Search Results

Search found 68155 results on 2727 pages for 'data security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 277/2727 | < Previous Page | 273 274 275 276 277 278 279 280 281 282 283 284  | Next Page >

  • Can resources be extracted from a compiled iPhone app? If yes, how can they be secured?

    - by Charles S.
    Can resources be extracted from a compiled iPhone app that is released to the iTunes store? I'm particularly interested in the security of XML files... if I have copyrighted data in an XML document in my resource directory, how likely is it for someone to extract that information and paste it around the internet? If it's as easy as using a resource editor, how can that data be secured?

    Read the article

  • Cannot execute "LOAD DATA LOCAL INFILE" Mysql query in Rails after a connection reconnection

    - by Ngan
    On Rails 2.3.8 (but I think Rails 3 might have this issue as well, not sure): I get an error when trying to execute a LOAD DATA LOCAL INFILE query after reconnecting to a database. I have a process that parses a file that can potentially take a bit of time. During the parsing, Mysql closes the connection due to timeout. This is fine, I do a ActiveRecord::Base.verify_active_connections! and I get the connection back (I do this in several places through my app). However, running a LOAD DATA LOCAL INFILE statement, I get this error: Mysql::Error: The used command is not allowed with this MySQL version It's not a permission issue, I know that for sure. Check out my test in console: ActiveRecord::Base.connection.execute("LOAD DATA LOCAL INFILE '/tmp/test.infile' INTO TABLE users") [Sat Jan 08 00:09:29 2011] (9990) SQL (1.7ms) LOAD DATA LOCAL INFILE '/tmp/test.infile' INTO TABLE users => nil > ActiveRecord::Base.connection.disconnect! => #<Mysql:0x104c6f890> > ActiveRecord::Base.verify_active_connections! [Sat Jan 08 00:09:58 2011] (9990) SQL (0.2ms) SET SQL_AUTO_IS_NULL=0 => {...connection stuff...} > ActiveRecord::Base.connection.execute("LOAD DATA LOCAL INFILE '/tmp/test.infile' INTO TABLE users") [Sat Jan 08 00:10:00 2011] (9990) SQL (0.0ms) Mysql::Error: The used command is not allowed with this MySQL version: LOAD DATA LOCAL INFILE '/tmp/test.infile' INTO TABLE users ActiveRecord::StatementInvalid: Mysql::Error: The used command is not allowed with this MySQL version: LOAD DATA LOCAL INFILE '/tmp/test.infile' INTO TABLE users from ~/gems/activerecord-2.3.8/lib/active_record/connection_adapters/abstract_adapter.rb:221:in `log' from ~/gems/activerecord-2.3.8/lib/active_record/connection_adapters/mysql_adapter.rb:323:in `execute' from (irb):6 I am able to do other queries like SELECT and whatnot, and I will get the correct result. It's just this one that giving me the error. I even tested this with a fresh rails app. You'll notice that I am able to do the exact same query before the disconnect. Thanks for the help!

    Read the article

  • Whats a valid strategy for a secure image upload from a flash client?

    - by WillyCornbread
    Hi all - I'm creating a flash application that will post images to a url for saving to disk/display later. I was wondering what are some suggested strategies for making this secure enough so that the upload is verified as coming from the application and not just some random form post. Is it reliable enough to check referring location realizing that I don't need bulletproof security, or perhaps setting authentication headers is a better strategy even though it seems unreliable from what I have read. Thanks for any advice - b

    Read the article

  • PHPSecurityScanner & SpikePHPSecAudit - How do I?

    - by 01010011
    Hi, How do I run PHP Security Scanner and SpikePHPSecAudit? I've already extracted them at the root of my website and thought it could be run like phpSecInfo where you just navigate to www.mySite.com/phpsecinfo/index.php Any assistance will be appreciated. ps I am using Windows XP and XAMPP

    Read the article

  • How to change granted role temporarily to achieve "view the site as" someone else

    - by Roy Chan
    Hi Gurus, We are using 2.x spring security right now. I am asked to build an admin tool so that the ROLE_ADMIN can change to any user in the site and view the site as that person (each person on the site may see different stuff depending on the role which is dynamically granted base on the database) and of course the admin should be able to switch back to admin without logging in. Is there a build in function, if not how should I do this? Thanks in advance!

    Read the article

  • Best way for user authentication on JavaEE 6 using JSF 2.0?

