is now said to have the second largest online army in the world.
Who created the Stuxnet virus?
There is no direct evidence as to who created it. But some believe that Israel was responsible as the code contains references to the Hebrew bible. Others believe it was the US. But it seems as though we will never know for sure.
How to be a hacker and get paid for it - legally
Yep that’s right, you can now be a hacker and get paid for it. In fact, the average salary of an ethical Hacker is over £40,000! (itjobswatch.co.uk) But what is this ethical hacker? Aka a white hat hacker is someone who hacks and exploits zero days from companies who are looking to increase their security. As simple as that; they will pay you to find and exploit zero days in order and get rid all possible risks.
Become a Certified Ethical Hacker (CEH) and be a respected hacker defending companies and even countries from viruses such as Stuxnet itself.
EC-Councilis a very well know vendor for professional certifications in the IT security field. Here are some of their powerful certifications:
Certified Ethical Hacker (CEH)
الأحد، 28 أكتوبر 2012
En video: Arquitectura de Software para Principiantes
Hace un tiempo publique en mi canal de Slideshare unas diapositivas sobre "El rol de un arquitecto" y "Arquitectura de Software para Principiantes", hace unos días un buen amigo me mostro que la habian usado para unos videos de YouTube. Agradezco mucho a Carlos Andrés Jaramillo por la publicación, y les comparto su excelente trabajo, además de invitarlos a visitar su canal de You Tube.
الخميس، 25 أكتوبر 2012
Windows 8 launch - only hours away
It’s been a long count down; with several teases along the way... we got a preview of Server 2012, Windows 8 mobile and all the beta's.
But it is finally moments away. Microsoft will reveal all to us at the special launch event taking place in New York at 4:15pm (11:15 EDT).
The launch event will be followed by its official release at midnight.
Follow this link to watch the launch of Windows 8 live.
Want an in depth review of Windows 8? Well you've came to the right place. Last week Firebrand's Commercial Director wrote an in depth review of his experience with Windows 8 during his trip across Europe: Don’t look back in anger - a week with Windows 8
Exam tips and preparation: CompTIA Security+
The security+ certification demonstrates that the professional has a strong understanding of computer systems security, network security, access control and organisational security.
The security+ exam is vendor natural. This means that the certification does not focus on one company’s product. Instead it focuses on larger range of technologies, services, hardware and software.
The Security+ cert is very well known in the industry and is highly in demand. The average salary of a Security+ professional is £51,250 according to itjobswatch.co.uk.
This cert, and the A+ and Network+ certifications, will only be valid for 3 years after which you will need to renew in order to stay up to date.
The Exam
The exam will cover the following 6 domains:
- Network Security
- Compliance and Operational Security
- Threats and Vulnerabilities
- Application, Data, and Host Security
- Access Control and Identity Management
- Cryptography
It will consist of 100 questions. Most of them being multiple-choice and lasts 90 minutes.
To pass the exam you will need to get 750 out of 900. This is roughly 80%.
Tips for difficult areas
The following topics are the ones that seem to be the most difficult for students, so here are some tips to deal with them:
Encryption – Cryptography, Hashing and PKI are difficult areas, but for the exam you will only need basic understanding.
Malicious attacks – There are many types of attacks and it can be difficult to remember them all, so it’s recommended you take extra time learning as many as you can.
Access control models – The three models (Discretionary access control, mandatory control and roll based access control) can be confusing so it is important to know the differences in each model.
Authentication models – there are many types of models for Authentication; from physical to logical and local to remote. So it’s important to remember each type and their differences.
Preparation Hints
Before you start the course and your exam, it is important to note that this certification is recommended for those who have prior work experience in the computer field, with hands-on networking experience.
It is also advised that you have Network+certification too.
In addition, it is worth looking at the exam objectives found on the CompTIA site here: http://certification.comptia.org/Training/testingcenters/examobjectives.aspx
Here you will find the topics that will be covered and also the weighting for each domain.
Good luck.
الأربعاء، 24 أكتوبر 2012
CompTIA CASP security exam tips
Michael Gregg, CASP author and cyber security expert, gives an overview of the CompTIA CASP Advanced Security Practitioner Certification exam in this 10 minute video. He offers some tips from his CASP book and info to help others pass the certification.
