atsec information security says they have completed an evaluation of Novell/SUSE Linux Enterprise Server 9 (SLES 9) for IBM eServer based on the Common Criteria ISO standard (ISO15408), which will result in a certification for Evaluation Assurance Level 4+ (EAL4+). Read the original announcement here.

Bruce Schneier tells us that SHA-1 has been broken. Apparently this is judged to be a believable claim, although the paper explaining details of the attack is not yet generally available. Read Bruce's blog entry here.

In David Cumps' blog there's a nice article on boxing/unboxing. Nothing really new about that topic, but it's well explained, so read it if you don't know what he's talking about.

Another thing worth mentionable is that using Generics for collections is of course the easiest way to work around boxing problems, assuming .NET 2.0 is an option to you. See the C# Language specification 2.0 here for more information on that.