Search Results

Search found 2113 results on 85 pages for 'encryption asymmetric'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 18/85 | < Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25  | Next Page >

  • Should I encrypt data in database?

    - by Tio
    I have a client, for which I'm going to do an Web application about patient care, managing patients, consults, history, calendars, everything about that basically. The problem is that this is sensitive data, patient history and such. The client insists on encrypting the data at the database level, but I think this is going to deteriorate the performance of the web app. ( But maybe I shouldn't be worried about this ) I've read the laws about data protection on health issues ( Portugal ), but isn't very specific about this ( I just questioned them about this, I'm waiting for their response ). I've read the following link, but my question is different, should I encrypt the data in the database, or not. One problem that I foresee in encrypting data, is that I'm going to need a key, this could be the user password, but we all know how user passwords are ( 12345 etc etc ), and generating a key I would have to store it somewhere, this means that the programmer, dba, whatever could have access to it, any thoughts on this? Even adding an random salt to the user password isn't going to solve the problem since I can always access it, and therefore decrypt the data.

    Read the article

  • How large should I make root, home, usr, var, and tmp partitions?

    - by Teddy Okidoki
    i install ubuntu server 10.04, have 64 Gb VHD. And want to separate partitions in this mode: /dev/xvda0 p on swap (2 Gb) /dev/xvda1a0 e on /boot (128 Mb) /dev/xvda1a1 e on / type ffs (local) /dev/xvda1a2 e on /usr type ffs (local, nodev) /dev/xvda1a3 e on /tmp type ffs (local, nodev) /dev/xvda1a4 e on /var/log type ffs (local, nodev) /dev/xvda1a5 e on /var type ffs (local, nodev, nosuid) /dev/xvda1a6 e on /home type ffs (local, nodev, nosuid, with quotas) /dev/xvda2 p on /new (local, nodev, nosuid, noexec) with rest of space ~50Gb. But i'ma stuck, and don't know what size to give to each folder. Also i want to encrypt partitions. Thank you for any tips. EDIT: System need minimum size, here will be installed about 10 apps like ufw, apache,mysql, chkrootkit and so on.

    Read the article

  • WinRAR extracting file before checking password? [closed]

    - by opatachibueze
    I tried extracting an encrypted rar file today, and I discovered that I had to wait the same amount of time I'll wait before a file is extracted (extraction reaches 99% completion) for WinRAR to conclude it's the wrong password (winrar message: "CRC failed wrong password or corrupt file?") . My guess is that this file is somewhere on the Computer just before the detection, - it has to be and then gets deleted after it's verified that the password is not the same? Is there anyway I can forcefully get this file from the PC? Thanks.

    Read the article

  • Cron won't execute if am not logged in

    - by JonaMX
    I have a cron that makes a backup of MySql, if I execute on shell it works pretty well even if I'm logged when cron supposed to execute works fine, but if I'm not logged just won't execute, I don't know what could happened, any suggestion ? Crontab 00 04 * * * /home/administrador/scripts/respaldo.sh respaldo.sh #!/bin/sh mysql -uroot -p[PASS] ccs < /home/administrador/scripts/limpia.sql mysqldump -uroot -p[PASS] --routines ccs > /home/administrador/backups/backup_$(date +%Y%m%d).sql mysqlcheck -uroot -p[PASS] --auto-repair --optimize ccs cd /home/administrador/backups/ tar -zcf backup_$(date +%Y%m%d).tgz backup_$(date +%Y%m%d).sql rm backup_$(date +%Y%m%d).sql find -name '*.tgz' -type f -mtime +90 -exec rm -f {} \; respaldo.sh has execute permission SOLUTION The problema was that the /home/adminsitrador directory was an encrypted folder so when the user is logged in the folder it's decrypted and everything works but when the user it's logged off the folder it's encrypted and the cron can't access to that path, so I've changed the cron script and backup to another unencrypted folder and to root user and now everything it's working pretty well, thanks to all for your help !

    Read the article

  • Encrypted usb stick not booting anymore how can I resolve the Disaster

    - by statquant
    Guys I am experiencing massive problem here. I created a bootable usb stick that I "full disk" encrypted with Ubuntu 13.04. I was using it when it froze. I had to reboot it manually and now I cannot boot on it anymore (It is not listed in the boot menu anymore) If I put when I run Ubuntu on my laptop ubuntu can see it and I am asked for a password But the correct password does not seem to work (I assume that this passphrase is the one I was using previously at startup) Can you please help me figure this thing out, this is massive problem to me...

    Read the article

  • cryptsetup partitions not detected at boot

    - by Luis
    I installed a fresh 12.04 and tried to mimic what I had for 10.04. swap should be encrypted with a urandom key and there's another partition that will contain home and other directories. # cat /etc/crypttab | grep -v '^#' | grep -v '^$' cryptswap /dev/sda5 /dev/urandom swap encriptado /dev/sda6 # grep -e 'cryptswap' -e 'encriptado' /etc/fstab /dev/mapper/cryptswap swap swap defaults 0 0 /dev/mapper/encriptado /encriptado ext4 defaults 0 0 I also apt-get install cryptsetup When I boot, the system says (try to translate) that either the partition is not found or is not ready. I should wait, press M for manual or S to jump over. What am I missing here?

    Read the article

  • Safest way (i.e. HTTPS, POST, PGP) to send decryption keys through the web?

    - by theGreenCabbage
    I am in the final stages of development for my Revit plugin. This plugin is programmed in C#, and distributed via a DLL. One of the DLLs is an encrypted SQLite database (with proprietary data) that is in the form of a DLL. Currently, in development stages, the decryption key for the SQLite database is hardcoded in my main DLL (the program's DLL). For distribution, since DLLs are easily decompilable, I am in need of a new method to decrypt the DLL. My solution is to send our decryption keys from our servers securely to the host's computer. I was looking in POST, thinking it was more secure than GET, but upon research, it appears it's similarly insecure, only more "obscure" than GET. I also looked into HTTPS, but Hostgator requires extra money for HTTPS use. I am in need of some advice - are there any custom solutions I can do to implement this?

    Read the article

  • What is meant by "no password set" for root account (and otthers)?

    - by MMA
    Several years back, we were more accustomed to changing to the root account using the su command. First, we switched to the root account, and then executed those root commands. Now we are more accustomed to using the sudo command. But we know that the root account is there. We can readily find the home directory of user root. $ ls -ld /root/ drwx------ 18 root root 4096 Oct 22 17:21 /root/ Now my point is, it is stated that "the root password in Ubuntu is left unset". Please see the answers to this question. Most of the answers have something to this effect in the first paragraph. One or two answers further state that "the account is left disabled". Now my (primary) questions are, What is meant by an unset password? Is it blank? Is it null? Or something else more cryptic? How does the account becomes enabled once I set password for it? (sudo password root) In order get a better understanding, I checked the /etc/shadow file. Since I have already set a password for the root account, I can no longer see what is there (encrypted password). So, I created another account and left it disabled. The corresponding entry in the /etc/shadow file is, testpassword:!:16020:0:99999:7::: Now perhaps my above queries need to be changed to, what does an ! in password field mean? Other encrypted passwords are those very long cryptic strings. How come this encrypted form is only one character long? And does an account become disabled if I put an ! in the (encrypted) password field?

    Read the article

  • is it possible to have duplicated folders on /home folder new partition as an error?

    - by ranna
    i move my home directory to it's own partition but i end with what it seems to be a duplicated home folders (there are 2 accounts admin and everyones account) i have "admin and everyones" folders and then i have in hide ".ecryptfs" inside i had again "admin and everyones" folder inside there is .encryptfs and .private inside each account cant read it's content as seems encrypted. which of both folders im able to delete the ones inside .encryptfs or the other showing in unhide mode "admin and everyones"? it seems is dulpicated as have the same file size.

    Read the article

  • Why the cryptographic key was not provided at ubuntu 12.04 first run?

    - by user64720
    So I installed Ubuntu 12.04 a few days ago and strangely I missed the part where we choose to encrypt home folder. However I already ran the commands on this question (How to check if your home folder and swap partition are encrypted using terminal?) to check if home folder and swap partition are encrypted and they are. So why is that Ubuntu did not provide me the cryptographic key the same way it happened when I installed Ubuntu 11.04???

    Read the article

  • How to hide assets from user? ( e.g.: a png file )

    - by burninggramma
    I think the title is quite self-explaining, still this is a big area I think, so let me drop a few words: I've got a simple experiment game project going, and I want to make sure, that the user isn't messing with the game assets like player skin etc. In my opinion the best way would be that on production I would merge all the assets into one file and the application would check the hash of that file, so it could detect the corrupted data. Is this an acceptable practice? There must be sum libraries / applications which are targeting this problem, could you guide me on this? Project details: unix/linux, c++, sdl

    Read the article

  • Java NIO (Netty): How does Encryption or GZIPping work in theory (with filters)

    - by Tom
    Hello Experts, i would be very thankfull if you can explain to me, how in theory the "Interceptor/Filter" Pattern in ByteStreams (over Sockets/Channels) work (in Asynchronous IO with netty) in regard to encryption or compression of data. Given I have a Filter that does GZIPPING. How is this internally implemented? Does the Filter "collect" so many bytes form the channel, that this is a usefull number of bytes that can then be en/decoded? What is in general the minimal "blocksize(data to encode/decode in a chunk)" of socket based gzipping? Does this "blocksize" have to be negotiated in advance between server and client? What happens if the client does not send enough data to "fill" the blocksize (due to a network conquestion) but does not close the connection. Does this mean the other side will simply wait until it gets enough bytes to decode or until a timeout occoures...How is the Filter pattern the applied? The compression filter will de/compress the blocksize of bytes and then store them again in the same buffer would (in the case of netty) i normally be using the ChannelHanlderContext to pass the de/encoded data to the next filter?... Any explanations/links/tutorials (for beginners;-) will be very much appreciated to help me understand how for example encryption/compressing are implemented in socket based communication with filters/interceptor pattern. thank you very much tom

    Read the article

  • ASP.NET 2.0 RijndaelManaged encryption algorithm vs. FIPS

    - by R Rush
    I'm running into an issue with an ASP.NET 2.0 application. Our network folks just upped our security, and now I get the floowing error whenever I try to access the app: "This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms." I've done a little research, and it sounds like ASP.NET uses the RijndaelManaged AES encryption algorithm to encrypt the ViewState of pages... and RijndaelManaged is on the list of algorithms that aren't FIPS compliant. We're certainly not explicitly calling any encryption algorithm... much less anything on the non-compliant list. This ViewState business makes sense to me, I guess. The thing I can't muddle out, though, is what to do about it. I've found a KB article that suggests using a web.config setting to specify a different algorithm... but either that didn't stick, or that algorithm isn't up to snuff, either. So: 1) Is the RijndaelManaged / ViewState thing actually the problem? Or am I barking up the wrong tree? 2) How to I specify what algorithm to use instead of RijndaelManaged? I've got a list of algorithms that are and aren't compliant; I'm just not sure where to plug that information in. Thanks! Richard

    Read the article

  • SHA512 vs. Blowfish and Bcrypt

    - by Chris
    I'm looking at hashing algorithms, but couldn't find an answer. Bcrypt uses Blowfish Blowfish is better than MD5 Q: but is Blowfish better than SHA512? Thanks.. Update: I want to clarify that I understand the difference between hashing and encryption. What prompted me to ask the question this way is this article, where the author refers to bcrypt as "adaptive hashing" http://chargen.matasano.com/chargen/2007/9/7/enough-with-the-rainbow-tables-what-you-need-to-know-about-s.html Since bcrypt is based on Blowfish, I was led to think that Blowfish is a hashing algorithm. If it's encryption as answers have pointed out, then seems to me like it shouldn't have a place in this article. What's worse is that he's concluding that bcrypt is the best. What's also confusing me now is that the phpass class (used for password hashing I believe) uses bcrypt (i.e. blowfish, i.e. encryption). Based on this new info you guys are telling me (blowfish is encryption), this class sounds wrong. Am I missing something?

    Read the article

  • Diffie-Hellman in Silverlight

    - by cmaduro
    I am trying to devise a security scheme for encrypting the application level data between a silverlight client, and a php webservice that I created. Since I am dealing with a public website the information I am pulling from the service is public, but the information I'm submitting to the webservice is not public. There is also a back end to the website for administration, so naturally all application data being pushed and pulled from the webservice to the silverlight administration back end must also be encrypted. Silverlight does not support asymmetric encryption, which would work for the public website. Symmetric encryption would only work on the back end because users do not log in to the public website, so no password based keys could be derived. Still symmetric encryption would be great, but I cannot securely save the private key in the silverlight client. Because it would either have to be hardcoded or read from some kind of config file. None of that is considered secure. So... plan B. My final alternative would be then to implement the Diffie-Hellman algorithm, which supports symmetric encryption by means of key agreement. However Diffie-Hellman is vulnerable to man-in-the-middle attacks. In other words, there is no guarantee that either side is sure of each others identity, making it possible for communication to be intercepted and altered without the receiving party knowing about it. It is thus recommended to use a private shared key to encrypt the key agreement handshaking, so that the identity of either party is confirmed. This brings me back to my initial problem that resulted in me needing to use Diffie-Hellman, how can I use a private key in a silverlight client without hardcoding it either in the code or an xml file. I'm all out of love on this one... is there any answer to this?

    Read the article

  • C++ .NET DLL vs C# Managed Code ? (File Encrypting AES-128+XTS)

    - by Ranhiru
    I need to create a Windows Mobile Application (WinMo 6.x - C#) which is used to encrypt/decrypt files. However it is my duty to write the encryption algorithm which is AES-128 along with XTS as the mode of operation. RijndaelManaged just doesn't cut it :( Very much slower than DES and 3DES CryptoServiceProviders :O I know it all depends on how good I am at writing the algorithm in the most efficient way. (And yes I my self have to write it from scratch but i can take a look @ other implementations) Nevertheless, does writing a C++ .NET DLL to create the encryption/decryption algorithm + all the file handling and using it from C# have a significant performance advantage OVER writing the encryption algorithm + file handling in completely managed C# code? If I use C++ .NET to create the encryption algorithm, should I use MFC Smart Device DLL or ATL? What is the difference and is there any impact on which one I choose? And can i just add a reference to the C++ DLL from C# or should I use P/Invoke? I am fairly competent with C# than C++ but performance plays a major role as I have convinced my lecturers that AES is a very efficient cryptographic algorithm for resource constrained devices. Thanx a bunch :)

    Read the article

  • User based BitLocker Drive Encryption

    - by Starx
    While Unlocking a Encrypted Drive.. It is possible for that drive to be unlocked for only the particular user and not all other users who use the system. For example, there are two users... User1 and User2, user1 unlocked a encrypted drive, now he locks the desktop and user2 comes and open the system from his account. Now, user2 also can access the drive which user1 unlocked. User2 must not be able to open the drive. If he has the password the the drive then he might have access but not before that.

    Read the article

  • Encryption of OS X to Windows SMB traffic and password

    - by Brian
    I connected to a Windows Server 2008 R2 shared folder from a Mac OS X Mountain Lion computer over the Internet using this command: mount -t smbfs //user@server/path/to/share local_folder Is traffic encrypted by default? What settings do I look at (if any) to know whether it was encrypted? If it wasn't encrypted, what's the easiest way to encrypt it? Was the password I typed at the command line encrypted? Update: sysadmin1138 has addressed the password question. Does anyone know how I can tell if the traffic itself is being encrypted?

    Read the article

  • Mac OS X Lion (10.7) Drive Encryption

    - by Skoota
    My iMac has two drives (a 256 GB solid-state drive, and regular 2 TB hard drive). The Mac OS X Lion system is installed on the solid-state drive and, like many other users, I have moved my user profile folder onto the secondary 2 TB drive. However, as you may be aware, FileVault 2 on Mac OS X Lion (10.7) only encrypts the system drive. This leaves my data drive (containing my user profile folder, with all of my data) unencrypted. I am aware that work arounds for this issue exist (such as https://github.com/jridgewell/Unlock) but I am not happy with the results since they involve decrypting the data drive on startup using a LaunchDaemon (before any users have logged into the computer) essentially meaning that any user who logs onto the computer will see the unencrypted drive. I would like a method which will only unencrypted the data when an authorised user logs into the computer. As such, is there a way to do one of the following? Encrypt the entire data drive and only decrypt the drive when an authorised user logs into the computer. This would be equivalent behaviour to the Lion FileVault 2 feature, but on a secondary drive rather than the system drive. Encrypt only the user profile folder on the data drive, and only decrypt the folder when the user logs into the computer. This would be equivalent to the behaviour of FileVault 1 on previous versions of Mac OS X? I am happy to pay for a commercial third-party product that provides the required feature(s), but I have not yet been able to find one. Thanks in advance for any assistance.

    Read the article

  • Digital signatures and encryption in GMail

    - by Antonio
    I just wonder if there is a way to use SSL certificates or PGP keys for signing my email. At the moment I have to setup S/MIME in Outlook (or another thick client) to send signed messages via SMTP. It works for me, but I'm looking for a way to do the same using GMail's web interface.

    Read the article

  • Windows folder encryption

    - by Razor
    My situation I know that bitlocker is meant to encrypt whole drives, but I have an hard drive that is already fully partitioned and containing data. I'd like to encrypt part of one partition, leaving the rest of the partition accessible. I would very much like to avoid programs like Norton partition magic (which resize/split partitions), because every time I used them I had problems with the data stored. Question Is there any way/builtin alternative/3rd party app that integrates with windows login to encrypt one subset of a partition? EDIT I heard horror stories about EFS, which is why I don't want to use it, unless there have been improvements on reliability with windows 8. Some highlights from that article: In fact I’ve only used EFS twice in the last ten years on my own computers and on both occasions I’ve lost files and documents. I therefore cannot recommend you ever encrypt your files with this Windows feature. Unfortunately, because of incompatibilities with some differing versions of EFS files can end up scrambled and unrecoverable.

    Read the article

  • Bitlocker folder encryption

    - by Razor
    My situation I know that bitlocker is meant to encrypt whole drives, but I have an hard drive that is already fully partitioned and containing data. I'd like to encrypt part of one partition, leaving the rest of the partition accessible. I would very much like to avoid programs like Norton partition magic (which resize/split partitions), because every time I used them I had problems with the data stored. Question Is there any way/builtin alternative/3rd party app that integrates with windows login to encrypt one subset of a partition? EDIT I heard horror stories about EFS, which is why I don't want to use it. Some highlights from that article: In fact I’ve only used EFS twice in the last ten years on my own computers and on both occasions I’ve lost files and documents. I therefore cannot recommend you ever encrypt your files with this Windows feature. Unfortunately, because of incompatibilities with some differing versions of EFS files can end up scrambled and unrecoverable.

    Read the article

  • SIMPLE OpenSSL RSA Encryption in C/C++ is causing me headaches

    - by Josh
    Hey guys, I'm having some trouble figuring out how to do this. Basically I just want a client and server to be able to send each other encrypted messages. This is going to be incredibly insecure because I'm trying to figure this all out so I might as well start at the ground floor. So far I've got all the keys working but encryption/decryption is giving me hell. I'll start by saying I am using C++ but most of these functions require C strings so whatever I'm doing may be causing problems. Note that on the client side I receive the following error in regards to decryption. error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed I don't really understand how padding works so I don't know how to fix it. Anywho here are the relevant variables on each side followed by the code. Client: RSA *myKey; // Loaded with private key // The below will hold the decrypted message unsigned char* decrypted = (unsigned char*) malloc(RSA_size(myKey)); /* The below holds the encrypted string received over the network. Originally held in a C-string but C strings never work for me and scare me so I put it in a C++ string */ string encrypted; // The reinterpret_cast line was to get rid of an error message. // Maybe the cause of one of my problems? if(RSA_private_decrypt(sizeof(encrypted.c_str()), reinterpret_cast<const unsigned char*>(encrypted.c_str()), decrypted, myKey, RSA_PKCS1_OAEP_PADDING)==-1) { cout << "Private decryption failed" << endl; ERR_error_string(ERR_peek_last_error(), errBuf); printf("Error: %s\n", errBuf); free(decrypted); exit(1); } Server: RSA *pkey; // Holds the client's public key string key; // Holds a session key I want to encrypt and send //The below will hold the encrypted message unsigned char *encrypted = (unsigned char*)malloc(RSA_size(pkey)); // The reinterpret_cast line was to get rid of an error message. // Maybe the cause of one of my problems? if(RSA_public_encrypt(sizeof(key.c_str()), reinterpret_cast<const unsigned char*>(key.c_str()), encrypted, pkey, RSA_PKCS1_OAEP_PADDING)==-1) { cout << "Public encryption failed" << endl; ERR_error_string(ERR_peek_last_error(), errBuf); printf("Error: %s\n", errBuf); free(encrypted); exit(1); } Let me once again state, in case I didn't before, that I know my code sucks but I'm just trying to establish a framework for understanding this. I'm sorry if this offends you veteran coders. Thanks in advance for any help you guys can provide!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25  | Next Page >