Search Results

Search found 851 results on 35 pages for 'rubin attack'.

Page 10/35 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • How to implment the database for event conditions and item bonuses for a browser based game

    - by Saifis
    I am currently creating a browser based game, and was wondering what was the standard approach in making diverse conditions and status bonuses database wise. Currently considering two cases. Event Conditions Needs min 1000 gold Needs min Lv 10 Needs certain item. Needs fulfillment of another event Status Bonus Reduces damage by 20% +100 attack points Deflects certain type of attack I wish to be able to continually change these parameters during the process of production and operation, so having them hard-coded isn't the best way. All I could come up with are the following two methods. Method 1 Create a table that contains each conditions with needed attributes Have a model named conditions with all the attributes it would need to set them conditions condition_type (level, money_min, money_max item, event_aquired) condition_amount prerequisite_condition_id prerequisite_item_id Method 2 write it in a DSL form that could be interpreted later in the code Perhaps something like yaml, have a text area in the setting form and have the code interpret it. condition_foo: condition_type :level min_level: 10 condition_type :item item_id: 2 At current Method 2 looks to be more practical and flexible for future changes, trade off being that all the flex must be done on the code side. Not to sure how this is supposed to be done, is it supposed to be hard coded? separate config file? Any help would be appreciated. Added For additional info, it will be implemented with Ruby on Rails

    Read the article

  • Does data mining qualify as an abuse?

    - by Hybryd
    Hi all, today I had a strange experience with my ISP. They disabled my password for internet connection, and when I called them, they enabled it again, but they didn't say why it happened. In the last couple of days I was running a data mining that I made for one forum to get some useful info about business that I'm in. So I thought, maybe my ISP figured that 10,000 page requests in couple of hours to the same site may be some kind of attack. What do you think, does it qualify as an attack? Is it even ok to data mine in that way?

    Read the article

  • How useful is mounting /tmp noexec?

    - by Novelocrat
    Many people (including the Securing Debian Manual) recommend mounting /tmp with the noexec,nodev,nosuid set of options. This is generally presented as one element of a 'defense-in-depth' strategy, by preventing the escalation of an attack that lets someone write a file, or an attack by a user with a legitimate account but no other writable space. Over time, however, I've encountered arguments (most prominently by Debian/Ubuntu Developer Colin Watson) that noexec is a useless measure, for a couple potential reasons: The user can run /lib/ld-linux.so <binary> in an attempt to get the same effect. The user can still run system-provided interpreters on scripts that can't be run directly Given these arguments, the potential need for more configuration (e.g. debconf likes an executable temporary directory), and the potential loss of convenience, is this a worthwhile security measure? What other holes do you know of that enable circumvention?

    Read the article

  • game play strategy in an arena

    - by joulesm
    I am writing a player's behavior for an arena game, and I'm wondering if you can offer some strategies. I'm writing it in Python, but I'm just interested in the high level game play. Here are the game aspects: Arena is a circle of a given size. The arena size shrinks every round to help break ties. Players are much smaller circles, can be on teams of 1 or 2 players. Players attack by colliding with other players, and based on the physics of the collision (speed of both players, angle), one could force another player out of the arena. Once a player is out of the arena, they are out of the game (for that round). The goal is to be the only team with players left in the arena. All other players have been pushed (through collisions or mistakes) out of the arena. It is possible for there to be no winner if the last two players exit the arena at the same time. Once the player has been programmed, the game just runs. There is no human intervention in the game. I'm thinking it's easiest to implement a few simple programmatic rules for my player to follow. For example, stay close to center of the arena, attack opponents from the inner side of the arena, etc. Are there any good simple game strategies? Would adding a random aspect to the game help? For example, to avoid predictability by the other team or something. Thanks in advance.

    Read the article

  • What Kind of Spam is This? Testing Blog Comment Limits

    - by Yar
    I received this comment on one of my blogs today (on blogger.com): Easily I agree but I about the post should acquire more info then it has. It's the third in a series. Before there was: I will not acquiesce in on it. I over precise post. Expressly the title attracted me to be familiar with the sound story. and before that Your blog keeps getting better and better! Your older articles are not as good as newer ones you have a lot more creativity and originality now keep it up! It is obviously computer-generated (well, not this last one). The comments are from Anonymous, so they're not trying to legitimate a user on Blogger. Is this a spam attack? What might its goal be? Or are they just testing my blog to see if I reject or not? Does this kind of "attack" have a name?

