Summary

This chapter has presented some of the human error issues you need to consider for your next coding project. It’s shown you how many of these errors creep in because developers lack time or simply don’t think about code from a cracker’s perspective. Once you see some of the exploits presented in this chapter, it becomes painfully obvious that none of them requires a rocket scientist to figure out—you just need to think outside the box.

Now that you’ve spent time looking at these human error issues, it’s time to create a hit list of your own. One of the best ways to produce more secure applications is to use a checklist to ensure you have all of the bases covered. Of course, this isn’t the only step you need to take, but many developers leave this step out of their plans for any of a variety of reasons. Good security begins with a standardized and measured approach to maintaining application quality.

Chapter 4 shows how to use various rule-based security approaches to maintain a secure environment for .NET applications. It pursues a detailed description of some of the relevant .NET Framework namespaces and demonstrates the differences between declarative and imperative security. You’ll also see techniques for testing your desktop application. Chapter 4 also covers essentials such as using the .NET Framework Configuration Tool and signing your components and applications to make it harder for people to tamper with their content.