Search Results

Search found 1485 results on 60 pages for 'encrypted'.

Page 28/60 | < Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >

  • Online Password Security Tactics

    - by BuckWoody
    Recently two more large databases were attacked and compromised, one at the popular Gawker Media sites and the other at McDonald’s. Every time this kind of thing happens (which is FAR too often) it should remind the technical professional to ensure that they secure their systems correctly. If you write software that stores passwords, it should be heavily encrypted, and not human-readable in any storage. I advocate a different store for the login and password, so that if one is compromised, the other is not. I also advocate that you set a bit flag when a user changes their password, and send out a reminder to change passwords if that bit isn’t changed every three or six months.    But this post is about the *other* side – what to do to secure your own passwords, especially those you use online, either in a cloud service or at a provider. While you’re not in control of these breaches, there are some things you can do to help protect yourself. Most of these are obvious, but they contain a few little twists that make the process easier.   Use Complex Passwords This is easily stated, and probably one of the most un-heeded piece of advice. There are three main concepts here: ·         Don’t use a dictionary-based word ·         Use mixed case ·         Use punctuation, special characters and so on   So this: password Isn’t nearly as safe as this: P@ssw03d   Of course, this only helps if the site that stores your password encrypts it. Gawker does, so theoretically if you had the second password you’re in better shape, at least, than the first. Dictionary words are quickly broken, regardless of the encryption, so the more unusual characters you use, and the farther away from the dictionary words you get, the better.   Of course, this doesn’t help, not even a little, if the site stores the passwords in clear text, or the key to their encryption is broken. In that case…   Use a Different Password at Every Site What? I have hundreds of sites! Are you kidding me? Nope – I’m not. If you use the same password at every site, when a site gets attacked, the attacker will store your name and password value for attacks at other sites. So the only safe thing to do is to use different names or passwords (or both) at each site. Of course, most sites use your e-mail as a username, so you’re kind of hosed there. So even though you have hundreds of sites you visit, you need to have at least a different password at each site.   But it’s easier than you think – if you use an algorithm.   What I’m describing is to pick a “root” password, and then modify that based on the site or purpose. That way, if the site is compromised, you can still use that root password for the other sites.   Let’s take that second password: P@ssw03d   And now you can append, prepend or intersperse that password with other characters to make it unique to the site. That way you can easily remember the root password, but make it unique to the site. For instance, perhaps you read a lot of information on Gawker – how about these:   P@ssw03dRead ReadP@ssw03d PR@esasdw03d   If you have lots of sites, tracking even this can be difficult, so I recommend you use password software such as Password Safe or some other tool to have a secure database of your passwords at each site. DO NOT store this on the web. DO NOT use an Office document (Microsoft or otherwise) that is “encrypted” – the encryption office automation packages use is very trivial, and easily broken. A quick web search for tools to do that should show you how bad a choice this is.   Change Your Password on a Schedule I know. It’s a real pain. And it doesn’t seem worth it…until your account gets hacked. A quick note here – whenever a site gets hacked (and I find out about it) I change the password at that site immediately (or quit doing business with them) and then change the root password on every site, as quickly as I can.   If you follow the tip above, it’s not as hard. Just add another number, year, month, day, something like that into the mix. It’s not unlike making a Primary Key in an RDBMS.   P@ssw03dRead10242010   Change the site, and then update your password database. I do this about once a month, on the first or last day, during staff meetings. (J)   If you have other tips, post them here. We can all learn from each other on this.

    Read the article

  • Gnome Keyring keeps asking for a password that doesn't exist

    - by Chris Wilson
    When ever I long into Ubuntu, I'm immediately presented with a dialogue that asks me to enter the password that will unlock Gnome Keyring, however I was never prompted to set this in the first place, and none of the passwords I've tried are effective. How can I disable these popups and just have Gnome Keyring unlocked when I log in in the same way that encrypted home directories are automatically mounted upon log in. FWIW, I'm set to auto log in, which may or may not be useful information. Btw, I've seen this question, and the accepted answer didn't work. I'd rather not uninstall Keyring Update 1: I've disabled automatic login but it still appears.

