Search Results

Search found 29513 results on 1181 pages for 'microsoft security essent'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 121/1181 | < Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128  | Next Page >

  • What are the downsides of leaving automation tags in production code?

    - by joshin4colours
    I've been setting up debug tags for automated testing of a GWT-based web application. This involves turning on custom debug id tags/attributes for elements in the source of the app. It's a non-trivial task, particularly for larger, more complex web applications. Recently there's been some discussion of whether enabling such debug ids is a good idea to do across the board. Currently the debug ids are only turned on in development and testing servers, not in production. There have been points raised that enabling debug ids does cause performance to take a hit, and that debug ids in production may lead to security issues. What are benefits of doing this? Are there any significant risks for turning on debug tags in production code?

    Read the article

  • MVP.Years++ ; // Thanks Microsoft

    - by Sahil Malik
    SharePoint 2010 Training: more information Even though today is April fools day, it is my MVP renewal date. So, there is always the chance of thinking not being renewed as an April fools joke.  Well, I get to postpone that joke one more time. It looks like, I’ve been renewed again. WAHOOO!! :) Thank you Microsoft, and thank you to everyone one of you for your support and best wishes, and most of all, thanks to our MVP lead, Melissa – many don’t realize it, but it’s a tough job she has to do. Think about it, all the people who are MVPs, those who no longer will be, and those who want to be. 11 years ago when I got my first award, my love for technology was insane. Today, it is worse.I will remain a technologist until I die, even after I retire and grow crinkly. I would want my dentures fitted with Microprocessors.Technology is what I passionately love doing. I am one of the very few people who lives 24 hours of his day doing exactly what I’d rather be doing – thinking, dreaming, and working with technology. Read full article ....

    Read the article

  • Kinect Hacking at Microsoft Developer Days 2012 Bulgaria

    - by Szymon Kobalczyk
    Last week I had a pleasure to speak at the Microsoft’s Developer Days 2012 in Sophia, Bulgaria. It was a great conference and I met lots of cool people there. I did a session about Kinect Hacking. My goal was to give a good understanding of Kinect inner workings, how it can be used to develop Windows applications. Later I showed examples of interesting projects utilizing the full potential the Kinect sensor. Below you can find my slides and source code of one of the demos (the one where “Szymon went to the Moon”). But I wasn’t the only one to talk about Kinect. On the 2nd day Rob Miles also did a fun session titled “Kinect Mayhem: Psychedelic Ghost Cameras, Virtual Mallets, a Kiss Detector and a Head Tapping Game” (you can watch recording of this session from TechDays Netherlands on Channel9). Later that day Yishai Galatzer made a big surprise during his session about Extending WebMatrix, and showed a plugin enabling to take control of WebMatrix with Kinect gestures. Best thing was that he wrote it during the conference, with no previous experience with Kinect SDK (I might helped him a bit to get started). Thanks for the invitation and I hope to see you soon!

    Read the article

  • How does one block unsupported web browsers?

    - by Sn3akyP3t3
    Web browsers with an end of life no longer receive security updates which not only makes them vulnerable to the end user, but I imagine its not safe for the server's which receive visits by them either. Is it practical to block or enforce and notify the end user that their browser is unsafe and unsupported? If so, how would one achieve that? I don't know of any official or crowd-sourced listing with that information to parse and keep up to date. I'm aware that the practice can be custom built with User Agent parsing and feature detection for HTML5 enabled browsers.

    Read the article

  • Apt-get take long time to update\upgrade

    - by ShockwaveNN
    On my work network any apt-get (or aptitude) commands take a very long time, it's look's like admins blocked some port for it (for unknown reason). For example sudo apt-get update take like 2 days and all I get - a very long list of responses like Get: 36 http://security.ubuntu.com precise-security/universe amd64 Packages [11.6 kB] Get: 37 http://security.ubuntu.com precise-security/universe amd64 Packages [11.6 kB] Get: 38 http://security.ubuntu.com precise-security/universe amd64 Packages [11.6 kB] Get: 39 http://security.ubuntu.com precise-security/universe amd64 Packages [11.6 kB] Get: 40 http://security.ubuntu.com precise-security/universe amd64 Packages [11.6 kB] Same situation then I try to download software Get:1 http://archive.ubuntu.com/ubuntu/ precise/main dash i386 0.5.7-2ubuntu2 [85.8 kB] Get:2 http://archive.ubuntu.com/ubuntu/ precise/main dash i386 0.5.7-2ubuntu2 [85.8 kB] Get:3 http://archive.ubuntu.com/ubuntu/ precise/main dash i386 0.5.7-2ubuntu2 [85.8 kB] Get:4 http://archive.ubuntu.com/ubuntu/ precise/main dash i386 0.5.7-2ubuntu2 [85.8 kB] Get:5 http://archive.ubuntu.com/ubuntu/ precise/main dash i386 0.5.7-2ubuntu2 [85.8 kB] Is there something I can do to change port for apt-get or something else

    Read the article

  • Microsoft Access as a Weapon of War

    - by Damon
    A while ago (probably a decade ago, actually) I saw a report on a tracking system maintained by a U.S. Army artillery control unit.  This system was capable of maintaining a bearing on various units in the field to help avoid friendly fire.  I consider the U.S. Army to be the most technologically advanced fighting force on Earth, but to my terror I saw something on the title bar of an application displayed on a laptop behind one of the soldiers they were interviewing: Tracking.mdb Oh yes.  Microsoft Office Suite had made it onto the battlefield.  My hope is that it was just running as a front-end for a more proficient database (no offense Access people), or that the soldier was tracking something else like KP duty or fantasy football scores.  But I could also see the corporate equivalent of a pointy-haired boss walking into a cube and asking someone who had piddled with Access to build a database for HR forms.  Except this pointy-haired boss would have been a general, the cube would have been a tank, and the HR forms would have been targets that, if something went amiss, would have been hit by a 500lb artillery round. Hope that solider could write a good query :)

    Read the article

  • Microsoft Access as a Weapon of War

    - by Damon Armstrong
    A while ago (probably a decade ago, actually) I saw a report on a tracking system maintained by a U.S. Army artillery control unit.  This system was capable of maintaining a bearing on various units in the field to help avoid friendly fire.  I consider the U.S. Army to be the most technologically advanced fighting force on Earth, but to my terror I saw something on the title bar of an application displayed on a laptop behind one of the soldiers they were interviewing: Tracking.mdb Oh yes.  Microsoft Office Suite had made it onto the battlefield.  My hope is that it was just running as a front-end for a more proficient database (no offense Access people), or that the soldier was tracking something else like KP duty or fantasy football scores.  But I could also see the corporate equivalent of a pointy-haired boss walking into a cube and asking someone who had piddled with Access to build a database for HR forms.  Except this pointy-haired boss would have been a general, the cube would have been a tank, and the HR forms would have been targets that, if something went amiss, would have been hit by a 500lb artillery round. Hope that solider could write a good query

    Read the article

  • Is it unethical to sell the award of a competition? [closed]

    - by Ahmet Yildirim
    This summer, i won a competition held by microsoft & nokia... Winners from each uni. received an high-end smartphone... Knowing that particular "high-end smartphone" had not much user to develop for, as soon as i receive it, i put an ad on a ebay-like site to sell it. Eventually i exchanged it with a tablet which had high developer demand & many many users to develop for , so i could make money by developing for it. I also email microsoft asking, when something technical goes wrong with the device , can i get it fixed by warranty. Which i never received a respond. Later on, after a while... I got some feedback from a connection i have from nokia, regarding sale of the device & asking for the warranty.. He says and i quote : " They say, they werent happy that you sold the device and got offended that you asked for warranty. You should not expect anything at all from microsoft or nokia in the future. " I was like what the frak, they didnt gave it to me as a gift, i won it in a competition as an award , it is my right to do whatever i want. How ethical is that , they dont respond to my email directly? Is it unethical to sell a gadget you won in a competition? Is it unethical to ask for warranty on award?

    Read the article

  • Are programming languages perfect?

    - by mohabitar
    I'm not sure if I'm being naive, as I'm still a student, but a curious question came to my mind. In another thread here, a user stated that in order to protect against piracy of your software, you must have perfect software. So is it possible to have perfect software? This is an extremely silly hypothetical situation, but if you were to gather the most talented and gifted programmers in the world and have them spend years trying to create 'perfect' software, could they be successful? Could it be that not a single exploitable bug could be created? Or are there flaws in programming languages that can still, no matter how hard you try, cause bugs that allow your program to be hijacked? As you can tell, I know nothing about security, but essentially what I'm asking is: is the reason why software is easily exploitable the fact that imperfect human beings create it, or that imperfect programming languages are being used?

    Read the article

  • Why is this by passing the SUDO password?

    - by John Isaacks
    I have a bash script I am using to automate a SVN checkout. The contents of the file were: #!/bin/bash cd /var/www-cake sudo svn checkout file:///usr/local/svn/bash_repo/repo/ Then when I double click the file it would ask me what to do, I would click the button "Run In Terminal" and then a terminal would pop up and ask me for the SUDO password. I would enter it, the script would execute and the terminal would close. I wanted to give some sort of indication that the script ran successfully so I edited my file to look like: #!/bin/bash cd /var/www-cake sudo svn checkout file:///usr/local/svn/bash_repo/repo/ echo "Head revision has been pushed to live server" I expected the terminal to now stay open and tell me the message afterwards. To my surprise it now opens and immediately closes. The script does execute and I no longer have to put in the SUDO password. Is this right? I do not understand why this is happening, seems like a security issue.

    Read the article

  • Where I missed boot.properties.?

    - by Dyade, Shailesh M
    Today one of my customer was trying to start the WebLogic Server ( Production Instance) , though he was trying to start the server in a standard way, but it was failing due to below error :   ####<Oct 22, 2012 12:14:43 PM BST> <Warning> <Security> <BanifB1> <> <main> <> <> <> <1350904483998> <BEA-090066> <Problem handling boot identity. The following exception was generated: weblogic.security.internal.encryption.EncryptionServiceException: weblogic.security.internal.encryption.EncryptionServiceException: [Security:090219]Error decrypting Secret Key java.security.ProviderException: setSeed() failed> And it started failing into below causes. ####<Oct 22, 2012 12:16:45 PM BST> <Critical> <WebLogicServer> <BanifB1> <AdminServer> <main> <<WLS Kernel>> <> <> <1350904605837> <BEA-000386> <Server subsystem failed. Reason: java.lang.AssertionError: java.lang.reflect.InvocationTargetException java.lang.AssertionError: java.lang.reflect.InvocationTargetException weblogic.security.internal.encryption.EncryptionServiceException: weblogic.security.internal.encryption.EncryptionServiceException: [Security:090219]Error decrypting Secret Key java.security.ProviderException: setSeed() failed weblogic.security.internal.encryption.EncryptionServiceException: [Security:090219]Error decrypting Secret Key java.security.ProviderException: setSeed() failed at weblogic.security.internal.encryption.JSafeSecretKeyEncryptor.decryptSecretKey(JSafeSecretKeyEncryptor.java:121) Customer was facing this issue without any changes in the system, it was stable suddenly started seeing this issue last night. When we checked, customer was manually entering the username and password, config.xml had the entries encrypted However when verified, customer had the boot.properties at the Servers/AdminServer/security folder and DomainName/security didn't have this file. Adding boot.properies fixed the issue. Regards Shailesh Dyade 

    Read the article

  • How to learn PHP effectively?

    - by Goma
    A dozen of bad tutorials out there that teach you bad habits especially when we speak about PHP. I want to learn how to avoid the things that can lead me to develop inefficient web applications. I like to learn from videos but most videos I've found on the internet are provided by people who do not follow good practices. My second option is to learn from books but I did not find a good book for starters in PHP! It would be very helpful for me if you can tell me about your story in learning PHP, what are things that I should avoid? How to learn about PHP security from the beginning to avoid unlearn something later on?. Please provide links to books, websites that provide high quality video tutorials for PHP, and you tips for a good start!

    Read the article

  • We are moving an Access based corporate front-end into a Web-based App

    - by Max Vernon
    We have an enterprise application with a front end written in Microsoft Access 2003 that has evolved over the past 6 years. The back end data, and a fair amount of back-end logic is contained within several Microsoft SQL Server databases. This front end app consists of around 180 forms, and over 120,000 lines of code, and interacts with VB.Net DLLs that support various critical functions used by our sales force. The current system makes use of 3 monitors to display various information; the Access app uses COM+ to control Microsoft Outlook and Internet Explorer for various purposes. The Access front end sometimes occupies 2 screens, automatically resizing itself based on Windows API-reported screen dimensions. The app also uses a Google map to present data to our agents, and allows two-way interactivity with the map through COM+ connectivity to JavaScript contained in the Google map. At the urging of senior management, we are looking to completely rewrite this application using some web-based technology, such as ASP.Net or perhaps a LAMP stack (the thinking with the LAMP stack thing is "free" is pretty cheap). We want to move to a web-based app so we can eliminate the dependency on our physical location for hiring new sales force members. Currently, our main office is full to capacity, and we need to continue growing the company. Does anyone have any thoughts on what would be the best technology to use for a web-based app of this magnitude? Keeping in mind the app is dependent on back-end services on our existing infrastructure. The app handles financial data and personal customer data, among other things. [I've looked at Best practices for moving large MS Access application towards .Net? and read the answers, and most of the comments. Interesting reading, and has some valid points, but our C.O.O. and contracted Software Architect are pushing for a full web-based app, not a .Net Windows App]

    Read the article

  • Opensource package for securly allowing users to log in and provide information

    - by JTS
    I have a site written in mostly php and html. I also have a sql database of personal information like names and addresses. I would like my users to be able to log in to my website with a login I can email or snail mail to them, and view and edit their information on my database. Users can currently enter information online I and store it in my database but they can't view or edit stored information. I can add the code to do this, but when I give users the ability to view information I suddenly have a lot more security concerns. Is there an open source package to deal with allowing users to do something like this? Or is there an established convention for this? I know this is a pretty basic question, and there might be some good literature about it that I have yet to find, so if someone can just point me in the direction of some of that information, or better yet give me firsthand some information about this that would be great.

    Read the article

  • Is there any good reason I would want my website to be framed?

    - by minitech
    I'm building a website that's not security-critical in any way at all, so having somebody put a page in an <iframe> is not particularly dangerous to its users. However, as my website doesn't have script plugins that will be used anywhere else, is there any reason why I shouldn't just apply: X-Frame-Options: Deny to every page on my website? Is there any valid reason for any other website to embed mine? I've seen plenty of content-stealing ones and attempts to hijack user accounts, but never an actual good usage of frames that's not an explicit feature of the website.

    Read the article

  • Microsoft Changes Developer Account Registration Requirements

    - by Tim Murphy
    Over the last couple of weeks I have noticed that Microsoft seems to have changed the requirements for Corporate accounts.  These requirements were not in effect when I originally setup the account for the company that I work for.  We also recently had our corporate account canceled without explanation and are in the process of working to get it reinstated.  This all seems to revolve around rules to increase confidence that in the producers of content.  They are now having Symantec validate a company based on legal documents. In the past there have been problems with getting credit cards accepted.  We have had to setup new Live IDs to satisfy whatever glitch the system had or unexplainable requirement.  I am hoping that in the time that has elapsed these problems have been resolved. In truth I can’t say that these new requirements weren’t always in place, but it is getting frustrating to help clients setup accounts.  I am encourage that they have taken steps to safeguard the consumer from Joe-fly-by-night, but they also need to make sure that the process doesn’t become so complex that it drives away companies from participating in the store.  We will have to keep an eye on this as things evolve. del.icio.us Tags: Windows Phone Development,Windows 8 Development,Windows Phone,Windows 8,Registration,Corporate Accounts

    Read the article

  • Why don't smart phones have an auto-forget password feature? [closed]

    - by Kelvin
    Storing passwords to external services (e.g. corporate email servers) on smart phones is very insecure, since phones are more easily stolen. Has any vendor implemented a feature to only cache a password in memory for a limited amount of time? After the time period has elapsed, the app would ask for the password again. EDIT: I should've clarified - I'm aware that many (most?) users are lazy and want to just "set it and forget it". The always-remember feature will probably always be present. I was curious about an option to enable auto-forget for the security-conscious.

    Read the article

  • Is the escaping provided by the Google-Gson library enough to ensure a safe JSON payload?

    - by Lifetime_Learner
    I am currently using the Google-Gson library to convert Java objects into JSON inside a web service. Once the object has been converted to JSON, it is returned to the client to be converted into a JSON object using the JavaScript eval() function. Is the character escaping provided by the Gson library enough to ensure that nothing nasty will happen when I run the eval() function on the JSON payload? Do I need to HTML Encode the Strings in the Java Objects before passing them to the Gson library? Are there any other security concerns that I should be aware of?

    Read the article

  • Microsoft Access as a Weapon of War

    - by Damon
    A while ago (probably a decade ago, actually) I saw a report on a tracking system maintained by a U.S. Army artillery control unit.  This system was capable of maintaining a bearing on various units in the field to help avoid friendly fire.  I consider the U.S. Army to be the most technologically advanced fighting force on Earth, but to my terror I saw something on the title bar of an application displayed on a laptop behind one of the soldiers they were interviewing: Tracking.mdb Oh yes.  Microsoft Office Suite had made it onto the battlefield.  My hope is that it was just running as a front-end for a more proficient database (no offense Access people), or that the soldier was tracking something else like KP duty or fantasy football scores.  But I could also see the corporate equivalent of a pointy-haired boss walking into a cube and asking someone who had piddled with Access to build a database for HR forms.  Except this pointy-haired boss would have been a general, the cube would have been a tank, and the HR forms would have been targets that, if something went amiss, would have been hit by a 500lb artillery round. Hope that solider could write a good query :)

    Read the article

  • How to get rid of crawling errors due to the URL Encoded Slashes (%2F) problem in Apache

    - by user14198
    The Google web crawler has indexed a whole set of URLs with encoded slashes (%2F) for our site. I assume it has picked up the pages from our XML sitemap file. The problem is that the live pages will actually result in a failure because of the Url Encoded Slashes Problem in Apache. Some solutions are mentioned here We are implementing a 301 redirect scheme for all the error pages. This should make the Google bot delete the pages from the crawling errors (no more crashing pages). Does implementing the 301s require the pages to be "live"? In that case we may be forced to implement solution 1 in the article. The problem is that solution 1 will pose a security vulnerability..

    Read the article

  • Is this fix for Avast Antivirus crashing safe to use?

    - by TmRn
    Well I have installed avast anti virus on Ubuntu 12.04. But after updating, it crashes! So I have made some tweaks like below: Press Ctrl+Alt+T to open the Terminal. When it opens, run the command below. sudo gedit /etc/init.d/rcS Type your password and hit Enter. When the text file opens, add the line: sysctl -w kernel.shmmax=128000000 Make sure the line you added is before: exec /etc/init.d/rc S This is what it should look like: #! /bin/sh # rcS # # Call all S??* scripts in /etc/rcS.d/ in numerical/alphabetical order # sysctl -w kernel.shmmax=128000000 exec /etc/init.d/rc S Save the file. Reboot. My question is: Did I do anything wrong? I mean as I have made some tweaks, will it lower the security of Avast down like viruses do? Please if you are a programmer check this if it contains bug or harmful intentions... Thanks.

    Read the article

  • Drive By Download Issue

    - by mprototype
    I'm getting a drive by download issue reported on www.cottonsandwichquiltshop.com/catalog/index.php?manufacturers_id=19&sort=2a&filterid=61 reported from safeweb.norton.com when I scan the root url. I have dug through the entire site architecture, and code base and removed a few files that were malicious, i upgraded the site's framework and fixed the security holes (mostly sql injection concerns)..... However this one threat still exists and I can't locate it for the life of me, or find any valid research or information on removing this type of threat at the server level, mostly just a bunch of anti-virus software wanting to sell you on their ability to manage it on the client end. PLEASE HELP Thanks.

    Read the article

  • Apache: DoS with mod_deflate & range requests, tomcat also? [migrated]

    - by VextoR
    I know that apache has a security bug http://seclists.org/fulldisclosure/2011/Aug/175 So if you do this command: curl -I -H "Range: bytes=0-1,0-2" -s www.yandex.ru/robots.txt it says HTTP/1.1 206 Partial Content it means, the problem is exist. But the fact is, that for apache tomcat (our server) curl says 206 Partial Content as well. So we need to fix it. I found solution for apache HTTP (.htaccess, mod_headers) but not for tomcat. I'm very newbie for servers things, so can't understand most, so please help

    Read the article

  • Combining a content management system with ASP.NET

    - by Ek0nomik
    I am going to be creating a site that seems like it requires a blend of a content management system (CMS) and some custom web development (which is done in ASP.NET MVC). I have plenty of web development experience to understand the ASP.NET MVC side of the fence, but, I don't have a lot of CMS knowledge aside from getting one stood up. Right now my biggest question is around integrating security from ASP.NET with the CMS. I currently have an ASP.NET MVC site that handles the authentication for multiple production sites and creates an authentication cookie under our domain (*.example.com). The page acts like a single sign on page since the cookie is a wildcard and can be used in any other applications of the same domain. I'd really like to avoid having users put in their credentials twice. Is there a CMS that will play well with the ASP.NET Forms Authentication given how I have these existing applications structured? As an aside, right now I am leaning towards Drupal, but, that isn't finalized.

    Read the article

  • Where can I hire a trustworthy professional PHP programmer?

    - by JJ22
    I wrote a php application for my website that really needs to work well and be as secure as possible. I'm a novice php programmer, so while my application seems to work well, there may be inefficiencies or security vulnerabilities. I feel that I should have someone look over my code before making the application publicly available, but I'm hesitant to just post it online because it handles some rather sensitive things. Where can I find a competent, trustworthy, and relatively inexpensive php programmer who would be willing to review a few thousand lies of well-commented easy-to-read php code? Thank you!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128  | Next Page >