    Read the article

  • Android sera désormais mis à jour annuellement, pour éviter sa fragmentation face à la profusion de

    Android sera désormais mis à jour annuellement, pour éviter sa fragmentation face à la profusion de versions existantes Le responsable d'Android chez Google, Andy Rubin, vient de faire une annonce importante : les mises à jour d'Android deviendront très bientôt annuelles. Cette décision a été prise dans l'intérêt de la plateforme, afin d'en réduire la fragmentation provoquée par l'arrivée continuelle de nouvelles versions. D'autant plus que la majorité des téléphones embarquent une version d'Android modifiée par son constructeur. Chaque mise à jour du logiciel demande donc en plus une actualisation du skin du fabriquant. Des updates planifiées sur une base annuelle apporteront en confort et en simplicité, autant pour...

    Read the article

  • My server's been hacked EMERGENCY

    - by Grant unwin
    I'm on my way into work at 9.30 p.m. on a Sunday because our server has been compromised somehow and was resulting in a DOS attack on our provider. The servers access to the Internet has been shut down which means over 5-600 of our clients sites are now down. Now this could be an FTP hack, or some weakness in code somewhere. I'm not sure till I get there. How can I track this down quickly? We're in for a whole lot of litigation if I don't get the server back up ASAP. Any help is appreciated. UPDATE Thanks to everyone for your help. Luckily I WASN'T the only person responsible for this server, just the nearest. We managed to resolve this problem, although it may not apply to many others in a different situation. I'll detail what we did. We unplugged the server from the net. It was performing (attempting to perform) a Denial Of Service attack on another server in Indonesia, and the guilty party was also based there. We firstly tried to identify where on the server this was coming from, considering we have over 500 sites on the server, we expected to be moonlighting for some time. However, with SSH access still, we ran a command to find all files edited or created in the time the attacks started. Luckily, the offending file was created over the winter holidays which meant that not many other files were created on the server at that time. We were then able to identify the offending file which was inside the uploaded images folder within a ZenCart website. After a short cigarette break we concluded that, due to the files location, it must have been uploaded via a file upload facility that was inadequetly secured. After some googling, we found that there was a security vulnerability that allowed files to be uploaded, within the ZenCart admin panel, for a picture for a record company. (The section that it never really even used), posting this form just uploaded any file, it did not check the extension of the file, and didn't even check to see if the user was logged in. This meant that any files could be uploaded, including a PHP file for the attack. We secured the vulnerability with ZenCart on the infected site, and removed the offending files. The job was done, and I was home for 2 a.m. The Moral - Always apply security patches for ZenCart, or any other CMS system for that matter. As when security updates are released, the whole world is made aware of the vulnerability. - Always do backups, and backup your backups. - Employ or arrange for someone that will be there in times like these. To prevent anyone from relying on a panicy post on Server Fault. Happy servering!

    Read the article

  • Best way to calculate unit deaths in browser game combat?

    - by MikeCruz13
    My browser game's combat system is written and mechanically functioning well. It's written in PHP and uses a SQL database. I'm happy with the unit balance in relation to one another. I am, however, a little worried about how I'm calculating unit deaths when one player attacks another because the deaths seem to pile up a little fast for my taste. For this system, a battle doesn't just trigger, calculate winner, and end. Instead, it is allowed to go for several rounds (say one round every 15 mins.) until one side passes a threshold of being too strong for the other player and allows players to send reinforcements between rounds. Each round, units pair up and attack each other. Essentially what I do is calculate the damage: AP = Attack Points HP = Hit Points Units AP * Quantity * Random Factors * other factors (such as attrition) I take that and divide by the defending unit's HP to find the number of casualties of defending units. So, for example (simplified to take out some factors), if I have: 500 attackers with 50 AP vs 1000 defenders with 100 HP = 250 deaths. I wonder if that last step could be handled better to reduce the deaths piling up. Some ideas: I just change all the units with more HP? I make sure to set the Attacking unit's AP to be a max of the defender's HP to make sure they only kill 1 unit. (is that fair if I have less huge units vs many small units?) I spread the damage around more by including the defending unit's quantity more? i.e. in that scenario some are dead and some are 50% damage. (How would I track this every round?) Other better mathematical approaches?