    - by ngeek
    I'm wondering what the current state of art recommendation is regarding user authentication for a web application making use of JSF 2.0 (and if any components do exist) and JEE6 core mechanisms (login/check permissions/logouts) with user information hold in a JPA entity. The Sun tutorial is a bit sparse on this (only handles servlets). This is without making use of a whole other framework, like Spring-Security (acegi), or Seam, but trying to stick hopefully with the new Java EE 6 platform (web profile) if possible. Thanks, Niko

    Read the article

  • Authentication and authorization for RESTfull API (java jersery)

    - by abovesun
    Hi, implementing service something similar with tinyurl or bit.ly, I'm would like to expose service as API, I'm using java and jersey as RESTfull service implementation. I'm looking for simplest way for authentification of users who use API, OAuth is first thing coming in mind, but the problem is I don't need this 3 iteration calls with request token query, than access token query with callback url passing. I just need to give user ability to invoke api with no additional security calls to my server.

    Read the article

  • Improving performance on data pasting 2000 rows with validations

    - by Lohit
    I have N rows (which could be nothing less than 1000) on an excel spreadsheet. And in this sheet our project has 150 columns like this: Now, our application needs data to be copied (using normal Ctrl+C) and pasted (using Ctrl+V) from the excel file sheet on our GUI sheet. Copy pasting 1000 records takes around 5-6 seconds which is okay for our requirement, but the problem is when we need to make sure the data entered is valid. So we have to validate data in each row generate appropriate error messages and format the data as per requirement. So we need to at runtime parse and evaluate data in each row. Now all the formatting of data and validations come from the back-end database and we have it in a data-table (dtValidateAndFormatConditions). The conditions would be around 50. So you can see how slow this whole process becomes since N X 150 X 50 operations are required to complete this whole process. Initially it took approximately 2-3 minutes but now i have reduced it to 20 - 30 seconds. However i have increased the speed by making an expression parser of my own - and not by any algorithm, is there any other way i can improve performance, by using Divide and Conquer or some other mechanism. Currently i am not really sure how to go about this. Here is what part of my code looks like: public virtual void ValidateAndFormatOnCopyPaste(DataTable DtCopied, int CurRow) { foreach (DataRow dRow in dtValidateAndFormatConditions.Rows) { string Condition = dRow["Condition"]; string FormatValue = Value = dRow["Value"]; GetValidatedFormattedData(DtCopied,ref Condition, ref FormatValue ,iRowIndex); Condition = Parse(Condition); dRow["Condition"] = Condition; FormatValue = Parse(FormatValue ); dRow["Value"] = FormatValue; } } The above code gets called row-wise like this: public override void ValidateAndFormat(DataTable dtChangedRecords, CellRange cr) { int iRowStart = cr.Row, iRowEnd = cr.Row + cr.RowCount; for (int iRow = iRowStart; iRow < iRowEnd; iRow++) { ValidateAndFormatOnCopyPaste(dtChangedRecords,iRow); } } Please know my question needs a more algorithmic solution than code optimization, however any answers containing code related optimizations will be appreciated as well. (Tagged Linq because although not seen i have been using linq in some parts of my code).

    Read the article

  • Spring MVC -> Wicket Integration

    - by Jeff
    Hey everyone, I'm working on porting part of an existing Spring MVC application over to Wicket. I used the wicket-spring library to get the initial integration working, but now I'm stuck with the best way to integrate my Spring Security implementation. I was wondering if anyone could give me some advice on the best way to handle this. Thanks in advance for the help.

    Read the article

  • Is there a .NET equivalent of WebGoat

    - by PJB
    Looking at this question the OWASP WebGoat project looks like a great way to learn about web security. Although the principles will equally to .NET applications I would prefer to use .NET based application. Does anybody know of a suitable .NET alternative?

    Read the article

  • How to restrict code from developers

    - by Kelvin
    My company is planning in hiring outsourcers to work for us, but concerned to give whole existing code to outside world. What is the proper way to deal with security of sharing code in such cases? Is it possible to restrict part of code for developers? So each of them could work on their project without having access to whole repository. P.S. The code we have is very integrated, and its hard to extract "one module", each module can use files from different locations. Thanks in advance

    Read the article

  • Recent OpenSLL book

    - by Martin
    Does anyone know of a more recent OpenSLL book then Network Security with OpenSSL: Cryptography for Secure Communications (http://www.opensslbook.com/). It is from 2002 and does not cover OpenSSL version 0.97+. Best would be a book for OpenSSL 1.0.0 but I guess that one is to recent.

    Read the article

  • Using @Secured Annotation causes IS_FULLY_AUTHENTICATED problem in grails

    - by TripWired
    I'm using Acegi/Spring Security in grails and when i use the annotations like @Secured(['ROLE_ADMIN']) it denies my login even though the user is part of ROLE_ADMIN. In looking through the login is it seems that it's getting an IS_AUTHENTICATED_FULLY role also but I have never added that to a page so i'm not sure how to bypass that. I read somewhere to preauthorize the user, but i'm not sure how to do that with grails.

    Read the article

  • Rewriting Live TCP/IP (Layer 4) (i.e. Socket Layer) Streams

    - by user213060
    I have a simple problem which I'm sure someone here has done before... I want to rewrite Layer 4 TCP/IP streams (Not lower layer individual packets or frames.) Ettercap's etterfilter command lets you perform simple live replacements of Layer 4 TCP/IP streams based on fixed strings or regexes. Example ettercap scripting code: if (ip.proto == TCP && tcp.dst == 80) { if (search(DATA.data, "gzip")) { replace("gzip", " "); msg("whited out gzip\n"); } } if (ip.proto == TCP && tcp.dst == 80) { if (search(DATA.data, "deflate")) { replace("deflate", " "); msg("whited out deflate\n"); } } http://ettercap.sourceforge.net/forum/viewtopic.php?t=2833 I would like to rewrite streams based on my own filter program instead of just simple string replacements. Anyone have an idea of how to do this? Is there anything other than Ettercap that can do live replacement like this, maybe as a plugin to a VPN software or something? I would like to have a configuration similar to ettercap's silent bridged sniffing configuration between two Ethernet interfaces. This way I can silently filter traffic coming from either direction with no NATing problems. Note that my filter is an application that acts as a pipe filter, similar to the design of unix command-line filters: >[eth0] <----------> [my filter] <----------> [eth1]< What I am already aware of, but are not suitable: Tun/Tap - Works at the lower packet layer, I need to work with the higher layer streams. Ettercap - I can't find any way to do replacements other than the restricted capabilities in the example above. Hooking into some VPN software? - I just can't figure out which or exactly how. libnetfilter_queue - Works with lower layer packets, not TCP/IP streams. Again, the rewriting should occur at the transport layer (Layer 4) as it does in this example, instead of a lower layer packet-based approach. Exact code will help immensely! Thanks!

    Read the article

  • How to test a site rigorously?

    - by Sarfraz
    Hello, I recently created a big portal site. It's time for putting it to test. How do you guys test a site rigorously? What are the ways and tools for that? Can we sort of mimic hundreds of virtual users visiting the site to see its load handling? The test should be for both security and speed Thanks in advance.

    Read the article

  • Is there a current OpenSSL book?

    - by Martin
    Does anyone know of a more recent OpenSSL book than "Network Security with OpenSSL: Cryptography for Secure Communications" (http://www.opensslbook.com/)? It is from 2002 and does not cover OpenSSL version 0.97+. Best would be a book for OpenSSL 1.0.0 but I guess that one is too recent.

    Read the article

  • BULK INSERT from one table to another all on the server

    - by steve_d
    I have to copy a bunch of data from one database table into another. I can't use SELECT ... INTO because one of the columns is an identity column. Also, I have some changes to make to the schema. I was able to use the export data wizard to create an SSIS package, which I then edited in Visual Studio 2005 to make the changes desired and whatnot. It's certainly faster than an INSERT INTO, but it seems silly to me to download the data to a different computer just to upload it back again. (Assuming that I am correct that that's what the SSIS package is doing). Is there an equivalent to BULK INSERT that runs directly on the server, allows keeping identity values, and pulls data from a table? (as far as I can tell, BULK INSERT can only pull data from a file) Edit: I do know about IDENTITY_INSERT, but because there is a fair amount of data involved, INSERT INTO ... SELECT is kinda of slow. SSIS/BULK INSERT dumps the data into the table without regards to indexes and logging and whatnot, so it's faster. (Of course creating the clustered index on the table once it's populated is not fast, but it's still faster than the INSERT INTO...SELECT that I tried in my first attempt) Edit 2: The schema changes include (but are not limited to) the following: 1. Splitting one table into two new tables. In the future each will have its own IDENTITY column, but for the migration I think it will be simplest to use the identity from the original table as the identity for the both new tables. Once the migration is over one of the tables will have a one-to-many relationship to the other. 2. Moving columns from one table to another. 3. Deleting some cross reference tables that only cross referenced 1-to-1. Instead the reference will be a foreign key in one of the two tables. 4. Some new columns will be created with default values. 5. Some tables aren’t changing at all, but I have to copy them over due to the "put it all in a new DB" request.

    Read the article

  • Is it possible to create a FIPS 140-2 compliant server in Perl?

    - by Nayruden
    The question is pretty simple, is it possible to create a FIPS 140-2 compliant server in Perl? Especially, is it possible without modifying any of the C code for the modules? If it's not possible in straight Perl, what would be the easiest way to go about it from a C perspective? I'm basically creating a mini-httpd that only serves up a single file, but due to security restrictions it needs to be served up on SSL under FIPS compliance.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 273 274 275 276 277 278 279 280 281 282 283 284  | Next Page >