Search Results

Search found 5685 results on 228 pages for 'encrypted partition'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 166/228 | < Previous Page | 162 163 164 165 166 167 168 169 170 171 172 173  | Next Page >

  • Can a proxy server cache SSL GETs? If not, would response body encryption suffice?

    - by Damian Hickey
    Can a (||any) proxy server cache content that is requested by a client over https? As the proxy server can't see the querystring, or the http headers, I reckon they can't. I'm considering a desktop application, run by a number of people behind their companies proxy. This application may access services across the internet and I'd like to take advantage of the in-built internet caching infrastructure for 'reads'. If the caching proxy servers can't cache SSL delivered content, would simply encrypting the content of a response be a viable option? I am considering all GET requests that we wish to be cachable be requested over http with the body encrypted using asymmetric encryption, where each client has the decryption key. Anytime we wish to perform a GET that is not cachable, or a POST operation, it will be performed over SSL.

    Read the article

  • Decryption with the public key in iphone

    - by vignesh
    Hi all, I have a public key and an encrypted string. I could encrypt with publickey successfully.But when i try to decrypt using the publickey it fails. I mean when i pass the publickey seckeyDecrypt it fails. I have Googled and found out that by default kSecAttrCanDecrypt is false for public keys.So When i import the public key, i have added this particular line , [publicKeyAttr setObject:(id)kCFBooleanTrue forKey:(id)kSecAttrCanDecrypt]; But there is no improvement it still fails. Please somebody help.

    Read the article

  • Hashbytes comparison in stored proceduring not matching record

    - by Michael Itzoe
    The password field in my user table (SQL Server 2008) is encrypted using HASHBYTES on insertion. I have a stored procedure with parameters for the username and plain-text password which does a SELECT using that username and the password sent through HASHBYTES, then returns the user record if it finds a match. The SP is always returning an empty recordset, but if I copy and paste just the SELECT from the SP to a new query window, it returns the matched record. There're no other statements in the SP. I'm missing something here; what is it?

    Read the article

  • Can Parallel.ForEach be used safely with CloudTableQuery

    - by knightpfhor
    I have a reasonable number of records in an Azure Table that I'm attempting to do some one time data encryption on. I thought that I could speed things up by using a Parallel.ForEach. Also because there are more than 1K records and I don't want to mess around with continuation tokens myself I'm using a CloudTableQuery to get my enumerator. My problem is that some of my records have been double encrypted and I realised that I'm not sure how thread safe the enumerator returned by CloudTableQuery.Execute() is. Has anyone else out there had any experience with this combination?

    Read the article

  • Creating a function that will handle objects with common properties

    - by geocine
    Take this as an example I have trimmed this example for readability and you may not find the use of this concept here. class Teacher() { public Name {get; set;} public Salt {get; set;} public Department{get; set;} } class Student() { public Name {get; set;} public Salt {get; set;} public Section{get; set;} } public string GetEncryptedName(object Person) { //return encrypted name based on Name and Salt property return encrypt(object.Salt,object.Name) } callig the function GetEncryptedName(Teacher) GetEncryptedName(Student) How do you implement this kind of stuff?

    Read the article

  • decode mysql query before returning it to view

    - by stormdrain
    I'm running a query to mysql that returns encrypted data. I'd like, if possible, to decode the results before sending it to the view. It seems like better form to handle the decoding in the controller (or even the model) rather than inside the view. I can't seem to wrap my head around how to do it, though. I was thinking I could iterate through the object, decodode it, and push it to another array that would be sent to the view. Problem with this is I won't know (and need to keep) the indexes of the query. So the query might return something like: [id] => 742 [client_id] => 000105 [last] => dNXcw6mQPaGQ4rXfgIGJMq1pZ1dYAim0 [first] => dDF7VoO37qdtYoYKfp1ena5mjBXXU0K3dDlcq1ssSvCgpOx75y0A== [middle] =>iXy6OWa48kCamViDZFv++K6okIkalC0am3OMPcBwK8sA== [phone] => eRY3zBhAw2H8tKE Any ideas?

    Read the article

  • .NET desktop App remembering login to a webservice

    - by pete the pagan-gerbil
    I am in the planning stages of a .NET desktop app that will communicate with a web service. The web service requires a username and password, and a common feature in this sort of app is to save the user's credentials for the next logon. I've thought of a few ways of achieving this, but I am not sure what the most secure way would be. Should it be stored encrypted in a file (and could someone nefarious copy that file to their own machine and hence logon as the original person), or in the registry somehow (I've not done any registry work before, is it secure and would it work)? Are there any other options I might not have thought of?

    Read the article

  • Running Services.msc as a different User C#

    - by Simon Mark Smith
    Hi, I have a requirement to create a simple windows forms application that allows an admin user to manage the Services on remote servers. We don't want to give the admins the usernames and passwords to the servers so these will be encrypted and stored in a database. My question is whether or not it is possible to spawn a Services.msc window when impersonating one of the users stored within the database? I have looked at the ProcessStartInfo class but because Services.msc is not an executable it does not seem to like executing this. Any ideas on a simple way of doing the actual impersonation and loading of Services.msc - say off a button click? Thanks

    Read the article

  • PAC with kerberoes

    - by Varun
    I am currently working on kerberoes, and for now have this doubt on PAC in MS-KILE kerberoes extension. Can pac included in pactype strcuture withtin authorization data, is meant for client to decrypt and decode. It seems (if my understanding is correct), that PAC is encrypted with target server's encryption key, which is known only to kdc and target server, and therefore, client just needs to forward that to server when requesting a service, and isn't suppose to decrypt and extract details about its credentails. Is there a way to try to decrypt this on the fly? ( is there sufficient information available in AS-REP for me extract and decrypt this?

    Read the article

  • Android and PHP - Do I need to use sessions?

    - by jtnire
    I have created an Android App that communicates with a PHP web server. They both send JSON to each other. My App is almost finished, however there is one thing left to do: authentication. Since the user's username and password will be stored in Android SharedPreferences, is there any need to use PHP sessions, given that the user won't need to enter the username/password at every request? Since I can just send the username and password in the HTTP POST header for every request, and that I will be using SSL, is this sufficient? I guess I could add an extra field in the header called 'random' that just adds a random value, just to use as a salt so that the encrypted SSL payload will be different everytime. The reason why I don't want to use sessions is that my Android App would either have to handle cookies, or managed the storage of the session ID. If there are some serious cons to using my method above, then I'm more than happy to use sessions, however all advice is appreciated. Thanks

    Read the article

  • How to hash and salt passwords

    - by Henrik Skogmo
    I realize that this topic have been brought up sometimes, but I find myself not entirely sure on the topic just yet. What I am wondering about how do you salt a hash and work with the salted hash? If the password is encrypted with a random generated salt, how can the we verify it when the user tries to authenticate? Do we need to store the generated hash in our database as well? Is there any specific way the salt preferably should be generated? Which encryption method is favored to be used? From what I hear sha256 is quite alright. And lastly, would it be an idea to have the hash "re-salted" when the user authenticates? Thank you!

    Read the article

  • Are SqlCipher open cursors a security concern?

    - by user1178479
    I'm using SqlCipher with content providers. Right now, when I want to lock the app I just clear out the cached password. However, the app can continue to work with any open cursors. This means that re-opening the app grants access to the sensitive data. I fix this issue on the surface by redirecting to a login screen if the app doesn't have passwords. However, I'm concerned if there are any security issues with these open cursors or if I should just continue to block UI access and not worry? SqlCipher's docs say that it reads/writes encrypted pages on the fly, as opposed to decrypting the entire DB, this makes me think that open cursors are still secure. The main concern here is that someone loses their phone and then a knowledgeable individual can use these open cursors to extract sensitive data.

    Read the article

  • Returning multiple datasets from a stored proc in VB

    - by Ryan Stephens
    I have an encrypted SQL Server stored proc that I run with (or the vb .net equivalent code of): declare @p4 nvarchar(100) set @p4=NULL declare @p5 bigint set @p5=NULL exec AA_PAY_BACS_EXPORT_RETRIEVE_S @PS_UserId=N'ADMN', @PS_Department=N'', @PS_PayFrequency=2, @PS_ErrorDescription=@p4 output select @p4, @p5 this returns 2 datasets and the output parameters for the results, the datasets are made up of various table joins etc, one holds the header record and one the detail records. I need to get the 2 datasets into a structure in VB .net (e.g. linq, sqldatareader, typed datasets) so that I can code with them, I don't know what tables any of this comes from and there are alot of them Whooopeee!!! I came close using Linq to SQL and IMultipleResults but got frustrated when I had to recode it every time I made a change to the designer file. My feelings are that there must be a simple way to do this, any ideas?

    Read the article

  • Can't download file in IE7 but there isn't any problem in Firefox, Chrome, etc..?

    - by levhita
    I have an script that receives an encrypted url and from that generates a download, the most critic par of the script is this: $MimeType = new MimeType(); $mimetype = $MimeType->getType($filename); $basename = basename($filename); header("Content-type: $mimetype"); header("Content-Disposition: attachment; filename=\"$basename\""); header('Content-Length: '. filesize($filename)); if ( @readfile($filename)===false ) { header("HTTP/1.0 500 Internal Server Error"); loadErrorPage('500'); } Downloads works as charm in any Browser except IE, I have seen problems related to 'no-cache' headers but I don't send anything like that, they talk about utf-8 characters, but there is not any utf-8 characters(and the $filename has not any utf-8 characteres neither).

    Read the article

  • Deploying BlackBerry Applications Across Environments

    - by sethxian
    Has anyone come up with a good solution for deploying BlackBerry applications across different environments? My example is storing URLs and Authentication information in code. In most cases, a developer is going to have a different set of URL's to test against when developing the application vs what the end user is going to hit. The idea is when I go to build for production, I have something swap out the environment settings for the target environment vs manually replacing environment specific code each time. I am currently using eclipse. The only thought I've come up with so far would be to use a resource with encrypted values and have that swap when I run my build. Any ideas?

    Read the article

  • How do I secure password parameters in RESTful web service URIs?

    - by adam
    i'm a newbie to server-side programming, so please forgive me if this gets messy. i've been contracted to create a web service to allow authenticated users to access a database. users have to enter a login and password. been reading and reading about REST vs SOAP, and i thought i'd settled on a RESTful design when i came across this statement: "Data that needs to be secure should not be sent as parameters in URIs." this seems like a major demerit against a RESTful approach. i'm aware that with https the password would be encrypted to prevent man-in-the-middle interception, but that leaves the server logs and client history as possible exposure points. is there a RESTful solution out there for this problem, or do i need to go SOAPy? any advice appreciated.

    Read the article

  • Howto convert to string and read data from TCP packet

    - by salime
    I used sharppcap to capture TCP packets. Now i wanna reconstruct HTTP packet from TCP packets but i don't know how. I read somewhere i can find start of HTTP packet in TCP data... i tried to convert byte[] TCP data to string using this code: string s = System.Text.Encoding.UTF8.GetString(tcp_pack.Data); but the string isn't readable. like a binary file that is opened with notepad. is it because the data is encrypted or code is incorrect? how can i reconstruct HTTP packet from TCP packets?

    Read the article

  • SSL and Tomcat using Java

    - by Marquinio
    Hello all, I'm new to SSL connections so here goes my question. I have a desktop Java program in a JAR file. This JAR sends sensitive information over the internet to a remote Tomcat server. Of course I need to encrypt the data. If I purchase an SSL cerfiticate say from Verisign, will the data sent over SSL be automatically encrypted? I mean in my JAR, will I still need to do extra work like use Java encryption extensions API to manually encrypt my data over the SSL connection? Thank you.

    Read the article

  • Replacing backslashes in Python strings

    - by user323659
    I have some code to encrypt some strings in Python. Encrypted text is used as a parameter in some urls, but after encrypting, there comes backslashes in string and I cannot use single backslash in urllib2.urlopen. I cannot replace single backslash with double. For example: print cipherText '\t3-@\xab7+\xc7\x93H\xdc\xd1\x13G\xe1\xfb' print cipherText.replace('\\','\\\\') '\t3-@\xab7+\xc7\x93H\xdc\xd1\x13G\xe1\xfb' Also putting r in front of \ in replace statement did not worked. All I want to do is calling that kind of url: http://awebsite.me/main?param="\t3-@\xab7+\xc7\x93H\xdc\xd1\x13G\xe1\xfb" And also this url can be successfully called: http://awebsite.me/main?param="\\t3-@\\xab7+\\xc7\\x93H\\xdc\\xd1\\x13G\\xe1\\xfb" Any idea will be appreciated.

    Read the article

  • How to show the animation without exposing the code?

    - by bonCodigo
    There's an animation done in jQuery within jsfiddle. I do not have a website as of now to "implant" it and share the URL. I also can't give the jsfiddle. So how can I share my animation to the audience without showing the code? Does github or any other facility tools allow locking the code and showing the final product without having a website, yet I could get a URL for the audience to view it? I regret for the rookie-question in this context as I am still new to web stuff. EDIT: jsFiddle shows 3 code windows along the results :html, css, js. My requirement is to only show the results window to the audience and by all means to hide codes and leads via URL to the codes. Ideal solution demands a results to be shown and URL that is encrypted (at best).

    Read the article

  • C# connectionString encryption questions

    - by 5YrsLaterDBA
    I am learning how to encrypt the ConnectionString for our C# (3.5) Application. I read the .Net Framwork Developer Guide (http://msdn.microsoft.com/en-us/library/89211k9b(VS.80).aspx) about securing connection string. but not fully understand the contents. It says "The connection string can only be decrypted on the computer on which it was encrypted." We have a release machine which will build our application which will generate the OurApp.exe.config and then install it to many product machines. Is that meam we have to have this encryption process separated with our application and run it at individual product machine? We may use the "RSAProtectedConfigurationProvider". It mentioned we need encryption key for that provider. when and how we should provide the encryption key? thanks,

    Read the article

  • Problems with system() calls in Linux

    - by Thomas
    I'm working on a init for an initramfs in C++ for Linux. This script is used to unlock the DM-Crypt w/ LUKS encrypted drive, and set the LVM drives to be available. Since I don't want to have to reimplement the functionality of cryptsetup and gpg I am using system calls to call the executables. Using a system call to call gpg works fine if I have the system fully brought up already (I already have a bash script based initramfs that works fine in bringing it up, and I use grub to edit the command line to bring it up using the old initramfs). However, in the initramfs it never even acts like it gets called. Even commands like system("echo BLAH"); fail. So, does anyone have any input?

    Read the article

  • Windows Server 2008 R2 Service Pack 1 issue

    - by saj
    Net 4.0 websites running on a Windows Server 2008 R2 server using IIS 7.0. The websites allows Single Sign on via an encrypted token passed in a query string e.g. www.mywebsite.com?token=1159CE30A4ED1148E86D779AC7A1CF4DC75CCEC7213401D13CA181A2ED1C29A8. However, after installing Service Pack 1; SSO has stopped working and the website redirects to www.mywebsite.com. The redirect occurs before any code is hit. No idea what is causing this and any ideas would be much appreciated.

    Read the article

  • Append all logs to /var/log

    - by iCy
    Application scenario: I have the (normal/permanent) /var/log mounted on an encrypted partition (/dev/LVG/log). /dev/LVG/log is not accessible at boot time, it needs to be manually activated later by su from ssh. A RAM drive (using tmpfs) is mounted to /var/log at init time (in rc.local). Once /dev/LVG/log is activated, I need a good way of appending everything in the tmpfs to /dev/LVG/log, before mounting it as /var/log. Any recommendations on what would be a good way of doing so? Thanks in advance!

    Read the article

  • MySQL Accept Any Password

    - by George
    Suppose that I have a test server with a large group of test accounts. The test accounts have unknown passwords which are hard-coded into the application's reports and are stored encrypted in the mysql.users table. Is there any option or hack which can be used to make mysql accept any text as the "correct" password for an account? For example: Update mysql.user Set Password="*" where 1=1 Note: The above line wouldn't work because it would literally set the password to "*" and not the wildcard character. However, I am looking for a way to create a mysql account which would accept anything as a valid password. This machine is disconnected from the network and I have full access to the mysql database...

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 162 163 164 165 166 167 168 169 170 171 172 173  | Next Page >