Search Results

Search found 30819 results on 1233 pages for 'software security'.

Page 300/1233 | < Previous Page | 296 297 298 299 300 301 302 303 304 305 306 307  | Next Page >

• <100% Test coverage - best practices in selecting test areas

  - by Paul Nathan

  Suppose you're working on a project and the time/money budget does not allow 100% coverage of all code/paths. It then follows that some critical subset of your code needs to be tested. Clearly a 'gut-check' approach can be used to test the system, where intuition and manual analysis can produce some sort of test coverage that will be 'ok'. However, I'm presuming that there are best practices/approaches/processes that identify critical elements up to some threshold and let you focus your test elements on those blocks. For example, one popular process for identifying failures in manufacturing is Failure Mode and Effects Analysis. I'm looking for a process(es) to identify critical testing blocks in software.

  Read the article

• Life Cycle Tools Suite

  - by pearcewg

  I am looking to replace the life cycle tools currently used by my development teams. Tools that I'm looking for: Version Control Defect/Issue Tracking Requirements Tracking Test Case Management (potentially) Project Management: Project Status, hours entry I have a new beefy server (Windows 2008 Server) to run all tools on. I'm looking at COTS and Open Source options, but haven't decided so far. Other factors: Distributed team (different physical sites) Some Windows Development, some Linux Development Software, Firmware, Technical Writing need to be able to use it Recommendations on a good suite that will work together? If Open Source, best approach to run on the Windows 2008 Server?

  Read the article

• Free for personal use license?

  - by Lance May

  I'm trying desperately to find a software licensing model that would allow me to make my product completely open to the public domain for personal use/modification, but would be able to be sold commercially. I know such a beast exists, and I'm sure in many flavors. I just can't find it. ;( What I'm hoping for is a way to allow people the opportunity to benefit from the product in an "open source" fashion, while still allowing me to have a revenue on it to be able to continue development full time. Thanks much in advance.

  Read the article

• create an english test

  - by thienthai

  hi everyone, i want to create an english test software using window form and C# something like bellow: Hi David, Thanks for your e-mail. I hope things get easier for you before the weekend. You’ve been (be) really busy this week! 1 _______ (you / make) your vacation plans yet? Last May, I 2 _________(go) to Japan with my family again. We 3 _______ (be) there three times now! But this time, we 4 _______ (not stay) with my aunt in Tokyo. Instead, we 5 ______(drive) around to different places. Then in July, my friend Angie and I 6 ________ (travel) to Peru. 7 _______ (you / ever / be) there? It’s one of the most interesting places I 8 _______ (ever / visit). The ruins of Machu Picchu are amazing. Write soon! Mariko how can i display it in window form that we can fill the brackets (____) directly everyone help me thanks.

  Read the article

• Office documents prompt for login in anonymous SharePoint site

  - by xmt15

  I have a MOSS 07 site that is configured for anonymous access. There is a document library within this site that also has anonymous access enabled. When an anonymous user clicks on a PDF file in this library, he or she can read or download it with no problem. When a user clicks on an Office document, he or she is prompted with a login box. The user can cancel out of this box without entering a log in, and will be taken to the document. This happens in IE but not FireFox. I see some references to this question on the web but no clear solutions: http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.sharepoint.windowsservices.development&tid=5452e093-a0d7-45c5-8ed0-96551e854cec&cat=en_US_CC8402B4-DC5E-652D-7DB2-0119AFB7C906&lang=en&cr=US&sloc=&p=1 http://www.sharepointu.com/forums/t/5779.aspx http://www.eggheadcafe.com/software/aspnet/30817418/anonymous-users-getting-p.aspx

  Read the article

• Rewriting Live TCP Streams

  - by user213060

  I want to rewrite TCP/IP streams. Ettercap's etterfilter command lets you perform simple live replacements of TCP/IP data based on fixed strings or regexes. Example: http://ettercap.sourceforge.net/forum/viewtopic.php?t=2833 I would like to rewrite streams based on my own filter program instead of just simple string replacements. Anyone have an idea of how to do this? Is there anything other than Ettercap that can do live replacement like this, maybe as a plugin to a VPN software or something? Thanks!

  Read the article

• How do you protect code from leaking outside?

  - by cubex

  Besides open-sourcing your project and legislation, are there ways to prevent, or at least minimize the damages of code leaking outside your company/group? We obviously can't block Internet access (to prevent emailing the code) because programmer's need their references. We also can't block peripheral devices (USB, Firewire, etc.) The code matters most when it has some proprietary algorithms and in-house developed knowledge (as opposed to regular routine code to draw GUIs, connect to databases, etc.), but some applications (like accounting software and CRMs) are just that: complex collections of routine code that are simple to develop in principle, but will take years to write from scratch. This is where leaked code will come in handy to competitors. As far as I see it, preventing leakage relies almost entirely on human process. What do you think? What precautions and measures are you taking? And has code leakage affected you before?

  Read the article

• Which is better for quickly developing small utilities? AutoIt or AutoHotKey?

  - by Abhijeet Pathak

  Which is better for quickly developing small utilities? AutoIt or AutoHotKey or something else? I need to develop some small software for which I think using some professional suite like Visual Studio will be overkill. Most of the macro recording tools like AutoIt or AutoHotKey provide enough power to write decent application. Plus they are small and free. Which option will be good? Using one of these tools or using some other small/free compiler?

  Read the article

• When is it good to start using project management applications?

  - by Mr.Gando

  Hello, I was wondering, when is the right time or the correct project size to start using project management applications ( like Redmine or Trac ). I have a serious project, for now it's only me developing, but I use redmine to set my project versions, issues, and estimations. I think it's a good idea, because you never know when somebody else is going to join the team, and also allows me to organize myself effectively. I ask this question because I was Teaching Assistant at my university for one year in a row for a course, and I got questions about this very very often. While I'm a believer of the KISS principle, I think that learning to use this tools early is a win-win most of the time. I really believe that we can avoid this question to become argumentative, and that there's somewhat of a consensus about this issue, which I consider quite important in todays software development world. So, when is the right time ? what is the correct project/team size ?

  Read the article

• Application Buddy Lists and Authentication - How does it all go together

  - by Krevin

  This is a broad but specific question. The idea is that we want to tie in a 'buddy' functionality to a communications app. Very broadly, I believe that the application clients would connect to a central database/auth service which would provide the buddy data and then allow client apps to connect directly to eachother, without passing communications through the server. Specifically, however, what solutions, software, products, servers, technologies, etc would be best to implement to handle such a task? Thanks for reading and responses are much appreciated. //edit: the com app may run on a linux distro, may be web based, or both

  Read the article

• Looking for a safe, portable password-storage method

  - by Maciek

  Hello, I'm working on C++ project that is supposed to run on both Win32 and Linux, the software is to be deployed to small computers, usually working in remote locations. Recently, our client has requested that we introduce access control via password protection. We are to meet the following criteria : Support remote login Support remote password change Support remote password retrieval Support data retrieval on accidental/purposeful deletion Support secure storage I'm capable of meeting the "remote" requirements using an existing library, however what I do need to consider is a method of storing this data, preferably in a way that will work on both platforms and will not let the user see it/read it, encryption is not the issue here - it's the storage method itself. Can anyone recommend a sage storage method that could help me meet those criteria?

  Read the article

• How should important terms be emphasized in documentation?

  - by John Rasch

  Software will often introduce and formalize concepts that may have ambiguous definitions in the real world. For example, in an attendance tracking system, an Occurrence refers to an Excused Absence, an Unexcused Absence, or a Tardy. In technical documentation (both in helper text and in user guides, etc), should these concepts be proper nouns, and as such, should they be capitalized in usage? In other words, which of the following examples is more appropriate: After an Occurrence has been created, it may be converted into an Excused Absence once the Approval Form has been uploaded. or After an occurrence has been created, it may be converted into an excused absence once the approval form has been uploaded.

  Read the article

• University System Automation, how the internal system of a university works?

  - by Zia ur Rahman

  Hay dear! Suppose we want to make a software , we want to automate the system of university. Suppose a student apply in the university for a certain course, now the question is where the application form of the student will go and what process will be done on this form and then what is the next stage of this form and why it will go to the next stage? Now I hope you have got my point. I need information from the enrollment of a student to its pass out. Or provide a state transition diagram or Data flow diagram. I will be very thankful.

  Read the article

• How Much Does Source Code Cost? Range?

  - by Brain Freeze

  I have taken a job selling a customized "online workplace management application." Our clients' businesses work around the application. Our clients track their time (which is how they get paid), finances and work documents through the application we provide and give their clients access to their interests throught the application. Our clients range from 2 users to 500 users. Each user probably processes 200 files per year and generates a fee for each file in the range of $500-$2500 per file. The application has been refined over a period of years and has cost around a million to develop. Does anyone know what range something like this sells for (source code, add-ons such as support and hosting)? I am trying to wrap my head around it as my background is not in software development.

  Read the article

• SOW, SLA, TOS....am i missing anything else ?

  - by fwfwfw

  when doing long term sale of service or software, what type of legal contracts need to be drafted ? i'm not a lawyer, and was looking for a general template on statement of work, service level agreements and terms of services. how are java enterprise applications requiring server side logic, delivered by the vendor to the client ? do they deliver the actual hardware server with everything installed ? java apps can be decompiled and source code exposed, what type of legal paper would you need to draft to protect your asset and Intellectual property ?

  Read the article

• Does Anyone Use This Site To Find Jobs? [closed]

  - by Derek

  I hope this isn't too far off-topic that it upsets people, but here goes: My company (me, in particular) are looking to hire entry-level and medium-experienced software engineers via non-traditional (career fairs, etc) avenues due to ineffective HR efforts in the past. So, I am looking to perhaps purchase resume searching from stackoverflow and/or job postings. Before I do, I was hoping a few people could chime in on whether they think this would be worthwhile. Do you post your resume on here? Do you actively search the job listings? Thanks!

  Read the article

• Secure C# Assemblies from unauthorized Callers

  - by Creepy Gnome

  Is there any way to secure your assembly down to the class/property & class/method level to prevent the using/calling of them from another assembly that isn't signed by our company? I would like to do this without any requirements on strong naming (like using StrongNameIdentityPermission) and stick with how an assembly is signed. I really do not want to resort to using the InternalsVisibleTo attribute as that is not maintainable in a ever changing software ecosystem. For example: Scenario One Foo.dll is signed by my company and Bar.dll is not signed at all. Foo has Class A Bar has Class B Class A has public method GetSomething() Class B tries to call Foo.A.GetSomething() and is rejected Rejected can be an exception or being ignored in someway Scenario Two Foo.dll is signed by my company and Moo.dll is also signed by my company. Foo has Class A Moo has Class C Class A has public method GetSomething() Class C tries to call Foo.A.GetSomething() and is not rejected

  Read the article

• Where do you find images and graphics designers for your softwares ?

  - by ereOn

  Hi, As a programmer, I'm sure some of you already experienced the same problem: You create a good software (free, open-source, or for friend-only diffusion, whatever) relying on good code and good ideas but since you're a programmer and not an image designer, your program looks just bad. While it seems pretty easy to find motivated developpers to join for free an open-source project, it seems quite hard to find a single free graphic designer. What free and good resources do you usually use for your programs/websites ? Do you have any cool tip that you're willing to share ? Do you know any place where to find people involved into graphic design willing to participate to open-source projects ?

  Read the article

• Where do you find images and graphics for your softwares ?

  - by ereOn

  Hi, As a programmer, I'm sure some of you already experienced the same problem: You create a good software (free, open-source, or for friend-only diffusion, whatever) relying on good code and good ideas but since you're a programmer and not an image designer, your program looks just bad. While it seems pretty easy to find motivated developpers to join for free an open-source project, it seems quite hard to find a single free graphic designer. What free and good resources do you usually use for your programs/websites ? Do you have any cool tip that you're willing to share ?

  Read the article

• Latest stream cipher considered reasonably secure & easy to implement?

  - by hythlodayr

  (A)RC4 used to fit the bill, since it was so simple to write. But it's also less-than-secure these days. I'm wondering if there's a successor that's: Code is small enough to write & debug within an hour or so, using pseudo code as a template. Still considered secure, as of 2010. Optimized for software. Not encumbered by licensing issues. I can't use crypto libraries, otherwise all of this would be moot. Also, I'll consider block algorithms though I think most are pretty hefty. Thanks.

  Read the article

• Write-only collections in MongoDB

  - by rcoder

  I'm currently using MongoDB to record application logs, and while I'm quite happy with both the performance and with being able to dump arbitrary structured data into log records, I'm troubled by the mutability of log records once stored. In a traditional database, I would structure the grants for my log tables such that the application user had INSERT and SELECT privileges, but not UPDATE or DELETE. Similarly, in CouchDB, I could write a update validator function that rejected all attempts to modify an existing document. However, I've been unable to find a way to restrict operations on a MongoDB database or collection beyond the three access levels (no access, read-only, "god mode") documented in the security topic on the MongoDB wiki. Has anyone else deployed MongoDB as a document store in a setting where immutability (or at least change tracking) for documents was a requirement? What tricks or techniques did you use to ensure that poorly-written or malicious application code could not modify or destroy existing log records? Do I need to wrap my MongoDB logging in a service layer that enforces the write-only policy, or can I use some combination of configuration, query hacking, and replication to ensure a consistent, audit-able record is maintained?

  Read the article

• input type file alternative and file upload best practice

  - by Ioxp

  Background: I am working on a file upload page that will extend an existing web portal. This page will allow for an end user to upload files from there local computer to our network (the files will not be stored on the web server, rather a remote workstation). The end user will have the ability to view the data that they have submitted by hyper-linking the files that have been uploaded on this page. Question 1: Is there an ASP.net alternative to the <input type="file" runat="server" /> HTML tag? The reason for asking is i would rather use an image button and display the file as an asp label on the portal to keep with a consistent style. Question 2: So i understand that giving the end user the ability to upload files to the server and then turn around to show them the data that they posted poses a security threat. So far i am using the id.PostedFile.ContentType and the file extension to reject the data if its not an accepted format (i.e. "text/plain", "application/pdf", "application/vnd.ms-excel", or "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"). Also the location where the files are uploaded to has a sufficient amount of virus and malware protection and this is not a concern. What, from the C# point of view, additional steps should i take to ensure that the end user cant take advantage and compromise the system in regards to allowing them to upload files?

  Read the article

• How to authenticate a Windows Mobile client calling web services in a Web App

  - by cdonner

  I have a fairly complex business application written in ASP.NET that is deployed on a hosted server. The site uses Forms Authentication, and there are about a dozen different roles defined. Employees and customers are both users of the application. Now I have the requirement to develop a Windows Mobile client for the application that allows a very specialized set of tasks to be performed from a device, as opposed to a browser on a laptop. The client wants to increase productivity with this measure. Only employees will use this application. I feel that it would make sense to re-use the security infrastructure that is already in place. The client does not need offline capability. My thought is to deploy a set of web services to a folder of the existing site that only the new role "web service" has access to, and to use Forms Authentication (from a Windows Mobile 5/.Net 3.5 client). Can I do that, is that a good idea, and are there any code examples/references that you can point me to?

  Read the article

• How to secure Add child record functionality in MVC on Parent's view?

  - by RSolberg

  I'm trying to avoid some potential security issues as I expose some a new set of functionality into the real world. This is basically functionality that will allow for a new comment to be added via a partialview on the "Parent" page. My comment needs to know a couple of things, first what record is the comment for and secondly who is making the comment. I really don't like using a hidden field to store the ID for the Parent record in the add comment form as that can be easily changed with some DOM mods. How should I handle this? PARENT <% Html.RenderPartial("AddComment", Model.Comments); %> CHILD <%@ Control Language="C#" Inherits="System.Web.Mvc.ViewUserControl<CommentsViewModel>" %> <% using (Html.BeginForm("AddComment", "Requests")) {%> <fieldset> <legend>New Comment</legend> <%= Html.HiddenFor(p => p.RequestID) %> <%= Html.TextBoxFor(p => p.Text) %> &nbsp; <input type="submit" value="Add" /> </fieldset> <% } %> CONTROLLER [AcceptVerbs(HttpVerbs.Post)] public void AddComment(CommentsViewModel commentsModel) { var user = GetCurrentUser(); commentsModel.CreatedByID = user.UserID; RequestsService.AddComment(commentsModel); }

  Read the article

• Applying business logic to form elements in ASP.NET MVC

  - by Brettski

  I am looking for best practices in applying business logic to form elements in an ASP.NET MVC application. I assume the concepts would apply to most MVC patterns. The goal is to have all the business logic stem from the same place. I have a basic form with four elements: Textbox: for entering data Checkbox: for staff approval Checkbox: for client approval Button: for submitting form The textbox and two check boxes are fields in a database accessed using LINQ to SQL. What I want to do is put logic around the check boxes on who can check them and when. True table (little silly but it's an example): when checked || may check Staff || may check Client Staff | Client || Staff | Client || Staff | Client 0 0 || 1 0 0 1 0 1 || 0 0 0 1 1 0 || 1 0 0 1 1 1 || 0 0 0 1 There are to security roles, staff and client; a person's role determines who they are, the roles are maintained in the database alone with current state of the check boxes. So I can simply store the users roll in the view class and enable and disable check boxes based on their role, but this doesn't seem proper. That is putting logic in UI to control of which actions can be taken. How do I get most of this control down into the model? I mean I need to control which check boxes are enabled and then check the results in the model when the form is posted, so it seems the best place for it to originate. I am looking for a good approach to constructing this, something to follow as I build the application. If you know of some great references which explain these best practices that is really appreciated too.

  Read the article

< Previous Page | 296 297 298 299 300 301 302 303 304 305 306 307  | Next Page >