Search Results

Search found 1884 results on 76 pages for 'privacy protection'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 12/76 | < Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19  | Next Page >

  • What is the most time-effective way to monitor & manage threats from bots and/or humans?

    - by CheeseConQueso
    I'm usually overwhelmed by the amount of tools that hosting companies provide to track & quantify traffic data and statistics. I'm equally overwhelmed by the countless flavors of malicious 'attacks' that target any and every web site known to man. The security methods used to protect both the back and front end of a website are documented well and are straight-forward in terms of ease of implementation and application, but the army of autonomous bots knows no boundaries and will always find a niche of a website to infest. So what can be done to handle the inevitable swarm of bots that pound your domain with brute force? Whenever I look at error logs for my domains, there are always thousands of entries that look like bots trying to sneak sql code into the database by tricking the variables in the url into giving them schema information or private data within the database. My barbaric and time-consuming plan of defense is just to monitor visitor statistics for those obvious patterns of abuse and either ban the ips or range of ips accordingly. Aside from that, I don't know much else I could do to prevent all of the ping pong going on all day. Are there any good tools that automatically monitor this background activity (specifically activity that throws errors on the web & db server) and proactively deal with these source(s) of mayhem?

    Read the article

  • Thumbs Up or Thumbs Down – Intel Debuts Prototype Palm-Reading Tech to Replace Passwords [Poll]

    - by Asian Angel
    This week Intel debuted prototype palm-reading tech that could serve as a replacement for our current password system. Our question for you today is do you think this is the right direction to go for better security or do you feel this is a mistake? Photo courtesy of Jane Rahman. Needless to say password security breaches have been a hot topic as of late, so perhaps a whole new security model is in order. It would definitely eliminate the need to remember a large volume of passwords along with circumventing the problem of poor password creation/selection. At the same time the new technology would still be in the ‘early stages’ of development and may not work as well as people would like. Long-term refinement would definitely improve its performance, but would it really be worth pursuing versus the actual benefits? From the blog post: Intel researcher Sridhar Iyendar demonstrated the technology at Intel’s Developer Forum this week. Waving a hand in front of a “palm vein” detector on a computer, one of Iyendar’s assistants was logged into Windows 7, was able to view his bank account, and then once he moved away the computer locked Windows and went into sleeping mode. How to Get Pro Features in Windows Home Versions with Third Party Tools HTG Explains: Is ReadyBoost Worth Using? HTG Explains: What The Windows Event Viewer Is and How You Can Use It

    Read the article

  • Are copyright notices really required?

    - by Alasdair
    Ever since I made my first web page 13 years ago I have followed the pattern of showing a copyright notice in the footer of each page. Over the years the format of this notice has changed in the following way; Copyright © <NAME> yyyy. All rights are reserved. Copyright © <NAME> yyyy © yyyy <NAME> © <NAME> This has generally mirrored the format used by Google. However, I recently noticed that they no longer display a copyright notice on their home page nor have one in their source code/meta tags. I see they still display it on most (if not all) other pages. I understand that Google are very keen to keep the word count down on their homepage, which could be the reason for this sacrafice, but my question is more general and relates to all websites. Since I've always just done it out of habit, I'm hoping someone can explain if/when I a copyright notice is actually required to protect your content and rights. Also, when it is required, is there a format in which the notice must adhere to in order to be valid?

    Read the article

  • Software Licenses: No Distribution and Private Selling Using Dual Licenses

    - by user102945
    Hi I recently wrote a couple of WordPress Themes in PHP and was wondering what license i should put on it. I don't mind users reusing my code but i don't want them to be able to sell and redistribute my themes as i want to retain that right. I heard somewhere that an all rights reserved link would stop the distributing etc. Is that true or do i need to include another license and dual license my Themes. So to sum it up i want to use a license to stop others from selling and distributing my themes, while at the same time letting others use the code if they want to.

    Read the article

  • New website, plans to go large. How do you protect yourself?

    - by John Redyns
    I'm planning to create a new site that (in hopes) will make it to a decent state of popularity and use. I have made sites before, but they weren't serious, with any intended purpose other than personal and friend use. I've never been able to find a solid post on good steps to protecting yourself, and your site/idea before you start. This site will always be free, and will not be bringing it any revenue by ads or whatnot, but I plan to in the future and would want to make I'm in the clear legally for one. Do you need to copyright anything? Or anything of the same concept as copyright? Do I make an LLC to operate it under? Apologies for this extremely poorly written question, basically I want to be both legal, and I want to make sure nobody can just rip my idea or name(s). (I'm sure this will be more concise as questions here are asked) Thanks

    Read the article

  • Is "watermarking" code with random trailing whitespace a good way to detect plagiarism?

