Search Results

Search found 8253 results on 331 pages for 'secure coding'.

Page 16/331 | < Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >

  • log in to web-app through less secure website [on hold]

    - by martijnve
    We are worried about the security of our website containing the login-button to our saas-application. Security measures put in place for our application won't do us much good if the website is hacked. The login button could be redirected to some malicious copy of our app. The product website is maintained by people outside the dev team. Those people are not too knowledgable concerning security. We (dev-team) could mantain the website ourselves but that would be a large burden on our small team. How is this usually handled?

    Read the article

  • Add Secure notes to Keychain via Applescript

    - by TomA
    I have switched from Windows to Mac and one of the things I need to set up properly is password management. Previously on Windows I was using a small TrueCrypt file containing text files with usernames and passwords. I need to write an Applescript that takes those text files and imports them as Secure notes into Mac's Keychain Access app. I know that there are some Applescript commands related to Keychain, but I haven't found a way to add Secure notes.

    Read the article

  • Best Secure Encryption for Zip Files via Linux

    - by Daniel
    I want to use highly secure encryption for zipped files via Linux/Ubuntu using a command line terminal, what is the best command line tool to get this job done? zip -e -P PASSWORD file1 file2 file3 file4 Or 7za a file.7z *.txt -pSECRET What encryption is used and how secure is it?

    Read the article

  • How to secure adhoc networks

    - by moshroum1
    What is the right way to secure adhoc networks? WPA_NONE is a cruel hack (doesn’t work most of the time, discards important packets, ..), WEP is not secure and Open… open is open. IPSec is a level to high. Does there exists something which works under linux and wifi?

    Read the article

  • Setting the secure flag on cookies from Outlook Web Access

    - by Cheekysoft
    I'm running Exchange 2007 SP3 which is exposing outlook web access over only HTTPS. However the server delivers the sessionid cookie without the secure flag set. Even though I don't have port 80 open, this cookie is still vulnerable to being stolen over port 80 in the event of a man-in-the-middle attack. It also contributes to a PCI-DSS failure Does anyone know if I can persuade the web server/application to set the secure flag?

    Read the article

  • Trying to link http://www.example.com to my shopping cart on https://secure.example.com

    - by Pickledegg
    Heres my saga - I'm trying to link http://www.example.com to my shopping cart on https://secure.example.com, but it doesnt seem to be linking correctly. Heres my code: <!--Google Analytics --> <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-125xxxxx-1"); //start cart link pageTracker._setDomainName(".example.com"); pageTracker._setAllowHash(false); //end cart link pageTracker._trackPageview(); } catch(err) {}</script> <!--Google Analytics --> Notice the two lines: pageTracker._setDomainName(".example.com"); pageTracker._setAllowHash(false); I added the first line so I could share the cookies between site and cart, and added the setAllowHash to make sure it used the utm values from the cookie, and didnt 'recreate' them when I entered https://secure.example.com. Using firecookie, it does indeed share the same cookie between site and cart, and the cookies domain is 'example.com'. I'm pretty sure though that if it was working right, all my utmz, utma values etc should be copied over and remain the same, but they're changing. I've copied all the params that are being sent to google analytics and pasted then below. It shows what is happening from my homepage, to my product page, then into my cart all the way to the page before ordering. ( I can't practically test the final page myself without buying something, so I'll post the code from our confirmation page later if needed.) Here goes: =============================================================== HOMEPAGE - http://www.example.com ---------------------------------------------------------------------------------------- utmac UA-125xxxxx-1 utmcc __utma=1.1920057171.1269446996.1269446996.1269446996.1;+__utmz=1.1269446996.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); utmcs UTF-8 utmdt GSM Cell Phone Rental from example utmfl 10.0 r45 utmhid 69978133 utmhn www.example.com utmje 1 utmn 1806413990 utmp / utmr - utmsc 24-bit utmsr 1280x800 utmul en-gb utmwv 4.6.5 PRODUCT PAGE - http://www.example.com/products/international-cell-phone-purchase/ ---------------------------------------------------------------- utmac UA-125xxxxx-1 utmcc __utma=1.1920057171.1269446996.1269446996.1269446996.1;+__utmz=1.1269446996.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); utmcs UTF-8 utmdt example | International Cell Phones utmfl 10.0 r45 utmhid 276151647 utmhn www.example.com utmje 1 utmn 155808433 utmp /products/international-cell-phone-purchase/ utmr 0 utmsc 24-bit utmsr 1280x800 utmul en-gb utmwv 4.6.5 CART STAGE 1 - https://secure.example.com/checkout/viewbasket.php ------------------------------------------------ utmac UA-125xxxxx-1 utmcc __utma=60286578.994269564.1269447144.1269447144.1269447144.1;+__utmz=60286578.1269447144.1.1.utmcsr=example.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/international-cell-phone-purchase/; utmcn 1 utmcs UTF-8 utmdt Your Cart utmfl 10.0 r45 utmhid 1802074903 utmhn secure.example.com utmje 1 utmn 1621444199 utmp 1-reviewcart utmr http://www.example.com/products/international-cell-phone-purchase/ utmsc 24-bit utmsr 1280x800 utmul en-gb utmwv 4.6.5 CART STAGE 2 - https://secure.example.com/checkout/docheckout.php ------------------------------------------------ utmac UA-125xxxxx-1 utmcc __utma=60286578.994269564.1269447144.1269447144.1269447144.1;+__utmz=60286578.1269447144.1.1.utmcsr=example.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/international-cell-phone-purchase/; utmcs UTF-8 utmdt Checkout utmfl 10.0 r45 utmhid 871670520 utmhn secure.example.com utmje 1 utmn 1153927228 utmp 2-checkout utmr 0 utmsc 24-bit utmsr 1280x800 utmul en-gb utmwv 4.6.5 CART STAGE 3 - https://secure.example.com/checkout/doreview.php ---------------------------------------------- utmac UA-125xxxxx-1 utmcc __utma=60286578.994269564.1269447144.1269447144.1269447144.1;+__utmz=60286578.1269447144.1.1.utmcsr=example.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/international-cell-phone-purchase/; utmcs UTF-8 utmdt Checkout utmfl 10.0 r45 utmhid 1731598159 utmhn secure.example.com utmje 1 utmn 1442257710 utmp 3-checkoutreview utmr 0 utmsc 24-bit utmsr 1280x800 utmul en-gb utmwv 4.6.5 =============================================================== As you can see, the utma values are not being preserved, so it looks like a config issue. I've studied the help does but none of the cases seem to fit mine. I hope someone can offer help on this, its been an ongoing problem of mine for a while, and would be good to finally get rock-solid reliable analytics set up.

    Read the article

  • Win 2003 SBS - secure enough by default?

    - by Pekka
    I have to set up a Windows 2003 Small Business Server to work as a Subversion repository and possibly as an E-Mail server later. The machine is a virtual one, hosted with a hosting company, and freshly initialized. I used the Security Configuration Wizard to deactivate all server roles. After I install Subversion, I will open the necessary ports for the service; in addition, obviously, RDP will stay open so I can remote control the machine. Automatic updates are activated, and I will set up E-Mail notification every time somebody logs on to the server. I'm a programmer and not a professional systems administrator, so I would like to know whether you would regard this a sane and secure setup for a (publicly available) box to host sensitive code and/or E-Mail on. Is there anything in addition I should do to make the machine secure? Is there anything I can do on a long-term basis to keep the machine secure, apart from monitoring the event log (as far as I can make sense out of it), and seeing that any hotfixes are installed properly?

    Read the article

  • Is the Windows VPN secure?

    - by Tor Haugen
    I have used a few VPN solutions over the years. Most are hard to set up, slow to connect and/or rather ill-behaved (replacing system drivers, disrupting each other etc). One solution I have never used earlier is the one built into Windows. This is mostly because the infrastructure guys always refuse to use it because they claim it's 'not secure'. Now I have finally had the chance to use it (on Windows 7), and wow, it's a breeze! Easy to set up, well-behaved, it connects almost instantly, automatically authenticates with my logged-in credentials, and integrates excellently with the UI. I have to say, unless it really isn't secure, I'll be happy if I never have to use another VPN product ever again. I gather the Windows VPN used to rely on PPTP, which is not considered secure. But in Windows 7/2008, it supports L2TP/IPSec, SSTP and IKEv2, and authenticates with EAP or CHAP/CHAPv2. That seems pretty up-to-date to me. But I'm just a lowly developer. Can someone in the know give me the lowdown on this?

    Read the article

  • Best solution top keep data secure

    - by mrwooster
    What is the simplest and most elegant way of storing a small amount of data in a reasonably secure way? I am not looking for ridiculous levels of advanced encryption (AES-256 is more than enough) and I am only looking to encrypt a small number of files. The files I wish to encrypt are mostly comprised of password lists and SSH keys for servers. Unfortunately it is impossible to keep track of ever changing passwords for my servers (and SSH keys) and so need to keep a list of the passwords. Obviously this list needs to be secure, and also portable (I work from multiple locations). At the moment, I use a 10MB encrypted disk image on my mac (std .dmg AES-256) and just mount it whenever I need access to the data. To my knowledge this is very secure and I am very happy using it. However, the data is not very portable. I would like to be able to access my data from other machines (especially ones running linux), and I am aware that there are quite a few issues trying to mount an encrypted .dmg on linux. An alternative I have considered is to create a tar archive containing the files and use gpg --symmetric to encrypt it, but this is not a very elegant solution as it requires gpg to be installed on every system. So, what over solutions exist, and which ones would you consider to be the most elegant? Ty

    Read the article

  • Oracle Desktop Virtualization at HIMSS 2011

    - by chris.kawalek(at)oracle.com
    The HIMSS Conference is an extremely important industry trade show put on by The Healthcare Information and Management Systems Society. It's being held in Florida starting this Sunday, February 20th. Their slogan, "Linking people, potential, and progress" could be true of Oracle desktop virtualization as well! The Oracle desktop virtualization group has worked very closely with the Oracle healthcare business unit to have a large presence at this show, and I wanted to tell you a bit about what we're doing: - All Oracle demos are being done on Sun Ray Clients That's right, every demo pod in the large Oracle booth will have a Sun Ray Client with each demo tied to a smart card. Too many people at your demo station? Pop your card out and go to a different one. We'll also be demoing Oracle desktop virtualization at a dedicated demo station, too. This is great stuff! Find Oracle at booth #1651 Oracle's page about HIMSS - Focus Group - Caregiver Mobility with Oracle Sun Ray Clients and Desktop Virtualization Feb 22, 3:15-4:15 PM This focus group will be for customers interested in Oracle desktop virtualization. It's invitation only, but you can comment on this blog post and we can give you info on how to attend (your comment won't be made public). - Solution Session - Fast, Secure, Workflow Optimized: Inexpensive Access to Care Information is Possible Inside and Outside of the Hospital Feb 23, 4:15 PM Booth #685, Wireless and Mobility Theatre Oracle's Adam Workman will cover caregiver mobility and the benefits of Oracle desktop virtualization to healthcare organizations. - New healthcare solutions page on oracle.com We've created a page dedicated to content involving desktop virtualization and healthcare. This will be your onestop shop if looking for desktop virtualization and healthcare information. - New desktop virtualization and healthcare solution data sheet This document outlines how we define "Caregiver Mobility" and how Oracle products are used to facilitate quicker, more secure access to patient data. We'll have some more updates from the show next week. It looks like its going to be an exciting event! -Chris

    Read the article

  • How do you avoid jumping to a solution when under pressure? [closed]

    - by GlenPeterson
    When under a particularly strict programming deadline (like an hour), if I panic at all, my tendency is to jump into coding without a real plan and hope I figure it out as I go along. Given enough time, this can work, but in an interview it's been pretty unsuccessful, if not downright counter-productive. I'm not always comfortable sitting there thinking while the clock ticks away. Is there a checklist or are there techniques to recognize when you understand the problem well enough to start coding? Maybe don't touch the keyboard for the first 5-10 minutes of the problem? At what point do you give up and code a brute-force solution with the hope of reasoning out a better solution later? A related follow-up question might be, "How do you ensure that you are solving the right problem?" Or "When is it most productive to think and design more vs. code some experiments to and figure out the design later?" EDIT: One close vote already, but I'm not sure why. I wrote this in the first person, but I doubt I'm the only programmer to ever choke in an interview. Here is a list of techniques for taking a math test and another for taking an oral exam. Maybe I'm not expressing myself well, but I'm asking if there is a similar list of techniques for handling a programming problem under pressure?

    Read the article

  • Which languages and techniques can I use to improve my coding practices?

    - by Danjah
    I've been offered the opportunity upskill through study, while at work which is great. My background I am mostly self-taught, but have worked with many excellent people over the years - both self-taught and fully educated, and on many decent projects. I have mild experience in Actionscript, I'm getting better every day with my Javascript, and my CSS is angled at best practice, but needs a bit of modernising. I'm a traditional interface developer, I'm not stupid and I like a challenge. My goal I need to start seeing ways of applying better logic, optimising code, refactoring, different styles of development (agile, others?), and.. well I need to try and start thinking like.. a more solid programmer. Its hard to describe, I have good solutions and I'm efficient - but I KNOW that there's a bunch I am missing. I am already employed with a solid career, but I feel the need to fill gaps. My question/s Are there a set of guiding principles you can recommend I focus on to improve the points above? Are there particular programming languages which I might focus on to get a broader overview? Do you think I should avoid particular styles of development, or even languages, while solidifying what might end up being part 'the basics' but hopefully 'advanced programming'? -- Sorry if this appears off topic or something but I figure you're probably some of the best people to ask.

    Read the article

  • How to deal with seniors' bad coding style/practices?

    - by KaluSingh Gabbar
    I am new to work but the company I work in hires a lot of non-comp-science people who are smart enough to get the work done (complex) but lack the style and practices that should help other people read their code. For example they adopt C++ but still use C-like 3 page functions which drives new folks nuts when they try to read that. Also we feel very risky changing it as it's never easy to be sure we are not breaking something. Now, I am involved in the project with these guys and I can't change the entire code base myself or design so that code looks good, what can I do in this situation? PS we actually have 3 page functions & because we do not have a concept of design, all we can do is assume what they might have thought as there is no way to know why is it designed the way it is. I am not complaining.I am asking for suggestion,already reading some books to solve the issues Pragmatic Programmer; Design portion from B.Stroustrup; Programming and principles by B.Stroustrup;

    Read the article

  • How to avoid jumping to a solution when under pressure? [closed]

    - by GlenPeterson
    When under a particularly strict programming deadline (like an hour), if I panic at all, my tendency is to jump into coding without a real plan and hope I figure it out as I go along. Given enough time, this can work, but in an interview it's been pretty unsuccessful, if not downright counter-productive. I'm not always comfortable sitting there thinking while the clock ticks away. Is there a checklist or are there techniques to recognize when you understand the problem well enough to start coding? Maybe don't touch the keyboard for the first 5-10 minutes of the problem? At what point do you give up and code a brute-force solution with the hope of reasoning out a better solution later? When is it most productive to think and design more vs. code some experiments to and figure out the design later? Here is a list of techniques for taking a math test and another for taking an oral exam. Is there is a similar list of techniques for handling a programming problem under pressure? ANSWERS: I think this is a valid answer: How To Solve It. I found the link as an answer to Steps to solve or approach towards a solution. There were also some really good tips at Is thinking out loud during an interview really the best strategy?. A great and concise argument for TDD is the first answer to TDD Writing code vs Figuring out the answer to a problem?. My question may be a near-duplicate of that one.

    Read the article

  • Coding style in .NET: whether to refactor into new method or not?

    - by Dione
    Hi As you aware, in .NET code-behind style, we already use a lot of function to accommodate those _Click function, _SelectedIndexChanged function etc etc. In our team there are some developer that make a function in the middle of .NET function, for example: public void Button_Click(object sender, EventArgs e) {     some logic here..     some logic there..     DoSomething();     DoSomethingThere();     another logic here..     DoOtherSomething(); } private void DoSomething() { } private void DoSomethingThere() { } private void DoOtherSomething() { } public void DropDown_SelectedIndexChanged() { } public void OtherButton_Click() { } and the function listed above is only used once in that function and not used anywhere else in the page, or called from other part of the solution. They said it make the code more tidier by grouping them and extract them into additional sub-function. I can understand if the sub-function is use over and over again in the code, but if it is only use once, then I think it is not really a good idea to extract them into sub-function, as the code getting bigger and bigger, when you look into the page and trying to understand the logic or to debug by skimming through line by line, it will make you confused by jumping from main function to the sub-function then to main function and to sub-function again. I know this kind of grouping by method is better when you writing old ASP or Cold fusion style, but I am not sure if this kind of style is better for .NET or not. Question is: which is better when you developing .NET, is grouping similar logic into a sub-method better (although they only use once), or just put them together inside main function and add //explanation here on the start of the logic is better? Hope my question is clear enough. Thanks.

    Read the article

  • How to UEFI install Ubuntu 12.10?

    - by Geezanansa
    Running a newer FM1 motherboard which is using an AMD 3870k APU with a new 1TB HDD. Following the advice in the motherboard manual and https://help.ubuntu.com/community/UEFI have now got to grub option screen for UEFI install. see http://imgur.com/VW5vz The dvd.iso being used is Ubuntu 12.10 desktop amd64 from ubuntu .com. The hdd has had a gpt partition table made for, by using gparted when in a live desktop session when booted in bios mode. (*edit/update: Although the old cd updates on running it is an old kernel and it did make a gpt but that version of gparted uses fdisk whereas gdisk is required to make gpt. Think am going to have to spend more time here http://www.dedoimedo.com/computers/gparted.html lol Using the gparted from 12.10 live session to make partitions; following the guidance regarding this at https://help.ubuntu.com/community/UEFI#Creating_an_EFI_partition, but can only boot to grub option screen http://imgur.com/VW5vz when 12.10 options to "try ubuntu" or "install ubuntu" are selected they give errors as described below*) but after making the gpt decided to leave it unformatted/unallocated space with the intention of using installer to set up partitions. update-originally but gparted now sees hdd as http://imgur.com/hFIvm as described above. *Booting live dvd in EFI mode gives "Secure Boot not installed" just before grub kernel option list with the option to "install ubuntu" but get "can not read cd/0" and "the kernel must be loaded first" errors; when that option is selected. Any pointers on how to get installer going for UEFI install would be good. Thanks in advance. update: Hopefully these screenshots can help better highlight where i am going wrong or if there is something else going on http://imgur.com/g30RB, http://imgur.com/VW5vz, http://imgur.com/31E0q, http://imgur.com/bnuaG, http://imgur.com/y4KGu, http://imgur.com/3u2QE, http://imgur.com/n9lN3, http://imgur.com/FEKvz, http://imgur.com/hFIvm, update: Thank you fernando garcia for pointing me in the right direction to start the process of elimantion. What i have done since asking question is a little home work starting here http://askubuntu.com/faq#bounty and here http://askubuntu.com/questions/how-to-ask. Looking at other similar questions was good fun and found this 12.10 UEFI Secure Boot install the most relative in helping getting ubuntu to uefi install on my system. In response to wolverine's question this article was referred to http://web.dodds.net/~vorlon/wiki/blog/SecureBoot_in_Ubuntu_12.10/ This article in the first sentence gives a link to http://www.ubuntu.com/download which is where i downloaded the 12.10 desktop amd64 .iso(and others) but have been unable to do a efi install of ubuntu on this system and as this is a new system have ended up just going with bios installer running which at least puts my mind at ease that i have not bricked my new mobo.(had to do a clrcmos and flash to latest bios version) So it possibly could be the bios settings or the bios version being used that is problem. To try and eliminate bios version i can not get to post screen in order to id bios version being used. Pressing tab to show post instead of logo and trying to pausebreak to catch post is proving difficult. If logo screen in bios is disabled just get black screen no post shown and pressing tab does not show post. Appreciate using appropriate bios settings and latest 12.10 release should simply get uefi installer running when selected from the grub list (nice graphic details in Identifying if computer boots the cd in efi mode section at https://help.ubuntu.com/community/UEFI#Identifying_if_the_computer_boots_the_CD_in_EFI_mode) And to confirm the hdd is booting in efi mode https://help.ubuntu.com/community/UEFI#Identifying_if_the_computer_boots_the_HDD_in_EFI_mode running the command [ -d /sys/firmware/efi ] && echo "EFI boot on HDD" || echo "Legacy boot on HDD" gave Legacy boot on HDD This is as expected because i allowed the bios installer (which was 12.04 desktop amd64 after trying 12.10 desktop amd64 in efi mode) to run to get a working installation. Which is not what was intended or wished for but wanted to get a working os to bench test new mobo i.e. prove it is working. There are other options as in installing other bootmanagers/loaders but do not wish to do so as shim should get grub2 going that is after secure boot has been signed.(Now got rough idea what should happen just it aint happening. Is it possible ahci drivers are required?) Will post boot info script url of the updated config/setup. The original question asked seems irrelevant to what is being said in this update but as the problem is not resolved will keep on trying efi installing! i.e the problem is same as when question asked just trying to update. Have tried to edit and update the best i can!

    Read the article

  • ASP.NET Adding Javascript to page if page not secure

    - by user204588
    Hello, I'm trying to add some share this javascript in between the head tags of an asp.net page but only if the page is not secure (!Request.IsSecureConnection). How do I get the code in the head tags to check for secure connection and then write the javascript if not secure. I've tried using <% % blocks and RegisterStartupScriptBlock and it's not working

    Read the article

< Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >