Always Get Better

Posts Tagged ‘security’

ASP.NET: A potentially dangerous Request.Form value was detected from the client

Saturday, August 2nd, 2008

This error is caused by the presence of HTML in the fields returned by a form post.  In many cases, for example page management tools, you may want to allow your users to enter text formatted with HTML.  By default, ASP.NET doesn’t like this.

To turn it off, add ValidateRequest=”false” to the top of your aspx file.  This turns off validation of form results.

Honestly, I would rather if this property were available for individual form controls, because in my mind validation is still desirable overall even if one or two fields should allow HTML.  But there you have it.

Getting Real Power in Vista

Tuesday, July 1st, 2008

Windows Vista hides the administrator user. In order to access it, open a command prompt and issue the command:

net user administrator /active:yes password

Password can be anything you want, and will set up the administrator user.

Although you can access much of your system’s setting under the default super user account, Vista implements a User Access Control System that effectively makes administrator the only real super user. In particular, the “Local Users and Groups” interface is normally hidden from you.

One more note – the command listed above can’t be run from a regular shell – you must open the shell as administrator.

Blow Out the Candles for Spam’s Birthday

Saturday, May 3rd, 2008

Kudos to this article for acknowledging MUDs as the source of the term “SPAM”: A very unhappy birthday to spam, age 30

Now that spam has been with us for 30 memorable years, let’s take a moment to think of all the great things spam does for us:

  1. Enlarged lower members
  2. Enhanced “motivational” drive
  3. Pleased partners
  4. Cheap pharmaceuticals (like aspirin, of course)
  5. Lonely ladies with web cams
  6. University degrees for the masses
  7. Winning notifications for lotteries we didn’t even know we entered
  8. The opportunity to help the families of political victims retrieve their relative’s wealth, and share it with us
  9. Quality Rolex watches at amazing discounts
  10. Escape from debt

Not to mention it has become Nigeria’s chief export.

Google Finds Evil and Protects us from it

Monday, March 3rd, 2008

As confident as we may be that we’re the only ones using our computers, the truth is we can’t ever be completely safe. For my own part, I was smug in the knowledge that because I ran an up-to-date antivirus program, didn’t hang around the web’s so-called “red light districts”, and didn’t download software I was unsure of, I had nothing to fear from those nasty virus things.

Wrong.

Just Being Careful Won’t Protect Your Computer From Attack

When NIMDA hit, I really felt violated. Even though I did nothing to cause my computer’s fall from glory, there it was. Where once I had the illusion of control over my space, all of a sudden it was shattered. It’s a brave new world.

Unless giving up the Internet is an acceptable alternative, we have to live with the risk of having our computers compromised at any moment. Apparently there are legions of “zombie networks” just waiting to be activated and used for evil – computers with hidden software controlled by enterprising criminals interested in nothing but a quick dollar.

Maybe it’s because I’m naive. Maybe it’s because I get paid by the hour so long virus-cleansing sessions don’t cut into my dinner plate. But I have to ask – how much of a problem is this? If my regular actions aren’t putting me at (extra) risk, what benefit will worrying bring?

Never Visit a Trojan Page Again

Fortunately Google exists to protect us from evil-doers by scanning the web for so-called “badware”. When performing Google searches and attempting to access one of these “bad” sites, Google presents us with a warning and gives us the option to bail or continue with the site.

Thank goodness for that! Let’s all uninstall our antivirus software now.