    - by paperjam
    Consider this: int f(int x) { return 2 * x * x; } and this int squareAndDouble(int y) { return 2*y*y; } If you found these in independent bodies of code, you might give the two programmers the benefit of the doubt and assume they came up with more-or-less the same function independently. But look at the whitespace at the end of each line of code. Same pattern in both. Surely evidence of copying. On a larger piece of code, correlation of random whitespace at line ends would be irrefutable evidence of a shared origin. Now aside from the obvious weaknesses: e.g. visible or obvious in some editors, easily removed, I was wondering if it was worth deploying something like this in my open source project. My industry has a history of companies ripping off open source projects.

    Read the article

  • How to efficiently protect part of an application with a license

    - by Patrick
    I am working on an application that has many functional parts. When a customer buys the application, he buys the standard functionality, but he can also buy some additional elements of the application for an additional price. All of the elements are part of the same application executable. A license key is used to indicate which of the elements should be accessible in the application. Some of the elements can be easily disabled if the user didn't pay for it. These are typically the modules that you can access via the application's menu. However, some elements give more problems: What if a part of the data model is related to an optional part? Do I build up these data structures in my application so the rest of my application can just assume they're always there? Or do I don't build them, and add checks in the rest of may application? What if some optional part is still useful to perform some internal tasks, but I don't want to expose it to the user externally? What if the marketing responsible wants to make a standard part now an optional part? In all of my application I assume that that part is present, but if it becomes optional, I should add checks on it everywhere in the application. I have some ideas on how to solve some of the problems (e.g. interfaces with dual implementations: one working implementation, and one that is activated if the optional part is not activated). Do you know of any patterns that can be used to solve this kind of problem? Or do you have any suggestions on how to handle this licensing problem? Thanks.

    Read the article

  • Protecting design ideas from being copied by other websites?

    - by mickburkejnr
    Hi everyone, I'm planning a project at the moment, while building a completely different project at the same time. Both of these projects are quite innovative in the way they either work or the way they are presented. One of the projects hasn't been done before, and the other is being made has competition, but I feel the competitions websites are light years behind what I'm doing. Is there a way for me to prevent the way my sites work or presented from being stolen? I've thought of patenting parts of them, but it requires £10,000 and I don't have that amount of money. Also, would me putting a Copyright notice on the site or an All Rights Reserved tag give me any muscle when going to websites that I feel have stolen my ideas (if they have)? Cheers!

    Read the article

  • How to tackle archived who-is personal data with opt-out?

    - by defaye
    As far as I understand it, it is possible to opt-out (in the UK at least) of having your address details displayed on who-is information of a domain for non-trading individuals. What I want to know is, after opt-out, how do individuals combat archived data? Is there any enforcement of this? How many who-is websites are there which archive data and what rights do we have to force them to remove that data without paying absurd fees? In the case of capitulating to these scoundrels, what point is it in paying for the removal of archived data if that data can presumably resurface on another who-is repository? In other words, what strategy is one supposed to take, besides being wiser after the fact?

    Read the article

  • Are the other organizations such as BSA that a small company can join?

    - by Saariko
    I am looking for other associations such as BSA. Setting aside the long debate about : should/can a software be protected?! I am currently actively looking for other, local, intentaional or even rgional groups/organizations that a small software company wants to join. I mark : small, since the BSA fees are expensive. please don't open the debate: if you are not big enough to pay the fee, than you are not big enough to join the __. Thank you

    Read the article

  • WCF client encrypt message to JAVA WS using username_token with message protection client policy

