Search Results

Search found 19074 results on 763 pages for 'secure government government cloud security'.

Page 128/763 | < Previous Page | 124 125 126 127 128 129 130 131 132 133 134 135  | Next Page >

• Upcoming Speaking Engagements

  - by gsusx

  This summer, I took a brief break from speaking engagements to focus on shipping our new software in Tellago Studios and not stress my already hectic travel schedule. However, I’ve accepted a few invites to speak at different conferences during the fall and winter. Here is a brief list of the ones that are already confirmed: Software Architect Conference (London) http://www.software-architect.co.uk NodeJS for the .Net Developer I am a .NET developer but I have an iPhone and an Android Oredev (Malmö...(read more)

  Read the article

• Opensource package for securly allowing users to log in and provide information

  - by JTS

  I have a site written in mostly php and html. I also have a sql database of personal information like names and addresses. I would like my users to be able to log in to my website with a login I can email or snail mail to them, and view and edit their information on my database. Users can currently enter information online I and store it in my database but they can't view or edit stored information. I can add the code to do this, but when I give users the ability to view information I suddenly have a lot more security concerns. Is there an open source package to deal with allowing users to do something like this? Or is there an established convention for this? I know this is a pretty basic question, and there might be some good literature about it that I have yet to find, so if someone can just point me in the direction of some of that information, or better yet give me firsthand some information about this that would be great.

  Read the article

• How to manage many mobile device users at server side?

  - by Rami

  I built a social Android application in which users can see other users around them by GPS location. At the beginning thing went well as I had low number of users, but now that I have increasing number of users (about 1500 +100 every day) it has revealed a major problem in my design. In my Google App Engine servlet I have static HashMap that holds all the users profiles objects, currently 1500 and this number will increase as more users register. Why I'm doing it? Every user that requests for the users around him compares his GPS with other users and checks if they are in his 10km radius. This happens every five minutes on average. Consequently, I can't get the users from db every time because GAE read/write operation quota will tear me apart. The problem with this design is? As the number of users increases, the Hashmap turns to null every 4-6 hours, I think that this time is getting shorter, but I'm not sure. I'm fixing this by reloading the users from the db every time I detect that it becomes null, but this causes DOS to my users for 30 sec, so I'm looking for better solution. I'm guessing that it happens because the size of the hashmap. Am I right? I have been advised to use a spatial database, but that means that I can't work with GAE any more and it means that I need to build my big server all over again and lose my existing DB. Is there something I can do with the existing tools? Thanks.

  Read the article

• Is there any good reason I would want my website to be framed?

  - by minitech

  I'm building a website that's not security-critical in any way at all, so having somebody put a page in an <iframe> is not particularly dangerous to its users. However, as my website doesn't have script plugins that will be used anywhere else, is there any reason why I shouldn't just apply: X-Frame-Options: Deny to every page on my website? Is there any valid reason for any other website to embed mine? I've seen plenty of content-stealing ones and attempts to hijack user accounts, but never an actual good usage of frames that's not an explicit feature of the website.

  Read the article

• Strategy for hosting 700+ domains names, each with a static HTML site

  - by jonschlinkert

  I have a portfolio of more than 700 domain names, and ideally I'd like to put up a single-page HTML/CSS/JavaScript webpage for each domain. Is there a system/strategy/workflow that will allow me to: Automate the deployment of new websites, quickly and easily without having to manually initiate each new website in an admin panel. For instance, I've seen dropbox-based solutions that claim to make it simple to setup new websites on your dropbox account, but you still have to set each one up in an admin interface first. It would be so much easier to have a folder naming convention that allowed the user to easily clone/copy/duplicate sites inside their Dropbox App folder (https://www.dropbox.com/developers/blog/23) to create new ones. Sounds interesting, however... It's easy to manage CNAMEs on the registrar-side, but is there a way to quickly associate CNAMEs with new websites (on the hosting side), maybe using the method offered by gh-pages-style (https://help.github.com/articles/setting-up-a-custom-domain-with-pages)? With GitHub's gh-pages, all you have to do is drop a file called CNAME into your repo, with the domain name you want associated with the repo inside the file. gh-pages isn't a good solution for what I'm doing though unfortunately. I'm also a front-end developer, specializing in rapid web development and "front-end build systems", so I building and maintaining static assets for hundreds of sites is no problem. It's the hosting-side that I really struggle with. Any suggestions?

  Read the article

• Is the escaping provided by the Google-Gson library enough to ensure a safe JSON payload?

  - by Lifetime_Learner

  I am currently using the Google-Gson library to convert Java objects into JSON inside a web service. Once the object has been converted to JSON, it is returned to the client to be converted into a JSON object using the JavaScript eval() function. Is the character escaping provided by the Gson library enough to ensure that nothing nasty will happen when I run the eval() function on the JSON payload? Do I need to HTML Encode the Strings in the Java Objects before passing them to the Gson library? Are there any other security concerns that I should be aware of?

  Read the article

• Why don't smart phones have an auto-forget password feature? [closed]

  - by Kelvin

  Storing passwords to external services (e.g. corporate email servers) on smart phones is very insecure, since phones are more easily stolen. Has any vendor implemented a feature to only cache a password in memory for a limited amount of time? After the time period has elapsed, the app would ask for the password again. EDIT: I should've clarified - I'm aware that many (most?) users are lazy and want to just "set it and forget it". The always-remember feature will probably always be present. I was curious about an option to enable auto-forget for the security-conscious.

  Read the article

• Web Based School/College ERP

  - by Ashok

  We are planning to build a Web Based School/College ERP. The main problem we face is Hardware support. Since it is Web Based, it is not possible to implement Biometrics. But most of our clients do ask for Biometrics. I hope we need to use a desktop application to do that. Can you please give some suggestions for this? Another thing is, here we don't have stable internet connection. We frequently face disconnection. This is another problem for Web Based CRM. In HTML5 there is a feature called Offline storage. Is it possible to use this feature for such dynamic ERP? For example, let's say we need to enter marks for the students. Net got disconnected. Is it possible to use HTML5 offline feature to save the marks offline and upload them when we got connection back?

  Read the article

• Improved Maven Embedded GlassFish - deploy multiple apps

  - by alexismp

  Bhavani has some new over at java.net about the Maven Plugin for GlassFish and how it now supports the ability to deploy multiple applications. He also has a Tips, Tricks and Troubleshooting entry. Multiple deployments are done during the Maven pre-integration-test phase but with a goal-specific configuration for app, contextRoot, etc... The :run (all-in-one) execution also now supports admin and deploy goals. Note that these improvements will require a recent work-in-progress 4.0 version of GlassFish.

  Read the article

• How do I install OpenStack?

  - by csgeek

  Supposedly openstack can be installed easily under Ubuntu 12.04 LTS. I've installed 32 and 64bit versions of Ubuntu Server with the same behavior. sudo tasksel check OpenStack hit Okay then I get a tasksel: aptitude failed (100) I've seen: http://www.hastexo.com/resources/docs/installing-openstack-essex-20121-ubuntu-1204-precise-pangolin and https://github.com/EmilienM/doc-openstack documentation, but I was hoping that since it was an LTS released and it was an option in tasksel that I was simply overlooking something obvious and it's just a matter of selecting the right checkbox and hitting okay. Too much wishful thinking?

  Read the article

• GlassFish 4.0 Virtualization Progress - VirtualBox

  - by alexismp

  Wouldn't it be nice if you could spawn GlassFish instances as VirtualBox virtual machines? Well now with early versions of GlassFish 4.0 you can! This page on the GlassFish Wiki documents the steps to get this to work. It walks you through the various VirtualBox (network and services) and GlassFish configuration steps including the creation of VDI templates (typically JeOS images) to finally create a virtual machine on the fly, as part of the typical GlassFish deployment process. The more general virtualization support in GlassFish is discussed in this other Wiki page. Earlier demonstrations of GlassFish.next prototypes or early milestone builds showed support for KVM, "laptop mode" and OVM as well as community involvement from Serli, speaking of which this slide-deck is a good summary of what we're trying to achieve in the GlassFish 4.0 IMS (IaaS Management Service).

  Read the article

• How to get rid of crawling errors due to the URL Encoded Slashes (%2F) problem in Apache

  - by user14198

  The Google web crawler has indexed a whole set of URLs with encoded slashes (%2F) for our site. I assume it has picked up the pages from our XML sitemap file. The problem is that the live pages will actually result in a failure because of the Url Encoded Slashes Problem in Apache. Some solutions are mentioned here We are implementing a 301 redirect scheme for all the error pages. This should make the Google bot delete the pages from the crawling errors (no more crashing pages). Does implementing the 301s require the pages to be "live"? In that case we may be forced to implement solution 1 in the article. The problem is that solution 1 will pose a security vulnerability..

  Read the article

• Is this fix for Avast Antivirus crashing safe to use?

  - by TmRn

  Well I have installed avast anti virus on Ubuntu 12.04. But after updating, it crashes! So I have made some tweaks like below: Press Ctrl+Alt+T to open the Terminal. When it opens, run the command below. sudo gedit /etc/init.d/rcS Type your password and hit Enter. When the text file opens, add the line: sysctl -w kernel.shmmax=128000000 Make sure the line you added is before: exec /etc/init.d/rc S This is what it should look like: #! /bin/sh # rcS # # Call all S??* scripts in /etc/rcS.d/ in numerical/alphabetical order # sysctl -w kernel.shmmax=128000000 exec /etc/init.d/rc S Save the file. Reboot. My question is: Did I do anything wrong? I mean as I have made some tweaks, will it lower the security of Avast down like viruses do? Please if you are a programmer check this if it contains bug or harmful intentions... Thanks.

  Read the article

• PHP NOT EXECUTING IN PHP-FPM AND NGINX INSTALLATION

  - by nairobicoder

  I am trying to set up nginx server to run a php app in debian. I followed this tutorial among others. Most seems the same. My recent configuration is based on the link above. When I try to run this php script, <?php phpinfo(); ?> I get the same output on the browser instead of php info result. Kindly someone help me figure out where I went wrong. Note: My error logs are clean,contains details on nginx server start only. Thank you.

  Read the article

• Drive By Download Issue

  - by mprototype

  I'm getting a drive by download issue reported on www.cottonsandwichquiltshop.com/catalog/index.php?manufacturers_id=19&sort=2a&filterid=61 reported from safeweb.norton.com when I scan the root url. I have dug through the entire site architecture, and code base and removed a few files that were malicious, i upgraded the site's framework and fixed the security holes (mostly sql injection concerns)..... However this one threat still exists and I can't locate it for the life of me, or find any valid research or information on removing this type of threat at the server level, mostly just a bunch of anti-virus software wanting to sell you on their ability to manage it on the client end. PLEASE HELP Thanks.

  Read the article

• OpenStack + Ubuntu 12.04

  - by csgeek

  Supposedly openstack can be installed easily under Ubuntu 12.04 LTS. I've installed 32 and 64bit versions of Ubuntu Server with the same behavior. sudo tasksel check OpenStack hit Okay then I get a tasksel: aptitude failed (100) I've seen: http://www.hastexo.com/resources/docs/installing-openstack-essex-20121-ubuntu-1204-precise-pangolin and https://github.com/EmilienM/doc-openstack documentation, but I was hoping that since it was an LTS released and it was an option in tasksel that I was simply overlooking something obvious and it's just a matter of selecting the right checkbox and hitting okay. Too much wishful thinking?

  Read the article

• Pass parameters to a script securely

  - by codeholic

  What is the best way to pass parameters to a forked script securely? E. g. passing parameters through command line operands is not secure, since someone who has an account on the host can run ps and see them. Unnamed pipe is quite secure, as far as I understand, isn't it? I mean, passing parameters to STDIN of the forked process. What about passing parameters in environment vars? Is it secure? What about passing parameters by other means I didn't mention?

  Read the article

• JVM Language Summit 2012 - Registration Open

  - by arungupta

  The 2012 edition of the JVM Languages Summit is Jul 30 - Aug 1, at Oracle's Santa Clara Campus. This is an "an open technical collaboration among language designers, compiler writers, tool builders, runtime engineers, and VM architects". There are presentations, workshops, and lightning talks. About 70 language and VM implementers attended last year and the talks were recorded. Some videos from last year are available here. Check out the Main Page, the Agenda, Logistics, and the Wiki. See the Registration Online; for questions, send mail to inquire AT jvmlangsummit.com.

  Read the article

• Simplifique su mobilidade empresarial

  - by RED League Heroes-Oracle

  Durante muchos años, los departamentos de TI de las empresas dieron más atención a las computadoras (desktops y notebooks), para que estas pudieran trabajar con las aplicaciones de negocios. Con el advenimiento de la computación móvil, las aplicaciones comenzaron a estar vinculadas no solamente a las computadoras. Actualmente los usuarios buscan usar o acceder a las aplicaciones de la empresa a través de tabletas o teléfonos inteligentes a cualquier hora, en cualquier lugar.  VIVIMOS EN UN AMBIENTE MULTICANAL. Este nuevo ambiente trae nuevas oportunidades y desafíos, ve en este e-book como Oracle puede ayudarte a ti y a tu empresa en esta nueva era. Descarga aquí:

  Read the article

• Combining a content management system with ASP.NET

  - by Ek0nomik

  I am going to be creating a site that seems like it requires a blend of a content management system (CMS) and some custom web development (which is done in ASP.NET MVC). I have plenty of web development experience to understand the ASP.NET MVC side of the fence, but, I don't have a lot of CMS knowledge aside from getting one stood up. Right now my biggest question is around integrating security from ASP.NET with the CMS. I currently have an ASP.NET MVC site that handles the authentication for multiple production sites and creates an authentication cookie under our domain (*.example.com). The page acts like a single sign on page since the cookie is a wildcard and can be used in any other applications of the same domain. I'd really like to avoid having users put in their credentials twice. Is there a CMS that will play well with the ASP.NET Forms Authentication given how I have these existing applications structured? As an aside, right now I am leaning towards Drupal, but, that isn't finalized.

  Read the article

• Apache: DoS with mod_deflate & range requests, tomcat also? [migrated]

  - by VextoR

  I know that apache has a security bug http://seclists.org/fulldisclosure/2011/Aug/175 So if you do this command: curl -I -H "Range: bytes=0-1,0-2" -s www.yandex.ru/robots.txt it says HTTP/1.1 206 Partial Content it means, the problem is exist. But the fact is, that for apache tomcat (our server) curl says 206 Partial Content as well. So we need to fix it. I found solution for apache HTTP (.htaccess, mod_headers) but not for tomcat. I'm very newbie for servers things, so can't understand most, so please help

  Read the article

• Eclipse Multitenancy. Now with a screencast.

  - by alexismp

  As a follow-up to the previous EclipseLink's mutitenancy blog post and the recent Eclipse Indigo release train and the recent GlassFish Podcast interview on EclipseLink, we now have a short screencast showing it all in action. You can also find it on the GlassFish YouTube Channel. The scenario is pretty simple with two simple and identical web applications deployed with different tenant identifiers via persistence.xml customization (just one of the means of identifying tenants with EclipseLink). Hopefully this'll help people understand what Java EE 7 multitenancy might look like.

  Read the article

• What to do about this gnome-keyring message?

  - by arroy_0209

  I upgraded from ubuntu 10.04 to 12.04 and installed lxde. Since then whenever I try to print some file (or use command lpstat), I get this message on the terminal: "WARNING: gnome-keyring:: couldn't connect to: /tmp/keyring-SZ59jJ/pkcs11: No such file or directory". This is beyond my knowledge and from search I only realize that this mey be related to security (as learned from gnome-keyring on wikipedia). I have no idea what to about this warning. Can anybody please suggest? Evidently as stated, I am not using gnome desktop, I choose lxde session at the time of logging in.

  Read the article

• Access Token Verification

  - by DecafCoder

  I have spent quite a few days reading up on Oauth and token based security measures for REST API's and I am currently looking at implementing an Oauth based authentication approach almost exactly like the one described in this post (OAuth alternative for a 2 party system). From what I understand, the token is to be verified upon each request to the resource server. This means the resource server would need to retrieve the token from a datastore to verify the clients token. Given this would have to happen upon every request I am concerned about the speed implications of hitting a datastore like MySQL or NoSQL upon every request just to verify the token. Is this the standard way to verify tokens by having them stored in a RDBMS or NoSQL database and retrieved upon each request? Or is it a suitable solution to have them cached (baring in mind that we are talking millions of users)?

  Read the article

• Setting up fastcgi on an Ubunutu server (socket file permissions issue)

  - by gray alien

  I am trying to set up mod_fcgid on my server. Part of the requirement is that Apache needs to create a socket file for mod_fcgid. I specified the folder for Apache to write the socket data to: /var/run/apache2/fcgid I then specified this file in my fcgid.conf file as follows: SocketPath /var/run/apache2/fcgid/sock I then changed the owner of the folder to www-data (the apache user) and gave the owner full permissions to the folder and its contents. I was able to run my test fcgi app then. When I rebooted the machine, y fastcgi app no longer worked. After some investigation, I found that ownership of /var/run/apache2/fcgid has been reset to root, and with permission reset to 700 I have the following questions: Is there something specific about the /var/run folder? why is the permissions being reset after a reboot? Should I move my socket file to another location (in case root automatically takes ownership of contents in this folder for security reasons?) I am running Ubuntu 10.0.4 LTS 64 bit

  Read the article

< Previous Page | 124 125 126 127 128 129 130 131 132 133 134 135  | Next Page >