The new and popular CompTIA CASP certification comprises of four domains:
1. Enterprise Security
2. Risk Management, Policy Procedure and Legal
3. Research & Analysis
4. Integration of Computing, Communications and Business Disciplines
Get an insight into each of these domains and will help you in passing your exam.
Preview of the new CompTIA performance based exam questions
Since the announcement of the changes made in the CompTIA exams (Changes in CompTIA exams), several of you have wanted to know more.
The video below offers a simulated test session which will give you an understanding of what to expect.
The new performance based questions were first released this month and are due to spread to other CompTIA courses by the end of the year.
The length of the video is 15 minutes and is worth the watch to be ready for your next exam.
The exams will potentially not be as easy, but if you learn your stuff, it will be a breeze. Students will perform tasks and solve problems to answer the questions using a simulated environment. Read more on the changes to be ready here.
الاثنين، 22 أكتوبر 2012
Security Threats in 2011 – by Month
Symantec released a powerful report called the Internet Security Threat Report (Read here). It gives a comprehensive analysis of internet security threats with several sources. The Symantec Global Intelligence Network is made up of over 64 million attack sensors, recording thousands of events per second. Here is a monthly overview of what happened in 2011.
January
- A Scam is created using an Indonesian Facebook app to steal Login information
- Scammers take advantage of the Serrana Flood in Brazil to take donations
February
- Anonymous hacks HBGary Federal (security firm)
- Android trojan released in unregulated Android Marketplaces
- 429 scams used to target unrest in Egypt and Libya
March
- US law enforcements and Microsoft take down the Rustock botnet
- The mobile threat Android.Rootcager appears on the official Android Market
- 419 scams take advantage of the Japanese Earthquake (fake donations sites and malicious attachments
- Hackers repackage Googles tool for removing the Android.Rootcager with a new Trojan; Anroid.Bgserv
- GlobalTrust.it, Comodo Registration Authorities and InstantSSL.it are hacked and fake certifications are created of Hotmail, Google, Yahoo!, Skype and Mozilla
April
- Iran discovers new virus dubbed “Stars”. It is believed to be similar to the previous Stuxnet-style attack
- Malware found registering into Facebook applications
- Spammers use the British Royal Wedding for campaigns and SEO poisoning
- Playstation Network was hacked. Sony shuts down the service while restoring security
- Court order is awarded to the FBI to shut down the Coreflood botnet with ‘delete’ command.
- Phishing and malware attacks spiked due to Osama bin Laden’s death
- The hacking group LulzSec starts up with the slogan “in I for the LULZ”
- “tagging” spam campaign spreads across Facebook
- A free version of Blackhole exploit kit is leaked
June
- LulzSec hacks the cyber security consulting company Black & Berg and refuses the $10,000 offered as a price
- LulzSec hacks the US Senate, CIA, FBI affiliates in response to the US Government declaring that cyber-attacks could be perceived as an act of war
- LulzSec is attacked by TeaMp0isoN/th3j35t3r
- Operation AntiSec begins
- The Bitcoin virtual currency is hacked (currency exchange service)
- The certificate authority is hacked by DigiNotar which leads to end of the company
July
Source: by Zach Epstein - http://bgr.com Mar 6, 2012 |
- Microsoft offers a $250,000 reward for information which will lead to the arrest of the creators of Rustock
- Amy Winehouse’s death is used to spread Infostealer.Bancos (Trojan used to gather financial information)
August
- Phishing attacks are found with fake trust seals
September
- Spammers take advantage of the tenth anniversary of 9/11 in order to harvest email addresses
- Pharmaceutical spam exploits the Delhi bomb blast
- Microsoft shuts down the Kelihos botnet
October
- W32 is officially discovered. May also be the virus Iran found in April named “Stars”
- The Libyan leaders death leads to several spam campaigns spreading malware
- Attackers behind the Blackhole exploit kit start spam campaign based on Steve Jobs death
- The Microsoft Security Intelligence Report shows that Java is now the most exploited software
November
- Relatively Peaceful…
December
- The global affairs analysis company Stratfor is hacked
- Spam falls to the lowest levels in 3 years
الاشتراك في:
الرسائل (Atom)