    - by Alex
    I am trying to create a WCF client APP that is consuming a JAVA WS that uses username_token with message protection client policy. There is a private key that is installed on the server and a public certificate file was exported from the JKS keystore file. I have installed the public key into certificate store via MMC under Personal certificates. I am trying to create a binding that will encrypt the message and pass the username as part of the payload. I have been researching and trying the different configurations for about a day now. I found a similar situation on the msdn forum: http://social.msdn.microsoft.com/Forums/en/wcf/thread/ce4b1bf5-8357-4e15-beb7-2e71b27d7415 This is the configuration that I am using in my app.config <customBinding> <binding name="certbinding"> <security authenticationMode="UserNameOverTransport"> <secureConversationBootstrap /> </security> <httpsTransport requireClientCertificate="true" /> </binding> </customBinding> <endpoint address="https://localhost:8443/ZZZService?wsdl" binding="customBinding" bindingConfiguration="cbinding" contract="XXX.YYYPortType" name="ServiceEndPointCfg" /> And this is the client code that I am using: EndpointAddress endpointAddress = new EndpointAddress(url + "?wsdl"); P6.WCF.Project.ProjectPortTypeClient proxy = new P6.WCF.Project.ProjectPortTypeClient("ServiceEndPointCfg", endpointAddress); proxy.ClientCredentials.UserName.UserName = UserName; proxy.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, "67 87 ba 28 80 a6 27 f8 01 a6 53 2f 4a 43 3b 47 3e 88 5a c1"); var projects = proxy.ReadProjects(readProjects); This is the .NET CLient error I get: Error Log: Invalid security information. On the Java WS side I trace the log : SEVERE: Encryption is enabled but there is no encrypted key in the request. I traced the SOAP headers and payload and did confirm the encrypted key is not there. Headers: {expect=[100-continue], content-type=[text/xml; charset=utf-8], connection=[Keep-Alive], host=[localhost:8443], Content-Length=[731], vsdebuggercausalitydata=[uIDPo6hC1kng3ehImoceZNpAjXsAAAAAUBpXWdHrtkSTXPWB7oOvGZwi7MLEYUZKuRTz1XkJ3soACQAA], SOAPAction=[""], Content-Type=[text/xml; charset=utf-8]} Payload: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><s:Header><o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><o:UsernameToken u:Id="uuid-5809743b-d6e1-41a3-bc7c-66eba0a00998-1"><o:Username>admin</o:Username><o:Password>admin</o:Password></o:UsernameToken></o:Security></s:Header><s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><ReadProjects xmlns="http://xmlns.dev.com/WS/Project/V1"><Field>ObjectId</Field><Filter>Id='WS-Demo'</Filter></ReadProjects></s:Body></s:Envelope> I have also tryed some other bindings but with no success: <basicHttpBinding> <binding name="basicHttp"> <security mode="TransportWithMessageCredential"> <message clientCredentialType="Certificate"/> </security> </binding> </basicHttpBinding> <wsHttpBinding> <binding name="wsBinding"> <security mode="Message"> <message clientCredentialType="UserName" negotiateServiceCredential="false" /> </security> </binding> </wsHttpBinding> Your help will be greatly aprreciatted! Thanks!

    Read the article

  • Software Engineer's explanation of Facebook photo privacy, with UML diagram?

    - by Alex R
    Facebook photo privacy is more complex than most people think - including the bloggers who fill the Internet trying to explain it in simple terms. Not only there is the basic album-level privacy setting to consider, but also what happens with Tagging (and related privacy settings) as well as the Share button when clicked by a Friend. Has anybody seen a good, engineering-type (e.g. UML) diagram? I envision it should include the various privacy "states" a photo can be in, what causes state transitions, and the characteristics of each state? Thanks

    Read the article

  • Application passwords and SQLite security

    - by Bryan
    I have been searching on google for information regarding application passwords and SQLite security for some time, and nothing that I have found has really answered my questions. Here is what I am trying to figure out: 1) My application is going to have an optional password activity that will be called when the application is first opened. My questions for this are a) If I store the password via android preference or SQLite database, how can I ensure security and privacy for the password, and b) how should password recovery be handled? Regarding b) from above, I have thought about requiring an email address when the password feature is enabled, and also a password hint question for use when requesting password recovery. Upon successfully answering the hint question, the password is then emailed to the email address that was submitted. I am not completely confident in the security and privacy of the email method, especially if the email is sent when the user is connected to an open, public wireless network. 2) My application will be using an SQLite database, which will be stored on the SD card if the user has one. Regardless of whether it is stored on the phone or the SD card, what options do I have for data encryption, and how does that affect the application performance? Thanks in advance for time taken to answer these questions. I think that there may be other developers struggling with the same concerns.