    Read the article

  • How to block null/blank user-agents in IIS 7.5

    - by Jeremy
    We are going through a large scale DDOS attack, but it isn't the typical bot-net that our Cisco Guard can handle, it is a BitTorrent attack. This is new to me, so I am unsure how to stop it. Here are the stats IIS is processing between 40 and 100 requests per second from BitTorrent clients. We have about 20% of the User Agents, but the other 75% are blank. We want to block the blank user agents at the server level. What is the best approach?

    Read the article

  • Logs show lots of user attempts from unknown IP

    - by rodling
    I lost access to my instance which I host on AWS. Keypairing stopped to work. I detached a volume and attached it to a new instance and what I found in logs was a long list of Nov 6 20:15:32 domU-12-31-39-01-7E-8A sshd[4925]: Invalid user cyrus from 210.193.52.113 Nov 6 20:15:32 domU-12-31-39-01-7E-8A sshd[4925]: input_userauth_request: invalid user cyrus [preauth] Nov 6 20:15:33 domU-12-31-39-01-7E-8A sshd[4925]: Received disconnect from 210.193.52.113: 11: Bye Bye [preauth] Where "cyrus" is changed by hundreds if not thousands of common names and items. What could this be? Brute force attack or something else malicious? I traced IP to Singapore, and I have no connection to Singapore. May thought is that this was a DoS attack since I lost access and server seemed to stop working. Im not to versed on this, but ideas and solutions for this issue are welcome.

    Read the article

  • Is this how dynamic language copes with dynamic requirement?

    - by Amumu
    The question is in the title. I want to have my thinking verified by experienced people. You can add more or disregard my opinion, but give me a reason. Here is an example requirement: Suppose you are required to implement a fighting game. Initially, the game only includes fighters, who can attack each other. Each fighter can punch, kick or block incoming attacks. Fighters can have various fighting styles: Karate, Judo, Kung Fu... That's it for the simple universe of the game. In an OO like Java, it can be implemented similar to this way: abstract class Fighter { int hp, attack; void punch(Fighter otherFighter); void kick(Fighter otherFighter); void block(Figther otherFighter); }; class KarateFighter extends Fighter { //...implementation...}; class JudoFighter extends Fighter { //...implementation... }; class KungFuFighter extends Fighter { //...implementation ... }; This is fine if the game stays like this forever. But, somehow the game designers decide to change the theme of the game: instead of a simple fighting game, the game evolves to become a RPG, in which characters can not only fight but perform other activities, i.e. the character can be a priest, an accountant, a scientist etc... At this point, to make it more generic, we have to change the structure of our original design: Fighter is not used to refer to a person anymore; it refers to a profession. The specialized classes of Fighter (KaraterFighter, JudoFighter, KungFuFighter) . Now we have to create a generic class named Person. However, to adapt this change, I have to change the method signatures of the original operations: class Person { int hp, attack; List<Profession> skillSet; }; abstract class Profession {}; class Fighter extends Profession { void punch(Person otherFighter); void kick(Person otherFighter); void block(Person otherFighter); }; class KarateFighter extends Fighter { //...implementation...}; class JudoFighter extends Fighter { //...implementation... }; class KungFuFighter extends Fighter { //...implementation ... }; class Accountant extends Profession { void calculateTax(Person p) { //...implementation...}; void calculateTax(Company c) { //...implementation...}; }; //... more professions... Here are the problems: To adapt to the method changes, I have to fix the places where the changed methods are called (refactoring). Every time a new requirement is introduced, the current structural design has to be broken to adapt the changes. This leads to the first problem. Rigid structure makes it hard for code reuse. A function can only accept the predefined types, but it cannot accept future unknown types. A written function is bound to its current universe and has no way to accommodate to the new types, without modifications or rewrite from scratch. I see Java has a lot of deprecated methods. OO is an extreme case because it has inheritance to add up the complexity, but in general for statically typed language, types are very strict. In contrast, a dynamic language can handle the above case as follow: ;;fighter1 punch fighter2 (defun perform-punch (fighter1 fighter2) ...implementation... ) ;;fighter1 kick fighter2 (defun perform-kick (fighter1 fighter2) ...implementation... ) ;;fighter1 blocks attacks from fighter2 (defun perform-block (fighter1 fighter2) ...implementation... ) fighter1 and fighter2 can be anything as long as it has the required data for calculation; or methods (duck typing). You don't have to change from the type Fighter to Person. In the case of Lisp, because Lisp only has a single data structure: list, it's even easier to adapt to changes. However, other dynamic languages can have similar behaviors as well. I work primarily with static languages (mainly C and Java, but working with Java was a long time ago). I started learning Lisp and some other dynamic languages this year. I can see how it helps improving my productivity.

    Read the article

  • Server Security

    - by mahatmanich
    I want to run my own root server (directly accessible from the web without a hardware firewall) with debian lenny, apache2, php5, mysql, postfix MTA, sftp (based on ssh) and maybe dns server. What measures/software would you recomend, and why, to secure this server down and minimalize the attack vector? Webapplications aside ... This is what I have so far: iptables (for gen. packet filtering) fail2ban (brute force attack defense) ssh (chang default, port disable root access) modsecurity - is really clumsy and a pain (any alternative here?) ?Sudo why should I use it? what is the advantage to normal user handling thinking about greensql for mysql www.greensql.net is tripwire worth looking at? snort? What am I missing? What is hot and what is not? Best practices? I like "KISS" - Keep it simple secure, I know it would be nice! Thanks in advance ...

    Read the article

  • BDD for C# NUnit

    - by mjezzi
    I've been using a home brewed BDD Spec extension for writing BDD style tests in NUnit, and I wanted to see what everyone thought. Does it add value? Does is suck? If so why? Is there something better out there? Here's the source: https://github.com/mjezzi/NSpec There are two reasons I created this To make my tests easy to read. To produce a plain english output to review specs. Here's an example of how a test will look: -since zombies seem to be popular these days.. Given a Zombie, Peson, and IWeapon: namespace Project.Tests.PersonVsZombie { public class Zombie { } public interface IWeapon { void UseAgainst( Zombie zombie ); } public class Person { private IWeapon _weapon; public bool IsStillAlive { get; set; } public Person( IWeapon weapon ) { IsStillAlive = true; _weapon = weapon; } public void Attack( Zombie zombie ) { if( _weapon != null ) _weapon.UseAgainst( zombie ); else IsStillAlive = false; } } } And the NSpec styled tests: public class PersonAttacksZombieTests { [Test] public void When_a_person_with_a_weapon_attacks_a_zombie() { var zombie = new Zombie(); var weaponMock = new Mock<IWeapon>(); var person = new Person( weaponMock.Object ); person.Attack( zombie ); "It should use the weapon against the zombie".ProveBy( spec => weaponMock.Verify( x => x.UseAgainst( zombie ), spec ) ); "It should keep the person alive".ProveBy( spec => Assert.That( person.IsStillAlive, Is.True, spec ) ); } [Test] public void When_a_person_without_a_weapon_attacks_a_zombie() { var zombie = new Zombie(); var person = new Person( null ); person.Attack( zombie ); "It should cause the person to die".ProveBy( spec => Assert.That( person.IsStillAlive, Is.False, spec ) ); } } You'll get the Spec output in the output window: [PersonVsZombie] - PersonAttacksZombieTests When a person with a weapon attacks a zombie It should use the weapon against the zombie It should keep the person alive When a person without a weapon attacks a zombie It should cause the person to die 2 passed, 0 failed, 0 skipped, took 0.39 seconds (NUnit 2.5.5).

    Read the article

  • extracting secrets from an embedded chip

    - by Will
    I am looking at an embedded system where secrets are stored in flash that is internal to the chip package, and there is no physical interface to get that information out - all access to this flash is policed by program code. All DMA attacks and JTAG and such are disabled. This seems to be a common locked-down configuration for system-on-a-chip. How might an attacker recover the secrets in that Flash? I understand they can fuzz for vulnerabilities in the app code and exploit it, that there could be some indistinct general side channel attack or something. But how would an attacker really go about trying to recover those keys? Are there viable approaches for a determined attacker to somehow shave-down the chip or some kind of microscope attack?

    Read the article

  • SSL Authentication with Certificates: Should the Certificates have a hostname?

