Search Results

Search found 11938 results on 478 pages for 'secure boot'.

Page 135/478 | < Previous Page | 131 132 133 134 135 136 137 138 139 140 141 142  | Next Page >

  • Making AJAX calls secure

    - by iamdadude
    What happens if a user looks at my JavaScript file, copies the content of a function and sends a request to my server using AJAX? And is there a way to properly protect against this from happening?

    Read the article

  • How to secure images with Rails?

    - by NotDan
    I have a gallery in my rails app that needs to only allow certain images to be shown to specific, logged in users. I am using Paperclip for image processing now, but it saves all images in a public folder available to anyone. Note that I don't have to use Paperclip if there is a better way, and I already have the login system in place. I just need a way to place the images in a non-public location, but still be able to serve them as needed. Is it possible to only allow these images to be served to authenticated users?

    Read the article

  • Boot camp install from a HDD image

    - by Dombou
    How would one go about imaging an old work computer (old IBM aptiva from 2001ish) with Windows XP and lots of stuff (VPN client with settings etc) to a new iMac, while preserving Mac OSX? I can't simply install XP on the iMac and then reinstall/copy across stuff; it NEEDS to be an image. Can you even image smaller HDD's and then place them on large ones, or do they have to be the same size? Recommendations on how I go about this? Edit: It MUST be boot camp. I don't want to virtualize it from within OsX

    Read the article

  • Help remembering name of boot CD (maybe it wasn't a live CD)

    - by daneee
    I am struggling to remember the name of a boot CD I have since lost the disc for. It was great for cloning discs, and resetting passwords. It's NOT the UBCD4Win, and it defos wasn't Knoppix. I have checked the LiveCD list and can't seem to find it there by doing a 'sort by'. I seem to remember it was called something like GS Tools but that might be more or less completely wrong. It had an unusual but memorable name. Makes me wonder how I came across it in the first place!

    Read the article

  • Symfony: Routing 'secure' and 'login' actions to another application

    - by Darmen
    Hello, Suppose we have 3 apps - appMain, app1 and app2. Applications 1 and 2 are protected, they have is_secure: true and everything works fine with sfDoctrineGuard plugin. A behavior I want to achieve is when a user is not authenticated, current application to forward him to another one, say appMain with defined module and action. Is that possible? Or can someone tell me where to dig about security mechanisms in symfony?

    Read the article

  • How to prevent dual booted OSes from damaging each other?

    - by user1252434
    For better compatibility and performance in games I'm thinking about installing Windows additionally to Linux. I have security concerns about this, though. Note: "Windows" in the remaining text includes not only the OS but also any software running on it. Regardless of whether it comes included or is additionally installed, whether it is started intentionally or unintentionally (virus, malware). Is there an easy way to achieve the following requirements: Windows MUST NOT be able to kill my linux partition or my data disk neither single files (virus infection) nor overwriting the whole disk Windows MUST NOT be able to read data disk (- extra protection against spyware) Linux may or may not have access to the windows partition both Linux and Windows should have full access to the graphics card this rules out desktop VM solutions for gaming I want the manufacturer's windows graphics card driver Regarding Windows to be unable to destroy my linux install: this is not just the usual paranoia, that has happened to me in the past. So I don't accept "no ext4 driver" as an argument. Once bitten, twice shy. And even if destruction targeted at specific (linux) files is nearly impossible, there should be no way to shred the whole partition. I may accept the risk of malware breaking out of a barrier (e.g. VM) around the whole windows box, though. Currently I have a system disk (SSD) and a data disk (HDD), both SATA. I expect I have to add another disk. If i don't: even better. My CPU is a Intel Core i5, with VT-x and VT-d available, though untested. Ideas I've had so far: deactivate or hide other HDs until reboot at low level possible? can the boot loader (grub) do this for me? tiny VM layer: load windows in a VM that provides access to almost all hardware, except the HDs any ready made software solution for this? Preferably free. as I said: the main problem seems to be to provide full access to the graphics card hardware switch to cut power to disks commercial products expensive and lots of warnings against cheap home built solutions preferably all three hard disks with one switch (one push) mobile racks - won't wear of daily swapping be a problem?

    Read the article

  • Dual boot windows 8 pro and windows 7 on XPS 8500 Special additon

    - by Jesse
    I am trying to install a dual boot with windows 7 premium and windows 8 Pro on an XPS 8500 special edition. I created a new primary partition on my C: drive, inserted the windows 8 install disk, and rebooted my computer from DVD. I select custom install and the dialog box saying where do you want to install windows at? pops up but none of my drives are listed. Please help me determine what is going on? I don't understand why none of my drives are showing up on this menu. Not even the original drive. When I go to load driver and click on the partition I created it tells me "No signed device drivers were found. Make sure the installation media contains the correct drivers, and then click OK."

    Read the article

  • Upgraded to a GTX 580 - no video signal on boot

    - by MGOwen
    I have: New Corsair 550w PSU (should be more than enough) AsRock H61M u3s3 mobo (with latest updated BIOS) Just replaced my faithful HD 7790 GPU with a refurbished EVGA GTX 580 1.5GB. When I boot, it sounds like the PC boots to windows, and the 580's fan is spinning, but I can't get any video signal from the card. Old card and integrated graphics still work fine (when I replace and use those instead). I am using the DVI ports on the card with a DVI-VGA adapter until I can get my hands on a mini HDMI adapter tomorrow. Anyone ever heard of a GPU needed something special to make the VGA signal work? Hold down a key on startup or something? I can't even find a manual for this card.

    Read the article

  • How secure is .htaccess protected pages

    - by Steven smethurst
    Are there any known flaws with htaccess protected pages? I know they are acceptable to brute force attacks as there is no limit to the amount of times someone can attempt to login. And a user can uploaded and execute a file on the server all bets are off... Anything other .htaccess flaws?

    Read the article

  • Best Practices For Secure APIs?

    - by Ferrett Steinmetz
    Let's say I have a website that has a lot of information on our products. I'd like some of our customers (including us!) to be able to look up our products for various methods, including: 1) Pulling data from AJAX calls that return data in cool, JavaScripty-ways 2) Creating iPhone applications that use that data; 3) Having other web applications use that data for their own end. Normally, I'd just create an API and be done with it. However, this data is in fact mildly confidential - which is to say that we don't want our competitors to be able to look up all our products every morning and then automatically set their prices to undercut us. And we also want to be able to look at who might be abusing the system, so if someone's making ten million complex calls to our API a day and bogging down our server, we can cut them off. My next logical step would be then to create a developers' key to restrict access - which would work fine for web apps, but not so much for any AJAX calls. (As I see it, they'd need to provide the key in the JavaScript, which is in plaintext and easily seen, and hence there's actually no security at all. Particularly if we'd be using our own developers' keys on our site to make these AJAX calls.) So my question: after looking around at Oauth and OpenID for some time, I'm not sure there is a solution that would handle all three of the above. Is there some sort of canonical "best practices" for developers' keys, or can Oauth and OpenID handle AJAX calls easily in some fashion I have yet to grok, or am I missing something entirely?

    Read the article

  • How to secure connection strings in VS?

    - by salvationishere
    I see several others have posted this question, however, none of the solutions I've tried have fixed this yet. I have a 32-bit XP running VS 2008 and I am trying to encrypt my connection string in my web.config file. But I am getting the error: The configuration section '...' was not found. Failed! The command I give it: C:\Program Files\Microsoft Visual Studio 9.0\VCAspnet_regiis.exe -pe "system.we b/AdventureWorksConnectionString2" -app "/Documents and Settings/Admin/My Docume nts/Visual Studio 2008/Projects/AddFileToSQL2" Also, how does -app map virtual directory? In other words the path above is the directory right below c:. Is this the correct path to use? And AddFileToSQL2 is the name of my project, although it is part of the AddFileToSQL solution. I have this folder web shared with all of the permissions. And the relevant part of my web.config file: <add name="AdventureWorksConnectionString2" connectionString="Data Source=SIDEKICK;Initial Catalog=AdventureWorks;Persist Security Info=true; User ID=AdventureWorks;Password=sqlMagic" providerName="System.Data.SqlClient" />

    Read the article

  • How to move partition with Users to a new SATA controller?

    - by Al Kepp
    Our current situation: X79 chipset. Windows 7 installed on SATA SSD running on Marvell controller. C:\Users contains just Public and computer-name folders, all the other users are created in E:\Users. That partition is on two HDD's running on an Intel RAID controller. (The motherboard has got two SATA/RAID onboard controllers.) The goal is: Without reinstallation, I want to move SSD to a standard SATA controller. Then I want to get rid of RAID1, and move one HDD to the same internal Intel SATA controller and the current E:\Users move to that new place. I want it to stay as E:\users, but I need to reinstall the HDD to let it work in SATA mode without RAID. So I face several problems. I am sure all are solvable with free software utilities, but I don't know how exactly to do it. I can see the particular problems: I have got all users at E:\Users. When I turn off that E:\ disk, I won't be able to login to Windows. I need at least one admin account to be placed back at C:\users. The current C: runs on standard 120 GB SSD, but it is connected to a Marvell SATA/RAID controller. I am affraid the Windows won't let me put it to Intel SATA controller due to hardware/licence check, and I won't be able to use standard W7 recovery disk either, because there probably isn't marvel SATA/RAID driver on it. I haven't tried anything yet, because I am affraid I can end up with computer not working at all. (I want to move it to a standard ICH10 Intel SATA controller to let us have no problems in future with it. I think it is not very safe when we use any nonstandard hardware to boot the computer.) I need to somehow backup current E:\ disk and restore it to a new E:. I hope this will be the easy part (as long as the admin account will reside on C:). The E: RAID array is very large, but it is almost empty (less than 100 GB of data.) So I can make the partition smaller so it can easily fit to a single SATA HDD.

    Read the article

  • not able to open files in windows partition from linux on a dual boot system

    - by user1237244
    I have installed dual boot on my laptop, windows XP && Fedora linux. For some unknown reason windows XP is not booting up. Through fedora I'm able to see the windows XP partition and files in it. But the problem here is, I'm not able to open those files from linux. Does anybody hit this kind of issue, if so and incase you figured out the soluton, can you please share the solution? Thanks in advance.

    Read the article

  • Turning a (dual boot) Ubuntu 9 into a virtual machine

    - by xain
    I have a dual boot box (Ubuntu 9 and Vista) and I'm about to upgrade Vista to Win 7. Being Ubuntu my main development environment, I'd like to use it as it is from the new environment via VirtualBox or VMWare. I know tools like clonezilla that backup entire drives; in my case, the linux partitions are distributed between several disks which in turn contain both linux and windows data. My intention is to use some backup tool (like Clonezilla if it fits) that allows me to ONLY backup the linux partitions distributed in several disks. Any hints ? Thanks in advance.

    Read the article

  • How to dual boot Ubuntu 12.10 and Windows XP sp3 on Dell Dimension 8250 desktop using 2 hard drives

    - by user106055
    I'd like instructions to dual boot Ubuntu 12.10 and Windows XP (sp3) on my desktop Dell Dimension 8250 (this is old and has 1.5 GB RAM which is maximum). I will be using 2 hard drives. Windows XP is already on a 120 GB drive and and Ubuntu 12.10 will go on a separate 80 GB hard drive. Both drives are IDE using a 80 conductor cable where the 40 pin blue connector connects to the motherboard. The middle connector is gray and is "normally" used for slave (device 1) and the black connector at the very end of the cable is meant for the master drive (device 0) or a single drive if only one is used. First, I do not wish the XP drive to have its boot modified by Ubuntu in any way. It should remain untouched...virgin. Let me know where the XP drive and the Ubuntu drive should be connected based upon the cable I've mentioned above, as well as jumper settings for both during the whole process. I'm just guessing, but should I remove the XP drive and put the empty Ubuntu drive in its place and install Ubuntu? By the way, I already have made the DVD ISO disk. For your information, the BIOS for this machine is version A03. When I tap F12 to get to the boot menu, I have the following choices: Normal (this will take me to a black screen with white type giving me the choice to boot to XP or to my external USB backup recovery drive) Diskette Drive Hard-Disk Drive c: IDE CD-ROM Drive (Note that if the CD Drive is empty, it will then go to the DVD drive) System Setup IDE Drive Diagnostics Boot to Utility Partition (This is Dell's various testing utilities) Thank you in advance for your help. Guy

    Read the article

  • Cross domain secure cookie usage?

    - by asdasda
    I have a website that came with a SSL site for HTTPS but its on a different server. Example being my website: http://example.com my SSL site: http://myhostingcompany.com/~myuseraccount/ So I can do transactions over HTTPS and we have user accounts and everything but it is located on a different domain. The cookie domain is set for that one. Is there a way I can check on my actual site to see if a cookie is set for the other one? And possibly grab its data and auth a user? I think this violates a major principle of security and can't be done for good reasons, but am i wrong? is this possible?

    Read the article

  • grub boot failed after upgrading to ubuntu 12.04 LTS

    - by user138021
    no such disk error occured. I tried to format and reinstall 12.04, the problem remained. I also repaired with boot-repair, the problem remained. http://paste.ubuntu.com/1224005/ is url of the details. server is dell R710, the bios is set to uefi and disk is raid0 gpt. I typed commands in grub rescue: ls (hd0, gpt2), `no such partition' is shown set, `prefix=((null),gpt2)/grub' is shown I don't know why /efi/ubuntu/grubx64.efi doesn't recognize disk. another strange thing is that there is only 1 file in /efi/ubuntu

    Read the article

  • MVC Pages that require the user to be logged in

    - by keithjgrant
    I'm working on a little MVC framework and I'm wondering what the "best way" is to structure things so secure pages/controllers always ensure the user is logged in (and thus automatically redirects to a login page--or elsewhere--if not). Obviously, there are a lot of ways to do it, but I'm wondering what solution(s) are the most common or are considered the best practice. Some ideas I had: Explicitly call user->isLoggedIn() at the beginning of your controller action method? (Seems far too easy to forget and leave an important page unsecure on accident) Make your controller extend a secureController that always checks for login in the constructor? Do this check in the model when secure information is requested? (Seems like redundant calls would be made) Something else entirely? Note: I'm working in PHP, though the question is not language-dependent.

    Read the article

  • How secure is encryption?

    - by Stomped
    Let me preface this by saying I know nothing about encryption. I understand the basic concept of public key / private key encryption but I don't how easily it can be broken, if at all. If one were to believe the movies, encrypted data can be broken by a teenager with a decent computer in a few hours. I have a client who wants credit card information sent via email - encrypted of course, but I'm still not feeling terribly good about the idea. I feel it would be safer to store the info on the VPS, but even then its an unmanaged server and there's nobody watching it who knows much about security. So can anyone tell me if there's a safe way to store and/or send this data out? Thanks

    Read the article

  • Windows 7 booting and startup repair issues

    - by aardvark
    I have a MSI FR720 laptop with Windows 7 and Lubuntu partions. For quite a while (6 months or so) I've been having issues booting from my hard drive, it'd take me between 5 minutes and several hours for me to be able to have it recognize the hard drive as a bootable device. I did several disk checks on it, and my hard drive seems in perfect condition, and the fact that booting would usually only work after removing the hard drive and trying to reset it in its slot or lightly shaking it makes me think it had something to do with the connection in the hard drive slot as opposed to the hard drive itself. I was having particular issues with it detecting the hard drive today so I decided to try booting it from an external hard drive dock. It detected it first try and so far has had no problems finding the bootable partitions on my hard drive. When I selected my Windows 7 partition from the boot menu it said that it hadn't been shut down properly last time and needed startup repair. I've done this several times over the last 6 months, so this is hardly unusual. I do startup repair, it fails, and then I try to do a system restore. The system restore also failed, and it says that no files were changed. I restart and try it again. However, this time when I get to the startup repair it's not detecting a Windows OS. I tried clicking next and doing a startup repair but the repair is always failing. If I ignore the startup repair option and instead select "Launch windows normally" it will get to the windows animation, stop halfway through and then crash into a BSoD. I can't read the error on the screen because it immediately switches to back and tries to restart. This is my first time asking a question like this online, so let me know if I need to provide any extra information and I'll do my best to give it I tried using diskpart to find the list of partitions and see if one's labelled as an active partition, but it says that no disk were detected. I can run Lubuntu just fine. I can also see all of my Windows 7 files from it EDIT: The startup repair diagnosis and repair log is this: -- Number of repair attempts: 1 Session details System Disk = Windows directory = AutoChk Run = 0 Number of root causes = 1 Test Performed: Name: Check for updates Result: Completed successfully. Error code = 0x0 Time taken = 15ms Test Performed: Name: System disk test Result: Completed successfully. Error code = 0x0 Time taken = 31ms Root cause found. If a hard disk is installed, it is not responding. -- Any chance that this is a result of me doing this through an external dock through a USB drive?

    Read the article

  • Notepad++ regular expression find and replace $_REQUEST with $_GET but a more secure

    - by David
    What I am doing is replacing, in a large program, all $_REQUEST['var'] and mysql_escape_string($_REQUEST['var']) with either the 1st or 2nd line below the dotted line. Now, I have figured out this much of the regular expression but I would like to make it simpler. Instead of having to run the top one first then the 2nd one I would like to just run one all together. I tried this but it did not work. (mysql_escape_string\()*$_REQUEST\[\'([^']*)\'\]\)(\)*) So below is what works but again have to do it twice. $_REQUEST\[\'([^']*)\'\] mysql_escape_string\($_REQUEST\[\'([^']*)\'\]\) (isset($_GET['\1'])?mysql_real_escape_string($_GET['\1']):false) (isset($_POST['\1'])?mysql_real_escape_string($_POST['\1']):false) ============================ Update: Yeah, after some research I figured out that Notepad++ does not support most regular expressions. I guess one additional step can not hurt a person. It's just laziness. *NOTE: BUT if anyone wants to try feel free to comment. At least it is just 2 steps and not 20.

    Read the article

  • OS won't boot during vs2010 install on vista 64

    - by Noam
    I am installing vs2010 on a vista 64bit machine. During the install it asked for a restart. Since that, vista won't load. I tried restore to previous good config - didn't help. I am only able to boot it using safe mode with networking. When I did that, it continued the vista part of the install (the screen with the 3 out of 3 updates) but after that when I restarted again - still fails. HELP!!!

    Read the article

  • How can I secure my $_GETs in PHP?

    - by ggfan
    My profile.php displays all the user's postings,comments,pictures. If the user wants to delete, it sends the posting's id to the remove.php so it's like remove.php?action=removeposting&posting_id=2. If they want to remove a picture, it's remove.php?action=removepicture&picture_id=1. Using the get data, I do a query to the database to display the info they want to delete and if they want to delete it, they click "yes". So the data is deleted via $POST NOT $GET to prevent cross-site request forgery. My question is how do I make sure the GETs are not some javascript code, sql injection that will mess me up. here is my remove.php //how do I make $action safe? //should I use mysqli_real_escape_string? //use strip_tags()? $action=trim($_GET['action']); if (($action != 'removeposting') && ($action != 'removefriend') && ($action != 'removecomment')) { echo "please don't change the action. go back and refresh"; header("Location: index.php"); exit(); } if ($action == 'removeposting') { //get the info and display it in a form. if user clicks "yes", deletes } if ($action =='removepicture') { //remove pic } I know I can't be 100% safe, but what are some common defenses I can use. EDIT Do this to prevent xss $action=trim($_GET['action']); htmlspecialchars(strip_tags($action)); Then when I am 'recalling' the data back via POST, I would use $posting_id = mysqli_real_escape_string($dbc, trim($_POST['posting_id']));

    Read the article

< Previous Page | 131 132 133 134 135 136 137 138 139 140 141 142  | Next Page >