    Read the article

  • Having Hotlink Protectin problem in nginx

    - by Ayaz Malik
    Hello, i am having image hotlink protection problem in my nginx need help. i have a huge issue of my site's images being submited to social networks like stumbleupon with direct link ... xxxxx.jpg which some times get huge traffic and increases cpu usage plus bandwidth usage. what i am trying to do is block direct access to image from other refrers and hotlink protection. Here is the code from my vhost.conf server { access_log off; error_log logs/vhost-error_log warn; listen 80; server_name mydomain.com www.mydomain.com; # uncomment location below to make nginx serve static files instead of Apache # NOTE this will cause issues with bandwidth accounting as files wont be logged location ~* \.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css)$ { root /home/username/public_html; expires 1d; } root /home/mydomain/public_html; } location / { client_max_body_size 10m; client_body_buffer_size 128k; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; # you can increase proxy_buffers here to suppress "an upstream response # is buffered to a temporary file" warning proxy_buffers 16 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_connect_timeout 30s; proxy_redirect http://www.mydomain.com:81 http://www.mydomain.com; proxy_redirect http://mydomain.com:81 http://mydomain.com; proxy_pass http://ip_address/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; expires 24h; } } So for hotlink protection i added this code : location ~* (\.jpg|\.png|\.gif|\.jpeg)$ { valid_referers blocked www.mydomain.com mydomain.com; if ($invalid_referer) { return 403; } This is how the current nginx code for this domain looks like but didn't worked: server { access_log off; error_log logs/vhost-error_log warn; listen 80; server_name mydomain.com www.mydomain.com; # uncomment location below to make nginx serve static files instead of Apache # NOTE this will cause issues with bandwidth accounting as files wont be logged location ~* \.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css)$ { root /home/username/public_html; expires 1d; } root /home/mydomain/public_html; } location ~* (\.jpg|\.png|\.gif|\.jpeg)$ { valid_referers blocked www.mydomain.com mydomain.com; if ($invalid_referer) { return 403; } location / { client_max_body_size 10m; client_body_buffer_size 128k; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; # you can increase proxy_buffers here to suppress "an upstream response # is buffered to a temporary file" warning proxy_buffers 16 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_connect_timeout 30s; proxy_redirect http://www.mydomain.com:81 http://www.mydomain.com; proxy_redirect http://mydomain.com:81 http://mydomain.com; proxy_pass http://ip_address/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; expires 24h; } } Thank you in advance :) cheers

    Read the article

  • How do I write to an outer truecrypt volume when the inner volume protection prevents writng?

    - by con-f-use
    In a nutshell After some time using the outer volume of a hidden volume in Truecrypt I cannot write to the outer volume anymore. The protection of the inner volume always kicks in before. How do I fix this? Details I'm using truecrypt's two layered encryption of a USB stick. The outer container carries my semi-sensitive stuff while the inner hidden values has a bit more valuable information. I use both, the inner and outer volume regularly and that is part of the problem. Truecrypt can mount the outer volume for writing while protecting the inner. Usually the inner volume, when not protected this way (or mounted read-only) would be indistinguishable from free space. That is of course part of the plausible deniability scheme of truecrypt. At the beginning, everything worked as expected. I could copy and delete data to the outer volume as I pleased. Now it seams that I have written and deleted enough data to have filled the outer volume once. Despite the write protection Ubuntu tries now to write to the continuous "free space" that is the inner volume. It does that although enough other free space is on the outer volume. But on this free space there used to be data so its fragmented and the file system write prefers continuous space. The write on the continuous free space of the outer volume of course fails (with the error message in the picture above) as Truecrypt's inner-volume-protection kicks in. The Question I know this is expected behaviour, but is there a better way to write to the outer volume that does not attempt to write to the hidden free space at the end? The whole question could be more generally rephrased to: How do I control, where on a partition data is written in Ubuntu?

    Read the article

  • Saving private data

    - by rajatgoel
    Hi, Can anybody detail some approach on how to save private data in social websites like facebook, etc. They cant save all the updates and friends list in clear text format because of privacy issues. So how do they actually save it? Hashing all the data with user password so that only a valid session view it is one possibility. But I think there are some problem with this approach and there must be some better solution.

    Read the article

  • How can I configure Symantec Endpoint Protection Agent to allow access to windows shares?

    - by Peter Bernier
    I'm having some difficulties exposing a standard windows file share on a Windows Embedded Standard 2009 device that is running Symantec Endpoint Protection Agent 5.1. I'm using simply file sharing to expose a particular directory. That share is visible locally on the machine and externally visible when I disable the endpoint protection agent. I've added a rule (and moved it to the to ensure priority) allowing all hosts access on TDP ports 137,138,138,445 and another rule allowing UDP access on ports 137,138,139. When I try to connect, two endpoint protection dialogs pop up saying: Traffic has been blocked from this application: NWLINK2 IPX Protocol Driver (nwlnkipx.sys) Traffic has been blocked from this application: IPv6 driver (tcpip6.sys) I'm not using IPv6 anywhere. Interestingly, I discovered a workaround in that I can white-list all traffic from the subnet the device is on, which meets my needs, but I'm still curious as to why my original approach wasn't successful. Can anyone suggestion a reason why the above endpoint protection rules won't allow me to access windows file shares on the device?

    Read the article

  • App.config connection string Protection error

    - by MikeScott8
    I am running into an issue I had before; can't find my reference on how to solve it. Here is the issue. We encrypt the connection strings section in the app.config for our client application using code below: config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None) If config.ConnectionStrings.SectionInformation.IsProtected = False Then config.ConnectionStrings.SectionInformation.ProtectSection(Nothing) ' We must save the changes to the configuration file.' config.Save(ConfigurationSaveMode.Modified, True) End If The issue is we had a salesperson leave. The old laptop is going to a new salesperson and under the new user's login, when it tries to to do this we get an error. The error is: Unhandled Exception: System.Configuration.ConfigurationErrorsException: An error occurred executing the configuration section handler for connectionStrings. ---> System.Configuration.ConfigurationErrorsException: Failed to encrypt the section 'connectionStrings' using provider 'RsaProtectedConfigurationProvider'. Error message from the provider: Object already exists. ---> System.Security.Cryptography.CryptographicException: Object already exists

    Read the article

  • How to connect to a SOCKS Proxy from an iPhone/iPod Touch?

    - by GeneQ
    I like to surf securely and privately via a SOCKS proxy which I created via SSH tunneling, on the Mac. I used the SSH client on my Mac to achieve this. Then I thought, since the iPhone OS is essentially Mac OS, the same trick might work also on the iPhone. I managed to create a SSh tunnel on my iPhone via the Terminal (iPhone's Terminal). (Yes, it's jail-broken) ssh -D [port] [email protected] At this stage my iPhone is SOCKS proxy. However, there doesn't seem to be a way in the iPhone networking preference panel to specify a SOCKS proxy. Someone suggest creating a Proxy Auto-Contig (PAC) file to workaround this, but that sounds complicated. Any ideas how to make iPhone use it's own SOCKS proxy?

    Read the article

  • Prevent Windows 7 User Accounts from accessing files in other User Accounts

    - by Mantis
    I'm trying to set up another User Account on my Windows 7 Professional laptop for use by another person. I do not want that person to have access to any of the files in my User Account on the same machine. This machine has a single hard disk formatted with NTFS. User accounts data is stored in the default location, C:\Users. I use the computer with a Standard Account (not an Administrator). Let's call my user account "User A." I have given the new user a Standard Account. Let's call the new user's account "User B." To be clear, I want User B to have the ability to log in to her account, to use the computer, but to be unable to access any of the files in the User A account on the same machine. Currently, User B cannot use Windows Explorer to navigate to the location C:\Users\User A. However, by simply using Windows Search, User B can easily find and open documents saved in C:\Users\User A\Documents. After opening a document, that document's full path appears in "Recent Places" in Windows Explorer, and the document appears as a file that can be opened using the "Recent" feature in Word 2010. This is not the desired behavior. User B should not have the ability to see any documents using Windows Search or anything else. I have attempted to set permissions using the following procedure. Using an Administrator account, navigate to C:\Users and right-click on the "User A" folder. Select "Properties." In the "User A Properties" window that appears, click the "Security" tab. Click the "Edit..." button to change permissions. IN the "Permissions for User B" window that appears, under "Group or User Names," select User B. Under "Permissions for User B", check the box under the "Deny" column for the "Full Control" row. Ensure that the "Deny" box is automatically checked for all the other rows, and then click "OK." The system should then begin working. The process could take several minutes. When I followed this procedure, I received several "Access Denied" errors, suggesting that the system was unable to set the permissions as I had directed. I think this might be one of the reasons why User B is still able to access files in User A's account folders. Is there any other way I could accomplish my goal here? Thank you.

    Read the article

  • Does Hotspot Shield hide my activity from my ISP?

    - by test
    Can Hotspot Shield make your activities invisible to your ISP? Or can they still see what you're downloading if they so choose? Here's the text from the product description: Hotspot Shield protects your entire web surfing session; securing your connection at both your home Internet network & Public Internet networks (both wired and wireless). Hotspot Shield protects your identity by ensuring that all web transactions (shopping, filling out forms, downloads) are secured through HTTPS. Hotspot Shield also makes you private online making your identity invisible to third party websites and ISP’s. I'm just not sure what it means by "invisible to third-party websites and ISPs" and if that means the ISP can still see what I'm doing.

    Read the article

  • Bugmenot (registration bypasser) alternative that doesn't suck?

    - by davr
    I used to love Bugmenot...but then they started blocking more and more sites. Now I'd say a good 75% of the time I try to find logins on bugmenot, the site is blocked. Is there a service like bugmenot that doesn't block sites? EDIT: For example, all of these sites require registration to download files, and all of them are blocked from BugMeNot. To be clear, this problem is because BugMeNot stops users from adding logins for them, not because of the individual sites themselves: dcemu.co.uk, ubuntuforums.org, club.cdfreaks.com

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19  | Next Page >