    - by sixtyfootersdude
    Summary JBoss allows clients and servers to authenticate using certificates and ssl. One thing that seems strange is that you are not required to give your hostname on the certificate. I think that this means if Server B is in your truststore, Sever B can pretend to be any server that they want. (And likewise: if Client B is in your truststore...) Am I missing something here? Authentication Steps (Summary of Wikipeida Page) Client Server ================================================================================================= 1) Client sends Client Hello ENCRIPTION: None - highest TLS protocol supported - random number - list of cipher suites - compression methods 2) Sever Hello ENCRIPTION: None - highest TLS protocol supported - random number - choosen cipher suite - choosen compression method 3) Certificate Message ENCRIPTION: None - 4) ServerHelloDone ENCRIPTION: None 5) Certificate Message ENCRIPTION: None 6) ClientKeyExchange Message ENCRIPTION: server's public key => only server can read => if sever can read this he must own the certificate - may contain a PreMasterSecerate, public key or nothing (depends on cipher) 7) CertificateVerify Message ENCRIPTION: clients private key - purpose is to prove to the server that client owns the cert 8) BOTH CLIENT AND SERVER: - use random numbers and PreMasterSecret to compute a common secerate 9) Finished message - contains a has and MAC over previous handshakes (to ensure that those unincripted messages did not get broken) 10) Finished message - samething Sever Knows The client has the public key for the sent certificate (step 7) The client's certificate is valid because either: it has been signed by a CA (verisign) it has been self-signed BUT it is in the server's truststore It is not a replay attack because presumably the random number (step 1 or 2) is sent with each message Client Knows The server has the public key for the sent certificate (step 6 with step 8) The server's certificate is valid because either: it has been signed by a CA (verisign) it has been self-signed BUT it is in the client's truststore It is not a replay attack because presumably the random number (step 1 or 2) is sent with each message Potential Problem Suppose the client's truststore has certs in it: Server A Server B (malicous) Server A has hostname www.A.com Server B has hostname www.B.com Suppose: The client tries to connect to Server A but Server B launches a man in the middle attack. Since server B: has a public key for the certificate that will be sent to the client has a "valid certificate" (a cert in the truststore) And since: certificates do not have a hostname feild in them It seems like Server B can pretend to be Server A easily. Is there something that I am missing?

    Read the article

  • Rainbow Tables: How to improve upon them??

    - by CVS-2600Hertz-wordpress-com
    I recently obtained the l0pht-CD for windows and tried it out on my PC and It WORKS!! http://2600hertz.wordpress.com/2009/12/22/100-windows-xp-vista-7-password-recovery/ I have also read http://kestas.kuliukas.com/RainbowTables/ I'm designing a "Login-Simulator" that stores pwd-s in a similar manner. The current implementation will be vulnerable to the above attack. Plz could anyone illustrate (in as simple terms as possible), how to strengthen the rainbow tables against such an attack. MY GOAL : Build "Login-Simulator" to be as secure as possible. (Read Hacking Competition ;-) ) Thank You.

    Read the article

  • Multiple interfaces inhertience. Casting from one to another

    - by yossi1981
    Consider the following set of classes/Interfaces: class IFish{ public: virtual void eat() = 0; } class IFriendly{ public: virtual void protect() = 0; } class IAggresive{ public: virtual void attack(Point inDest) = 0; } class CDolphin : public IFish, IFriendly{ eat... protect.... } class CShark : public IFish, IAggresive{ eat.... attack... } Now I am having the following class void CDiver { Void shouldRunAway(IFish* fish) { //??? } } My question is , can "shouldRunAway" extract from the fish argument whether it is an IAggresive or IFreindly (if it is any of these at all...) is there some kind of casting that can help out?

    Read the article

  • Write the longest possible loop.

    - by Abhay
    Hello Group, Recently I was asked this question in a technical discussion. What is the longest possible loop that can be written in a programming language? This loop has to be as long as possible and yet not an infinite loop and should not end-up crashing the program (Recursion etc...) I honestly did not know how to attack this problem, so I asked him if is it practically possible. He said using some computer science concepts, you can arrive at a hypothetical number which may not be practical but nevertheless it will still not be infinite. Anyone here; knows how to analyse / attack this problem. P.S. Choosing some highest limit for a type that can store the highest numerical value is apparently not an answer. Thanks in advance,

    Read the article

  • SimpleInjector - Register a type for all it's interfaces

    - by Karl Cassar
    Is it possible to register a type for all it's implementing interfaces? E.g, I have a: public class Bow : IWeapon { #region IWeapon Members public string Attack() { return "Shooted with a bow"; } #endregion } public class HumanFighter { private readonly IWeapon weapon = null; public HumanFighter(IWeapon weapon) { this.weapon = weapon; } public string Fight() { return this.weapon.Attack(); } } [Test] public void Test2b() { Container container = new Container(); container.RegisterSingle<Bow>(); container.RegisterSingle<HumanFighter>(); // this would match the IWeapon to the Bow, as it // is implemented by Bow var humanFighter1 = container.GetInstance<HumanFighter>(); string s = humanFighter1.Fight(); }

    Read the article

  • Why is my upload-of-a-file code putting 2 sets of files into my directory? (PHP)

    - by ggfan
    When I upload a file using this code, it puts a copy of the file in the "uploads" folder(which is what I want) but it also puts a copy in my root. I only want the files going to the uploads folder. define ('GW_UPLOADPATH', 'uploads/'); $upfile= GW_UPLOADPATH . $_FILES['userfile']['name']; if(is_uploaded_file($_FILES['userfile']['tmp_name'])) { if(!move_uploaded_file($_FILES['userfile']['tmp_name'], $upfile)) //this is saying if the file isn't moved to $upfile. { echo 'Problem: could not move file to destination directory'; exit; } } else { echo 'Problem: Possible file upload attack. Filename: '; //this could be an attack b/c it might be from localhost. echo $_FILES['userfile']['name']; exit; } echo 'File uploaded successfully<br><br>';

    Read the article

  • Why is using a Non-Random IV with CBC Mode a vulnerability?

    - by The Rook
    I understand the purpose of an IV. Specifically in CBC mode this insures that the first block of of 2 messages encrypted with the same key will never be identical. But why is it a vulnerability if the IV's are sequential? According to CWE-329 NON-Random IV's allow for the possibility of a dictionary attack. I know that in practice protocols like WEP make no effort to hide the IV. If the attacker has the IV and a cipher text message then this opens the door for a dictionary attack against the key. I don't see how a random iv changes this. (I know the attacks against wep are more complex than this.) What security advantage does a randomized iv have? Is this still a problem with an "Ideal Block Cipher"? (A perfectly secure block cipher with no possible weaknesses.)

    Read the article

  • session fixation

    - by markiv
    Hi All, I am new to web development, and trying to get a hold on security issues. I went through this article on http://guides.rubyonrails.org/security.html these are some of the steps the author has mentioned how an attacker fixes session. 1. The attacker creates a valid session id: He loads the login page of the web application where he wants to fix the session, and takes the session id in the cookie from the response (see number 1 and 2 in the image). 2. He possibly maintains the session. Expiring sessions, for example every 20 minutes, greatly reduces the time-frame for attack. Therefore he accesses the web application from time to time in order to keep the session alive. 3. Now the attacker will force the user’s browser into using this session id (see number 3 in the image). As you may not change a cookie of another domain (because of the same origin policy), the attacker has to run a JavaScript from the domain of the target web application. Injecting the JavaScript code into the application by XSS accomplishes this attack. Here is an example: <script>?document.cookie="_session_id=16d5b78abb28e3d6206b60f22a03c8d9";?</script>. Read more about XSS and injection later on. 4. The attacker lures the victim to the infected page with the JavaScript code. By viewing the page, the victim’s browser will change the session id to the trap session id. 5. As the new trap session is unused, the web application will require the user to authenticate. 6. From now on, the victim and the attacker will co-use the web application with the same session: The session became valid and the victim didn’t notice the attack. I dont understand couple of points. i) why is user made to login in step5, since session is sent through. ii) I saw possible solutions on wiki, like user properties check and others why cant we just reset the session for the user whoever is login in when they enter username and password in step5? Thanks in advance Markiv

    Read the article

  • 2D Game Help In XNA

    - by user22715
    I'm making a game in XNA called The Adventure Of The Very Hairy Princess Fairy. The game is a "Sidescroller/Platformer" like mario but there is a problem. How do I attack a wepon the the player texture and add animations so it looks like the player is holding the gun and It's not a floating image in front of the player? The player can kill with things like chainsaws playing as a very hairy princess fairy.

    Read the article

  • links for 2010-12-16

    - by Bob Rhubart
    Oracle Solaris 11 Express: Network Virtualization and Resource Control | Oracle Clinic XiangBingLiu's detailed overview of Oracle Solaris 11 Express features, including Crossbow. (tags: oracle solaris virtualization crossbow) A New Threat To Web Applications: Connection String Parameter Pollution (CSPP) (The Oracle Global Product Security Blog) "CSPP, if carried out successfully, can be used to steal user identities and hijack web credentials. CSPP is a high risk attack because of the relative ease with which it can be carried out (low access complexity) and the potential results it can have (high impact)." -- Shaomin Wang (tags: oracle otn security cspp)

    Read the article

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >