Search Results

Search found 8253 results on 331 pages for 'secure coding'.

Page 17/331 | < Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24  | Next Page >

  • How about the "Certified Secure Software Lifecycle Professional"?

    - by Ekkapop
    I have invited to join Certified Secure Software Lifecycle Professional training course, however I have no idea about this course. Course's details give me only an overview of information, for example, this course is about how to gathering requirement about security, how to doing something in more secure ways etc. Did anyone have experience about Certified Secure Software Lifecycle Professional? Is it worth to attend this course?

    Read the article

  • Securely persist session between https://secure.yourname.com and http://www.yourname.com on rails ap

    - by Matt
    My rails site posts to a secure host (e.g. 'https://secure.yourname.com') when the user logs into the site. Session data is stored in the database, with the cookie containing only the session ID. The problem is that when the user returns to a non-https page, such as the home page (e.g. 'http://www.yourname.com') the user appears to have logged out. I believe the reason for this is that a separate cookie is stored for each host (www vs. secure). Is this correct? What is the best secure way to persist the session between both the http and https sections of the site? Does anyone know of any plugins that address this problem? The site runs on Heroku.

    Read the article

  • Background task in mobile phone to access a secure element and a web server

    - by Splryxx
    Is it possible in a GSM mobile phone OS (e.g. Android, Win Mo, Symbian, etc.) to have some kind of background task or application able to exchange data at the same time with a web server and a secure element of the mobile? The purpose if for the web server to be able to push APDUs to the secure element (an retrieve response APDUs) without activating the IHM of the mobile. NB: I know that this is possible when the secure element is the one managing the GSM baseband, for example using BIP as described in Ulysse specifications. My question is only when using another secure element (e.g. Java Card in a microSD).

    Read the article

  • Use of c89 in GNU software

    - by Federico Culloca
    In GNU coding standard it is said that free software developer should use C89 because C99 is not widespread yet. 1999 Standard C is not widespread yet, so please do not require its features in programs. Reference here. Are they talking about developers knowledge of C99, or about compilers supporting it? Also, is this statement plausible as of today or is it somewhat "obsolete" or at least obsolescent.

    Read the article

  • How does a "Variables introduce state"?

    - by kunj2aan
    I was reading the "C++ Coding Standards" and this line was there: Variables introduce state, and you should have to deal with as little state as possible, with lifetimes as short as possible. Doesn't anything that mutates eventually manipulate state? What does "you should have to deal with little state as possible" mean? In an impure language such as C++, isn't state management really what you are doing? And what are other ways to "deal with as little state as possible" other than limiting variable lifetime?

    Read the article

  • What are the names for various forms of camel-case style naming?

    - by Robert Dailey
    For the purposes of communicating coding styles to my co-workers, what would I formally call the following variants of camel case? camelCase and CamelCase Notice that the former version starts with a lower-case alphabetic character, and the latter version starts with an upper-case alphabetic character. I assume these have some sort of "official name". Also if there are any other forms I have not listed here, bonus points to those that mention them as well as well as their names.

    Read the article

  • improve if else statement for multiple condition

    - by kitokid
    My superior said the following is bad code. But he didn't mention anything how to improve it. What might be the alternative elegant way of coding below statements, without using if else? if(name.equalsIgnoreCase("AAA")){ //do something }else if(name.equalsIgnoreCase("BBB")){ //do something }else if(name.equalsIgnoreCase("CCC")){ //do something }else if(name.equalsIgnoreCase("DDD")){ //do something }else if(name.equalsIgnoreCase("EEE")){ //do something }else{ //do something } Edited: I am using Java 6.

    Read the article

  • PulseAudio on Cygwin: Failed to create secure directory: Unknown error 13

    - by Nithin
    I am unable to run PulseAudio on Cygwin. Operating System: Windows 8 Pro 64 bit Cygwin Setup.exe Version: 2.831 (64 bit) PulseAudio Version: 2.1-1 When I run: pulseaudio -vv this is the output: D: [(null)] core-util.c: setpriority() worked. I: [(null)] core-util.c: Successfully gained nice level -11. I: [(null)] main.c: This is PulseAudio 2.1 D: [(null)] main.c: Compilation host: x86_64-unknown-cygwin D: [(null)] main.c: Compilation CFLAGS: -ggdb -O2 -pipe -fdebug-prefix-map=/usr/src/ports/pulseaudio/pulseaudio-2.1-1/build=/usr/src/debug/pulseaudio-2.1-1 -fdebug-prefix-map=/usr/src/ports/pulseaudio/pulseaudio-2.1-1/src/pulseaudio-2.1=/usr/src/debug/pulseaudio-2.1-1 -Wall -W -Wextra -Wno-long-long -Wvla -Wno-overlength-strings -Wunsafe-loop-optimizations -Wundef -Wformat=2 -Wlogical-op -Wsign-compare -Wformat-security -Wmissing-include-dirs -Wformat-nonliteral -Wpointer-arith -Winit-self -Wdeclaration-after-statement -Wfloat-equal -Wmissing-prototypes -Wredundant-decls -Wmissing-declarations -Wmissing-noreturn -Wshadow -Wendif-labels -Wcast-align -Wstrict-aliasing -Wwrite-strings -Wno-unused-parameter -ffast-math -Wp,-D_FORTIFY_SOURCE=2 -fno-common -fdiagnostics-show-option D: [(null)] main.c: Running on host: CYGWIN_NT-6.2 x86_64 1.7.25(0.270/5/3) 2013-08-31 20:37 D: [(null)] main.c: Found 4 CPUs. I: [(null)] main.c: Page size is 65536 bytes D: [(null)] main.c: Compiled with Valgrind support: no D: [(null)] main.c: Running in valgrind mode: no D: [(null)] main.c: Running in VM: no D: [(null)] main.c: Optimized build: yes D: [(null)] main.c: FASTPATH defined, only fast path asserts disabled. I: [(null)] main.c: Machine ID is 5d8bd07cb924c67197184e42527f2603. E: [(null)] core-util.c: Failed to create secure directory: Unknown error 13 When I instead run pulseaudio -vv --start the output is this: E: [autospawn] core-util.c: Failed to create secure directory: Unknown error 13 W: [autospawn] lock-autospawn.c: Cannot access autospawn lock. E: [(null)] main.c: Failed to acquire autospawn lock When I ran strace pulseaudio -vv, the red-colored lines in the output were: 28 1637050 [main] pulseaudio 5104 fhandler_pty_slave::write: (669): pty output_mutex(0xBC) released 26 1637076 [main] pulseaudio 5104 write: 7 = write(2, 0x3FE171079, 7) 42 1637118 [main] pulseaudio 5104 fhandler_pty_slave::write: pty0, write(0x60003BB40, 51) 27 1637145 [main] pulseaudio 5104 fhandler_pty_slave::write: (654): pty output_mutex (0xBC): waiting -1 ms 23 1637168 [main] pulseaudio 5104 fhandler_pty_slave::write: (654): pty output_mutex: acquired Failed to create secure directory: Unknown error 13 21 1637189 [main] pulseaudio 5104 fhandler_pty_slave::write: (669): pty output_mutex(0xBC) released 29 1637218 [main] pulseaudio 5104 write: 51 = write(2, 0x60003BB40, 51) 46 1637264 [main] pulseaudio 5104 fhandler_pty_slave::write: pty0, write(0x3FE17106F, 4) 24 1637288 [main] pulseaudio 5104 fhandler_pty_slave::write: (654): pty output_mutex (0xBC): waiting -1 ms 24 1637312 [main] pulseaudio 5104 fhandler_pty_slave::write: (654): pty output_mutex: acquired Please can someone help me?

    Read the article

  • Is it Secure to Grant Apachie User Ownership of Directories & Files for Wordpress

    - by Oudin
    I'm currently setting up WordPress on an Ubuntu server 12 everything runs fine but there is an issue when it comes to automatically updating and uploading media via WP as Apache "www-data" user does not have permissions to write to the directories. "user1" has full permission All my directories have permissions of 0755 and files 644 my directories setup is as follows: /home/user1/public_html All WP files and directories are in "public_html" In order to work around the auto updating and uploading media I've granted Apache user ownership to the following directories sudo chown www-data:www-data wp-content -R sudo chown www-data:www-data wp-includes -R sudo chown www-data:www-data wp-admin -R I would like to know security wise how secure this is and if it is not secure what would be the best solution? That will allow me to keep all files and directories owned by user1 and still allow wp to be able to automatically update and uploading media

    Read the article

  • How to setup Secure SemiPublic Revision Control System

    - by user24912
    I have a windows server with a project configured with a revision control system. Suppose it's GIT or SVN or .... Suppose there are 10 people around the globe working on this project. The first thing that comes in to mind is to secure the connection between these programmer and the server with SSH. but my problem is that the a hacker can destroy the server if he gets the SSH username and password user account (tell me if i'm wrong). So I need a secure way to let thoes programmers push their revision to the server. Any ideas would be lovely

    Read the article

  • Good, secure video chat program

    - by wag2639
    I'm looking for something similar to skype but basically just for me to video chat with my girlfriend. Skype has been kind of buggy lately with its recent iterations and doesn't seem to be progressing as much as when it was with its previous backers. Are there any good, secure video chat programs? Something that customizable and lets you choose framerate vs pixelation and is generally secure (I don't care if the NSA can tap it but no one else, especially over unencrypted wifi's). Open source is preferred but not required. Free or really really cheap is practically required. Also, since this is point to point, an i am a power user (and my gf as well), it can involve some manual setup to establish a point-to-point link. Any suggestions, Thanks.

    Read the article

  • How do I make webmin secure?

    - by Josiah
    I want to install webmin to make server administration tasks on my Ubuntu 10.4 server easier. However I'm very nervious about having that kind of power accessable over the web. So I want to know how to secure webmin so that it can't be used to comprimise my server. So far here are my ideas, but I still don't feel comfortable: Make webmin accessable from only the localhost (how?) Use SSH tunneling to access the webmin server whenever I need to administrate it Can anyone help me with instructions on making webmin accessable only from the localhost? What other ways can I make webmin secure?

    Read the article

  • Setup secure shared hosting (Apache, PHP, MySQL)

    - by Apaz
    So I'm setting up a shared hosting with Apache, PHP, MySQL and the biggest question mark is how to do with PHP, since there is a million options out there how to configure it securely. The plan is: Chroot for MySQL (built in support for chroot) Chroot for Apache (mod_security) Each user executing their PHP-scripts as their own user (see below) Set open_basedir Disable all "evil" php-functions (allow_url_fopen, system, exec, and so on) Ive looked at suexec and suphp but they seems very slow; http://blog.stuartherbert.com/php/2007/12/18/using-suexec-to-secure-a-shared-server/ http://blog.stuartherbert.com/php/2008/01/18/using-suphp-to-secure-a-shared-server/ So I've looked some more and found some other solutions: apache2-mpm-itk + mod_php(?) mod_fcgid + php-fpm mod_fastcgi + php-fpm Ive tried a simple setup with mod_fastcgi + php-fpm and it seems to work, runs as correct user and so on, but the protection against directory traveling is still open_basedir(?) One solution for that could be to use php-fpm's chroot option, but that causes a lot of other issues like domain name resolver does not work sending mail does not work Tips?

    Read the article

  • How secure is Microsoft 2007's encryption?

    - by ericl42
    I've read some various articles about Microsoft's encryption, and from what I gather, 2007 is secure using all default options due to it using AES, and 2000 and 2003 can be configured secure by changing the default algorithm to AES. I was wondering if anyone else has read any other articles or know of any specific vulnerabilities involved with how they implement the encryption. I would like to be able to tell users that they can use this to send semi sensitive documents as long as they use AES and a strong password. Thanks for the information.

    Read the article

  • Portable and Secure Document Repository

    - by Sivakanesh
    I'm trying to find a document manager/repository (WinXP) that can be used from a USB disk. I would like a tool that will allow you to add all documents into a single repository (or a secure file system). Ideally you would login to this portable application to add or retrieve a document and document shouldn't be accessible outside of the application. I have found an application called Benubird Pro (app is portable) that allows you to add files to a single repository, but downsides are that it is not secure and the repository is always stored on the PC and not on the USB disk. Are you able to recommend any other applications? Thanks

    Read the article

  • Is it Secure to Grant Apache User Ownership of Directories & Files for Wordpress

    - by Oudin
    I'm currently setting up WordPress on an Ubuntu server 12 everything runs fine but there is an issue when it comes to automatically updating and uploading media via WP as Apache "www-data" user does not have permissions to write to the directories. "user1" has full permission All my directories have permissions of 0755 and files 644 my directories setup is as follows: /home/user1/public_html All WP files and directories are in "public_html" In order to work around the auto updating and uploading media I've granted Apache user ownership to the following directories sudo chown www-data:www-data wp-content -R sudo chown www-data:www-data wp-includes -R sudo chown www-data:www-data wp-admin -R I would like to know security wise how secure this is and if it is not secure what would be the best solution? That will allow me to keep all files and directories owned by user1 and still allow wp to be able to automatically update and uploading media

    Read the article

  • How to specify Multiple Secure Webpages with .htaccess RewriteCond

    - by Patrick Ndille
    I have 3 pages that I want to make secure on my website using .htaccess -login.php -checkout.php -account.php I know how to make just one work page at a time using .htaccess RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} /login.php RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] I and trying to figure out how to include the other 2 specific pages to make them also secure and used the expression below but it didn't work RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} /login.php RewriteCond %{REQUEST_URI} /checkout.php RewriteCond %{REQUEST_URI} /account.php RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] Can someone help me the right expression that will work with multiple pages? The second part of the code is that, if https is already on and a user move to a page that Is not any of the pages i specified about, I want that it should get back to http. how should I write the statement for it to redirect back to http if its not any of the pages above? I have my statement like this but its not working RewriteCond %{HTTPS} on RewriteRule !(checkout|login|account|payment)\.php http://%{HTTP_HOST}%{REQUEST_URI} [L,R] Any thoughts?

    Read the article

  • Coding for fun

    - by Klelky
    I would describe myself as a career coder - i.e. a developer at work but never really coded for fun. Early in my career I've hit the management track though. I really like my current job and can't see me going back to coding anytime soon so: Whats the best way to develop my coding skills and learn new languages in my spare time?

    Read the article

  • xhtml-css coding before Drupal Implementing?

    - by artmania
    Hi friends, I'm going to start my first Drupal project :) pretty excited. I have many questions in my head :/ but I will find out the answers and learn many about Drupal while working on this project. ok, I have the design completed. now is it better to make xhtml-css coding of all pages, and then implementing these codes to Drupal? or is it better to make xhtml-css coding straight into Drupal theme? Appreciate advices!

    Read the article

  • Best Practises - Increase Mood for Coding

    - by Lukas Šalkauskas
    I recently find my self stuck in state where I feel not very into code, I need some kind of inspiration, so sometimes I just review somebody's code, watch some kind of movie about coding or something like that, but not always I get what I need, if you know what I mean. How do you increase your mood for coding ?

    Read the article

  • C++ Coding Style Conventions Doc

    - by uray
    I need to write some coding style convention document in C++ for my team, is there any example or reference how such document is made, what should I define? which convention is should be avoided? is there any C++ coding style standard defined somewhere? or care to share some if you have one? *note: I know its been asked many time, but what I need is something like this http://java.sun.com/docs/codeconv/html/CodeConvTOC.doc.html but specifically for C++

    Read the article

  • Visual Studio 2008 not detecting Errors while coding

    - by mouthpiec
    Hi, I just installed VS on another PC, but this time, while I am coding, it is not marking syntax errors while I am coding..... I need to press F6 to get the errors. Normally when for example typing the line below, I get 's' underlined saying that there is a mismatch. Any ideas how I can enable this option? string s = 4;

    Read the article

  • Healthcare and Distributed Data Don't Mix

    - by [email protected]
    How many times have you heard the story?  Hard disk goes missing, USB thumb drive goes missing, laptop goes missing...Not a week goes by that we don't hear about our data going missing...  Healthcare data is a big one, but we hear about credit card data, pricing info, corporate intellectual property...  When I have spoken at Security and IT conferences part of my message is "Why do you give your users data to lose in the first place?"  I don't suggest they can't have access to it...in fact I work for the company that provides the premiere data security and desktop solutions that DO provide access.  Access isn't the issue.  'Keeping the data' is the issue.We are all human - we all make mistakes... I fault no one for having their car stolen or that they dropped a USB thumb drive. (well, except the thieves - I can certainly find some fault there)  Where I find fault is in policy (or lack thereof sometimes) that allows users to carry around private, and important, data with them.  Mr. Director of IT - It is your fault, not theirs.  Ms. CSO - Look in the mirror.It isn't like one can't find a network to access the data from.  You are on a network right now.  How many Wireless ones (wifi, mifi, cellular...) are there around you, right now?  Allowing employees to remove data from the confines of (wait for it... ) THE DATA CENTER is just plain indefensible when it isn't required.  The argument that the laptop had a password and the hard disk was encrypted is ridiculous.  An encrypted drive tells thieves that before they sell the stolen unit for $75, they should crack the encryption and ascertain what the REAL value of the laptop is... credit card info, Identity info, pricing lists, banking transactions... a veritable treasure trove of info people give away on an 'encrypted disk'.What started this latest rant on lack of data control was an article in Government Health IT that was forwarded to me by Denny Olson, an Oracle Principal Sales Consultant in Minnesota.  The full article is here, but the point was that a couple laptops went missing in a couple different cases, and.. well... no one knows where the data is, and yes - they were loaded with patient info.  What were you thinking?Obviously you can't steal data form a Sun Ray appliance... since it has no data, nor any storage to keep the data on, and Secure Global Desktop allows access from Macs, Linux and Windows client devices...  but in all cases, there is no keeping the data unless you explicitly allow for it in your policy.   Since you can get at the data securely from any network, why would you want to take personal responsibility for it?  Both Sun Rays and Secure Global Desktop are widely used in Healthcare... but clearly not widely enough.We need to do a better job of getting the message out -  Healthcare (or insert your business type here) and distributed data don't mix. Then add Hot Desking and 'follow me printing' and you have something that Clinicians (and CSOs) love.Thanks for putting up my blood pressure, Denny.

    Read the article

< Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24  | Next Page >