    Read the article

  • SQL SERVER – Beginning New Weekly Series – Memory Lane – #001

    - by pinaldave
    I am introducing a new series today.  This series is called “Memory Lane.”  From the last six years and 2,300 articles, there are fantastic articles I keep revisiting.  Sometimes when I read old blog posts I think I should have included something or added a bit more to the topic.  But for many articles, I still feel they are fantastic (even after six years) and could be read again and again. I have also found that after six years of blogging, readers will write to me and say “Pinal, why don’t you write about X, Y or Z.”  The answer is: I already did!  It is here on the blog, or in the comments, or possibly in one of my books.  The solution has always been there, it is simply a matter of finding it and presenting it again.  That is why I have created Memory Lane.  I will be listing the best articles from the same week of the past six years.  You will find plenty of reading material every Saturday from articles of SQLAuthority past. Here is the list of curetted articles of SQLAuthority.com across all these years. Instead of just listing all the articles I have selected a few of my most favorite articles and have listed them here with additional notes below it. Let me know which one of the following is your favorite article from memory lane. 2006 Query to Display Foreign Key Relationships and Name of the Constraint for Each Table in Database My blogging journey began with this blog post. As many of you know my journey began with creating a repository of my scripts. This was very first script which I had written to find out foreign key relationship and constraints. The same query was updated later on using the new SYS schema modification in SQL Server. Version 1: Using sys.schema Version 2: Using sys.schema and additional columns 2007 Milestone Posts – 1 Year (365 blogs) and 1 Million Views When I reached 1st week of Nov in 2007 SQLAuthority.com blog had around 365 blog posts and 1 Million Views. I was not obsessed with the statistics before but this was indeed an interesting moment for me as I was blogging for myself and did not realize that so many people are reading my blog. In year 2006 there were not many bloggers so blogging was new to me as well. I was learning it as I go. 2008 Stored Procedure WITH ENCRYPTION and Execution Plan If you have stored procedure and its code is encrypted when you execute it what will be displayed in the execution plan. There are two kinds of execution plans 1) Estimated and 2) Actual. It will be indeed interesting to know what is displayed in both the cases when Stored Procedure is encrypted. What is your guess? Now go ahead and click on here and figure out your answer. If the user is not able to login into SQL Server due to any error or issues there were two different blog post addresses the same issue here and here. 2009 It seems like Nov is the month of SQLPASS month. In 2009 on the same week I was in USA attending SQLPASS event. I had a fantastic experience attending the event. Here are the blog posts covering the subject Day 1, Day 2, Day 3, Day 4 2010 Finding the last backup time for all the databases This little script is very powerful and instantly gives details when was the last time your database backup performed. If you are reading this blog post – I say just go ahead and check if everything is alright on your server and you have all the necessary latest backup. It is better to be safe than sorrow. Version 1: Above script was improved to get more details about the database Version 2: This version of the script will include pretty much have all the backup related information in a single script. Do not miss to save it for future use. Are you a Database Administrator or a Database Developer? Three years ago I created a very small survey and the results which I have received are very interesting. The question was asking what is the profile of the visitor of that blog post and I noticed that DBA and Developers have balanced with little inclination towards Developers. Have you voted so far? If not, go ahead! 2011 New Book Released – SQL Server Interview Questions And Answers One year ago, on November 3, 2011 I published my book SQL Server Interview Questions and Answers.  The book has a lot of great reviews, and we have even received emails telling us this book was a life changer because it helped get them a great new job.  I don’t think anyone can get a job just from my book.  It was the individual who studied hard and took it seriously, and was determined to learn something new.  The book might have helped guide them and show them the topics to study, but they spent their own energy on it.  It was their own skills that helped them pass the exam. So, in this very first installment, I would like to thank the readers for accepting our book, for giving it great reviews and for using it and sharing it.  Our goal in writing this book was to help others, and it seems like we succeeded. Reference: Pinal Dave (http://blog.sqlauthority.com) Filed under: Memory Lane, PostADay, SQL, SQL Authority, SQL Query, SQL Server, SQL Tips and Tricks, T SQL, Technology

    Read the article

  • how to set owner and permission to a cryptsetup made device?

    - by Antoine Rodriguez
    I have an encrypted loopback volume. I need to mount and umount manually the volume so I use cryptsetup luksOpen and cryptsetup luksClose . However, When I invoke this command it pops up the /dev/mapper device under all the sessions under gnome/xfce/kde/unity ... And then it let the user to mount (with password), expulse and unmount the volume. It's quite annoying in a multi user server (you are working on your files and the volume is being unmounted). How can I define ownership and permission on the device ? I've tried chown and chmod approach witch gives nothing. Cryptsetup doesn't have any options that let you do that. crypttab auto mount the filesystem on boot witch is unwanted (only manual mount)

    Read the article

  • Protecting PDF files and XDO.CFG

    - by Greg Kelly
    Protecting PDF files and XDO.CFG Security related properties can be overridden at runtime through PeopleCode as all other XMLP properties using the SetRuntimeProperties() method on the ReportDefn class. This is documented in PeopleBooks. Basically this method need to be called right before calling the processReport() method: . . &asPropName = CreateArrayRept("", 0); &asPropValue = CreateArrayRept("", 0); &asPropName.Push("pdf-open-password"); &asPropValue.Push("test"); &oRptDefn.SetRuntimeProperties(&asPropName, &asPropValue); &oRptDefn.ProcessReport(&sTemplateId, %Language_User, &dAsOfDate, &sOutputFormat); Of course users should not hardcode the password value in the code, instead, if password is stored encrypted in the database or somewhere else, they can use Decrypt() api

    Read the article

  • No space on device

    - by user170810
    Today I tried to move a huge directory to a common directory for 2 users. I first tried to change the permissions of my home directory. So something happened with my ~/.private directory and the disk was full! I have a 2 TB disk. I cannot make a backup, I cannot even enter graphics mode. Please help. Are there a way to restore my contents without making backup? Even creating ~/Private is impossible -- "no space on the device". I have no Private, and don't tell me that I have erased it, because it is not true. Are there some utilities to restore the files and make them not encrypted?

    Read the article

  • Sharing my home folders with other users on the same PC

    - by Stephen Myall
    After reviewing similar questions on the same subject Im still none the wiser. I want to share my music, pictures and video folders with other users on my pc. I am using 11.10 and will be upgrading to 12.04. The method I have tried is to right click on the folder (as Administrator), select "Sharing Options" check all the necessary fields and give the share a name like "music-shared". Another dialog pops up then and I select "Set nautilus Permissions". When the other user logs on they go to their Home folder click on the network and can see the "music-shared" folder, but they get a message that the do not have the necessary permissions to view the content. Im sure I'm missing something simple. My Home folder is encrypted and i am willing to unencrypt to make this work Unlike other questions on this site, I dont have a partition etc. i would be grateful for any help.

    Read the article

  • Oracle Solaris 11.1 Blog Post Roundup

    - by Larry Wake
    Here are a few recent posts about the also-recent Oracle Solaris 11.1 release: Title Author What's New in Solaris 11.1? Karoly Vegh New ZFS Encryption features in Solaris 11.1 Darren Moffat Solaris 11.1: Encrypted Immutable Zones on (ZFS) Shared Storage Darren Moffat High Resolution Timeouts Steve Sistare Solaris 11.1: Changes to included FOSS packages Alan Coopersmith Documentation Changes in Solaris 11.1 Alan Coopersmith How to Update to Oracle Solaris 11.1 Usingthe Image Packaging System Peter Dennis svcbundle for easier SMF manifest creation Glynn Foster Controlling server configurations with IPS Bart Smallders You can also see Markus Weber's list of interesting posts about Oracle Solaris 11 from last year, or take a look at my shortcut on how to search for Solaris posts by tag. If that's not enough, don't forget to register for next Wednesday's Oracle Solaris 11.1 and Oracle Solaris Cluster 4.1 webcast with a live Q&A. It's November 7th, at 8 AM PT. The last time we did this, we got almost 300 questions, so for Wednesday, we're making sure we've got lots of engineers with fingers poised over their keyboards, ready for action.

    Read the article

  • Convert from EFI to BIOS boot

    - by Lukas F.
    I have a Samsung Notebook NP900X4C with an LUKS encrypted installation of Linux Mint 15 on it. The system is booting in UEFI mode. The problem is that the samsung-notebook kernel module is disabled in UEFI mode and due to that I am missing features like the keyboard backlight. Is it possible to modify the current installtion so it can boot in BIOS mode? Is this correct that the basic steps would be converting the disk from GPT to MBR and installing grub from a live CD? Would this be possible with a LUKS partition?

    Read the article

  • Kubuntu login problem

    - by Balázs Mária Németh
    I have a problem when trying to login to my Kubuntu 10.10. The login screen shows up, then I type my password, a blank screen is shown with my desktop background picture and then throws me back on the login screen. if I choose to login from console, I can do that, and by typing startx I can log in just fine but in the end I cannot shutdown the computer from the k menu nor will my settings remembered for the next time I log back. I have my home directory mounted from a different partition but I tried to create a new user account and I could log in without any kind of problem. The home directory is not encrypted, at least not to my knowledge. Some log files: Xorg.0.log dmesg.out kdm.log xsession.errors

    Read the article

  • "AND Operator" in PAM

    - by d_inevitable
    I need to prevent users from authenticating through Kerberos when the encrypted /home/users has not yet been mounted. (This is to avoid corrupting the ecryptfs mountpoint) Currently I have these lines in /etc/pam.d/common-auth: auth required pam_group.so use_first_pass auth [success=2 default=ignore] pam_krb5.so minimum_uid=1000 try_first_pass auth [success=1 default=ignore] pam_unix.so nullok_secure try_first_pass I am planning to use pam_exec.so to execute a script that will exit 1 if the ecyptfs mounts are not ready yet. Doing this: auth required pam_exec.so /etc/security/check_ecryptfs will lock me out for good if ecryptfs for some reason fails. In such case I would like to at least be able to login with a local (non-kerberos) user to fix the issue. Is there some sort of AND-Operator in which I can say that login through kerberos+ldap is only sufficient if both kerberos authentication and the ecryptfs mount has succeeded?

    Read the article

  • Nginx and Google Appengine Reverse Proxy Security

    - by jmq
    The scenario is that I have a Google compute node running Nginx as a reverse proxy to the google appengine. The appengine is used to service REST calls from an single page application (SPA). HTTPS is used to the Nginx front end from the Internet. Do I also need to make the traffic from the Nginx reverse proxy to the appengine secure by turning on HTTPS on the appengine? I would like to avoid the overhead of HTTPS between the proxy and the backend. My thinking was that once the traffic has arrived at Nginx encrypted, decrypted in Nginx, and then sent via the reverse proxy inside of Google's infrastructure it would be secure. Is it safe in this case to not use HTTPS?

    Read the article

  • How can I disable Hibernate completely?

    - by Lekensteyn
    I have seen the answer on How to disable hibernating?, but I have no such file. Possibly because that suggestion was written for Ubuntu, not Kubuntu (KDE, not Gnome). I do not have a swap on my encrypted SSD, my system freezes (cannot even change Caps Lock) if I accidentally press the "Hibernate" button at "Energy management". My keyboard has a Hibernate button (Fn + F4) next to the volume control buttons and every time I press the wrong key, the system will freeze after. So, what is the correct way to disable it? If there is no solution, a work-around is welcome too.

    Read the article

  • home-folder encryption: Does it work?

    - by jpaugh
    Back when Ubuntu first sported home folder encryption (what, around the time of Jaunty Jackalope?), I opted in. That caused me some grief when I decided to change my login password. I found that I couldn't decrypt my home anymore! In trying to fix this, I eventually muddled things to the point that using my old password didn't work anymore, either. That experience has left me very shy of using an encrypted home directory--nevermind the performance hit of encryption. Has this feature become more "stable" since it came out? Does it break if you change your login password? Has your [more recent] experience been better? (Does it work in Natty Narwhal?)

    Read the article

  • Kubuntu login problem

    - by Balázs Mária Németh
    I have a problem when trying to login to my Kubuntu 10.10. The login screen shows up, then I type my password, a blank screen is shown with my desktop background picture and then throws me back on the login screen. if I choose to login from console, I can do that, and by typing startx I can log in just fine but in the end I cannot shutdown the computer from the k menu nor will my settings remembered for the next time I log back. I have my home directory mounted from a different partition but I tried to create a new user account and I could log in without any kind of problem. The home directory is not encrypted, at least not to my knowledge. Some log files: Xorg.0.log dmesg.out kdm.log xsession.errors

    Read the article

  • Once mounted using TrueCrypt, cannot unmount

    - by zeiger
    I have an external HDD and use TrueCrypt for keeping encrypted file containers. After mounting, whenever I try to dismount a file container (using TrueCrypt 7.0a on Ubuntu 11.04), it just does not happen and I get the following message: device-mapper: remove ioctl failed: Device or resource busy Command failed Further, if I close TrueCrypt and then try to start it again, it says that TrueCrypt is already running, but I cannot access it from the Unity sidebar (because it is not there). Also, if I power down my external HDD, the TrueCrypt volume still shows as one of the mounted volumes, but I cannot do anything with it. Any possible work around? I remember this NOT happening in earlier versions of Ubuntu so I am guessing there is something to do with 11.04. Thanks

    Read the article

  • Become a Vi Master by Learning These 30+ Key Bindings

    - by Chris Hoffman
    Vi is a powerful text editor included on most Linux systems. Many people swear by vi and find it faster than any other editor once they’ve learned its key bindings. You can even use vi key bindings in Bash. We’ve already covered getting started with vi for beginners. If you haven’t used vi in a while, you might want to give that post a look to get a refresher on the basics. How To Customize Your Wallpaper with Google Image Searches, RSS Feeds, and More 47 Keyboard Shortcuts That Work in All Web Browsers How To Hide Passwords in an Encrypted Drive Even the FBI Can’t Get Into

    Read the article

  • Publish/Subscribe/Request for exchange of big, complex, and confidential data?

    - by Morten
    I am working on a project where a website needs to exchange complex and confidential (and thus encrypted) data with other systems. The data includes personal information, technical drawings, public documents etc. We would prefer to avoid the Request-Reply pattern to the dependent systems (and there are a LOT of them), as that would create an awful lot of empty traffic. On the other hand, I am not sure that a pure Publisher/Subscriber pattern would be apropriate -- mainly because of the complex and bulky nature of the data to be exchanged. For that reason we have discussed the possibility of a "publish/subscribe/request" solution. The Publish/Subscribe part would be to publish a message to the dependent systems, that something is ready for pickup. The actual content is then picked up by old-school Request-Reply action. How does this sound to you?? Regards, Morten

    Read the article

  • Updating a database connection password using a script

    - by Tim Dexter
    An interesting customer requirement that I thought was worthy of sharing today. Thanks to James for the requirement and Bryan for the proposed solution and me for testing the solution and proving it works :0) A customers implementation of Sarbanes Oxley requires them to change all database account passwords every 90 days. This is scripted leveraging shell scripts today for most of their environments. But how can they manage the BI Publisher connections? Now, the customer is running 11g and therefore using weblogic on the middle tier, which is the first clue to Bryans proposed solution. To paraphrase and embellish Bryan's solution a little; why not use a JNDI connection from BIP to the database. Then employ the web logic scripting engine to make updates to the JNDI as needed? BIP is completely uninvolved and with a little 'timing' users will be completely unaware of the password updates i.e. change the password when reports are not being executed. Perfect! James immediately tracked down the WLST script that could be used here, http://middlewaremagic.com/weblogic/?p=4261 (thanks Ravish) Now it was just a case of testing the theory. Some steps: Create the JNDI connection in WLS Create the JNDI connection in BI Publisher pointing to the WLS connection Build new data models using or re-point data sources to use the JNDI connection. Create the WLST script to update the WLS JNDI password as needed. Test! Some details. Creating the JNDI connection in web logic is pretty straightforward. Log into hte console and look for Data Sources under the Services section of the home page and click it Click New >> Generic Datasource Give the connection a name. For the JNDI name, prefix it with 'jdbc/' so I have 'jdbc/localdb' - this name is important you'll need it on the BIP side. Select your db type - this will influence the drivers and information needed on the next page. Being a company man, Im using an Oracle db. Click Next Select the driver of choice, theres lots I know, you can read about them I just chose 'Oracle's Driver (Thin) for Instance connections; Versions 9.0.1 and later' Click Next >> Next Fill out the db name (SID), server, port, username to connect and password >> Next Test the config to ensure you can connect. >> Next Now you need to deploy the connection to your BI server, select it and click Next. You're done with the JNDI config. Creating the JNDI connection on the Publisher side is covered here. Just remember to the connection name you created in WLS e.g. 'jdbc/localdb' Not gonna tell you how to do this, go read the user guide :0) Suffice to say, it works. This requires a little reading around the subject to understand the scripting engine and how to execute scripts. Nicely covered here. However a bit of googlin' and I found an even easier way of running the script. ${ServerHome}/common/bin/wlst.sh updatepwd.py Where updatepwd.py is my script file, it can be in another directory. As part of the wlst.sh script your environment is set up for you so its very simple to execute. The nitty gritty: Need to take Ravish's script above and create a file with a .py extension. Its going to need some modification, as he explains on the web page, to make it work in your environment. I played around with it for a while but kept running into errors. The script as is, tries to loop through all of your connections and modify the user and passwords for each. Not quite what we are looking for. Remember our requirement is to just update the password for a given connection. I also found another issue with the script. WLS 10.x does not allow updates to passwords using clear type ie un-encrypted text while the server is in production mode. Its a bit much to set it back to developer mode bounce it, change the passwords and then bounce and then change back to production and bounce again. After lots of messing about I finally came up with the following: ############################################################################# # # Update password for JNDI connections # ############################################################################# print("*** Trying to Connect.... *****") connect('weblogic','welcome1','t3://localhost:7001') print("*** Connected *****") edit() startEdit() print ("*** Encrypt the password ***") en = encrypt('hr') print "Encrypted pwd: ", en print ("*** Changing pwd for LocalDB ***") dsName = 'LocalDB' print 'Changing Password for DataSource ', dsName cd('/JDBCSystemResources/'+dsName+'/JDBCResource/'+dsName+'/JDBCDriverParams/'+dsName) set('PasswordEncrypted',en) save() activate() Its pretty simple and you can expand on it to loop through the data sources and change each as needed. I have hardcoded the password into the file but you can pass it as a parameter as needed using the properties file method. Im not going to get into the detail of that here but its covered with an example here. Couple of points to note: 1. The change to the password requires a server bounce to get the changes picked up. You can add that to the shell script you will use to call the script above. 2. The script above needs to be run from the MW_HOME\user_projects\domains\bifoundation_domain directory to get the encryption libraries set correctly. My command to run the whole script was: d:\oracle\bi_mw\wlserver_10.3\common\bin\wlst.cmd updatepwd.py - where wlst.cmd is the scripting command line and updatepwd.py was my update password script above. I have not quite spoon fed everything you need to make it a robust script but at least you know you can do it and you can work out the rest I think :0)

    Read the article

  • How to encrypt php folder under /var/www?

    - by sirchaos
    I need to encrypt the folder /var/www/test. The folder contains PHP files. The goal it to prevent any user to read the php content AND if the HD is mounted on another computer, the /var/www/test should be encrypted AND if computer booted up without any user logged I would like anyone to be able to access data in /var/www/tests. What is the correct approach for this? I've tried "ecryptfs-setup-private" as advised in How to encrypt /var/www? yet it didn't work for me. I've might missed something - I've tested the folders while booting with ubuntu 12.04 installation disk and mounted the drive, than I was able to access /var/www/test content.. yet this is what I want to prevent. The gnome-encfs isn't the way to go since its decryption happens when users logs on to the system & I would like the system to be working after power failure etc' without any one logged in. Please advice.

    Read the article

  • How to play .mp4 movies?

    - by Andrew
    I have a .mp4 movie (it's an .mp4 file, and the "video codec" is Xvid, and the "audio codec" is mp3) that I want to play, but when I try to open it in MPlayer, it says "The steam is encrypted and decryption is not supported." I tried to apply the answer from this question and this wiki page, but neither worked. Any suggestions? The file came from an [apparently] less than reputable site, which I guess I can't link to. :( I've tried: sudo apt-get install ubuntu-restricted-extras sudo apt-get install libdvdread4 sudo /usr/share/doc/libdvdread4/install-css.sh sudo apt-get install gstreamer0.10-ffmpeg sudo apt-get install w64codecs sudo apt-get update

    Read the article

  • Do you use your personal laptop for work?

    - by davekaro
    We're trying to get our company to let us use our own personal laptop for client work. We've agreed that any code/data will be encrypted using something like TrueCrypt, in case the laptop is stolen or lost. However, the company is still skeptical and not sure they want to allow us to use our personal machines for development. They would rather buy us laptops... but we want to use MacBook Pros and they don't want to pay for them. Even if they did buy us laptops, we would stil have the issue of needing to encrypt the code/data in case of theft/loss. Do you use your own laptop for work? What are the arguments for/against this?

    Read the article

  • How do I store the OAuth v1 consumer key and secret for an open source desktop Twitter client without revealing it to the user?

    - by Justin Dearing
    I want to make a thick-client, desktop, open source twitter client. I happen to be using .NET as my language and Twitterizer as my OAuth/Twitter wrapper, and my app will likely be released as open source. To get an OAuth token, four pieces of information are required: Access Token (twitter user name) Access Secret (twitter password) Consumer Key Consumer Secret The second two pieces of information are not to be shared, like a PGP private key. However, due to the way the OAuth authorization flow is designed, these need to be on the native app. Even if the application was not open source, and the consumer key/secret were encrypted, a reasonably skilled user could gain access to the consumer key/secret pair. So my question is, how do I get around this problem? What is the proper strategy for a desktop Twitter client to protect its consumer key and secret?

    Read the article

  • Encrypt folders out of Home

    - by igi
    Is there a way to encrypt a folder, which is not in /home but even in a different partition, so only my user can access/read contained files? Alternatively, I would like to understand if it is possible to turn a complete ext4 partition into an encrypted volume, which would be mounted at user login. If possible, I would like to make the change without reinstalling Ubuntu. My PC has (mount output): /dev/sda1 on / type ext4 (rw,errors=remount-ro) /dev/sda3 on /home type ext4 (rw) /dev/sda4 on /home/igor/Personale type ext4 (rw) sda4 is the partition containing folders I would like to protect. Thanks!

    Read the article

  • Thunderbird adds ***UNCHECKED*** to subjects of GPG messages

    - by Roman Geber
    Thunderbird seems to consider it a great idea to add the string UNCHECKED in front of the subject of GPG encrypted messages. Well, its not a good idea but rather annoying. At first I thought it would be a mailserver thing, so I checked. No trace of it, anywhere. Same goes for the raw message source. When I look at it the subject appears untouched, therefore I assume its a Thunderbird thing. Does anyone know an option to turn this ill behavior off? Thanks a lot in advance! cu Roman

    Read the article

< Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >