Search Results

Search found 25503 results on 1021 pages for 'browser security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 430/1021 | < Previous Page | 426 427 428 429 430 431 432 433 434 435 436 437  | Next Page >

  • How do software projects go over budget and under-deliver?

    - by Carlos
    I've come across this story quite a few times here in the UK: NHS Computer System Summary: We're spunking £12 Billion on some health software with barely anything working. I was sitting the office discussing this with my colleagues, and we had a little think about. From what I can see, all the NHS needs is a database + middle tier of drugs/hospitals/patients/prescriptions objects, and various GUIs for doctors and nurses to look at. You'd also need to think about security and scalability. And you'd need to sit around a hospital/pharmacy/GPs office for a bit to figure out what they need. But, all told, I'd say I could knock together something with that kind of structure in a couple of days, and maybe throw in a month or two to make it work in scale. * If I had a few million quid, I could probably hire some really excellent designers to make a maintainable codebase, and also buy appropriate hardware to run the system on. I hate to trivialize something that seems to have caused to much trouble, but to me it looks like just a big distributed CRUD + UI system. So how on earth did this project bloat to £12B without producing much useful software? As I don't think the software sounds so complicated, I can only imagine that something about how it was organised caused this mess. Is it outsourcing that's the problem? Is it not getting the software designers to understand the medical business that caused it? What are your experiences with projects gone over budget, under delivered? What are best practices for large projects? Have you ever worked on such a project? EDIT *This bit seemed to get a lot of attention. What I mean is I could probably do this for say, 30 users, spending a few tens of thousands of pounds. I'm not including stuff I don't know about the medical industry and government, but I think most people who've been around programming are familiar with that kind of database/front end kind of design. My point is the NHS project looks like a BIG version of this, with bells and whistles, notably security. But surely a budget millions of times larger than mine could provide this?

    Read the article

  • Securing WebSocket applications on Glassfish

    - by Pavel Bucek
    Today we are going to cover deploying secured WebSocket applications on Glassfish and access to these services using WebSocket Client API. WebSocket server application setup Our server endpoint might look as simple as this: @ServerEndpoint("/echo") public class EchoEndpoint { @OnMessage   public String echo(String message) {     return message + " (from your server)";   } } Everything else must be configured on container level. We can start with enabling SSL, which will require web.xml to be added to your project. For starters, it might look as following: <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee">   <security-constraint>     <web-resource-collection>       <web-resource-name>Protected resource</web-resource-name>       <url-pattern>/*</url-pattern>       <http-method>GET</http-method>     </web-resource-collection>     <!-- https -->     <user-data-constraint>       <transport-guarantee>CONFIDENTIAL</transport-guarantee>     </user-data-constraint>   </security-constraint> </web-app> This is minimal web.xml for this task - web-resource-collection just defines URL pattern and HTTP method(s) we want to put a constraint on and user-data-constraint defines that constraint, which is in our case transport-guarantee. More information about these properties and security settings for web application can be found in Oracle Java EE 7 Tutorial. I have some simple webpage attached as well, so I can test my endpoint right away. You can find it (along with complete project) in Tyrus workspace: [webpage] [whole project]. After deploying this application to Glassfish Application Server, you should be able to hit it using your favorite browser. URL where my application resides is https://localhost:8181/sample-echo-https/ (may be different, depends on other configuration). My browser warns me about untrusted certificate (I use what freshly built Glassfish provides - self signed certificates) and after adding an exception for this site, I can see my webpage and I am able to securely connect to wss://localhost:8181/sample-echo-https/echo. WebSocket client Already mentioned demo application also contains test client, but execution of this is skipped for normal build. Reason for this is that Glassfish uses these self-signed "random" untrusted certificates and you are (in most cases) not able to connect to these services without any additional settings. Creating test WebSocket client is actually quite similar to server side, only difference is that you have to somewhere create client container and invoke connect with some additional info. Java API for WebSocket allows you to use annotated and programmatic way to construct endpoints. Server side shows the annotated case, so let's see how the programmatic approach will look. final WebSocketContainer client = ContainerProvider.getWebSocketContainer(); client.connectToServer(new Endpoint() {   @Override   public void onOpen(Session session, EndpointConfig EndpointConfig) {     try {       // register message handler - will just print out the       // received message on standard output.       session.addMessageHandler(new MessageHandler.Whole<String>() {       @Override         public void onMessage(String message) {          System.out.println("### Received: " + message);         }       });       // send a message       session.getBasicRemote().sendText("Do or do not, there is no try.");     } catch (IOException e) {       // do nothing     }   } }, ClientEndpointConfig.Builder.create().build(),    URI.create("wss://localhost:8181/sample-echo-https/echo")); This client should work with some secured endpoint with valid certificated signed by some trusted certificate authority (you can try that with wss://echo.websocket.org). Accessing our Glassfish instance will require some additional settings. You can tell Java which certificated you trust by adding -Djavax.net.ssl.trustStore property (and few others in case you are using linked sample). Complete command line when you are testing your service might need to look somewhat like: mvn clean test -Djavax.net.ssl.trustStore=$AS_MAIN/domains/domain1/config/cacerts.jks\ -Djavax.net.ssl.trustStorePassword=changeit -Dtyrus.test.host=localhost\ -DskipTests=false Where AS_MAIN points to your Glassfish instance. Note: you might need to setup keyStore and trustStore per client instead of per JVM; there is a way how to do it, but it is Tyrus proprietary feature: http://tyrus.java.net/documentation/1.2.1/user-guide.html#d0e1128. And that's it! Now nobody is able to "hear" what you are sending to or receiving from your WebSocket endpoint. There is always room for improvement, so the next step you might want to take is introduce some authentication mechanism (like HTTP Basic or Digest). This topic is more about container configuration so I'm not going to go into details, but there is one thing worth mentioning: to access services which require authorization, you might need to put this additional information to HTTP headers of first (Upgrade) request (there is not (yet) any direct support even for these fundamental mechanisms, user need to register Configurator and add headers in beforeRequest method invocation). I filed related feature request as TYRUS-228; feel free to comment/vote if you need this functionality.

    Read the article

  • The Perfect Server - Fedora 13 x86_64 [ISPConfig 3]

    <b>Howtoforge:</b> "This tutorial shows how to prepare a Fedora 13 server (x86_64) for the installation of ISPConfig 3, and how to install ISPConfig 3. ISPConfig 3 is a webhosting control panel that allows you to configure the following services through a web browser: Apache web server, Postfix mail server, MySQL, BIND nameserver, PureFTPd, SpamAssassin, ClamAV, and many more."

    Read the article

  • Take advantage of the stimulus plan by hiring someone!

    - by Randy Walker
    In case you didn’t know, businesses can take advantage of the stimulus package by hiring an unemployed worker.  The Hiring Incentives to Restore Employment (HIRE) Act can pay the business portion of the Social Security taxes as well as give you a $1000 general business tax credit. If you’re unemployed, make sure and mention this to a potential employee! You can find out more information from here on Intuit’s website.  http://www.qbenews.com/QB_Payroll/1003_qbpb/landing_01.html

    Read the article

  • How do you exclude yourself from Google Analytics on your website using cookies?

    - by Cold Hawaiian
    I'm trying to set up an exclusion filter with a browser cookie, so that my own visits to my don't show up in my Google Analytics. I tried 3 different methods and none of them have worked so far. I would like help understanding what I am doing wrong and how I can fix this. Method 1 First, I tried following Google's instructions, http://www.google.com/support/analytics/bin/answer.py?hl=en&answer=55481, for excluding traffic by Cookie Content: Create a new page on your domain, containing the following code: <body onLoad="javascript:pageTracker._setVar('test_value');"> Method 2 Next, when that didn't work, I googled around and found this Google thread, http://www.google.com/support/forum/p/Google%20Analytics/thread?tid=4741f1499823fcd5&hl=en, where the most popular answer says to use a slightly different code: SHS Analytics wrote: <body onLoad="javascript:_gaq.push(['_setVar','test_value']);"> Thank you! This has now set a __utmv cookie containing "test_value", whereas the original: pageTracker._setVar('test_value') (which Google is still recommending) did not manage to do that for me (in Mac Safari 5 and Firefox 3.6.8). So I tried this code, but it didn't work for me. Method 3 Finally, I searched StackOverflow and came across this thread, http://stackoverflow.com/questions/3495270/exclude-my-traffic-from-google-analytics-using-cookie-with-subdomain, which suggests that the following code might work: <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setVar', 'exclude_me']); _gaq.push(['_setAccount', 'UA-xxxxxxxx-x']); _gaq.push(['_trackPageview']); // etc... </script> This script appeared in the head element in the example, instead of in the onload event of the body like in the previous 2 examples. So I tried this too, but still had no luck with trying to exclude myself from Google Analytics. Re-iterate question So, I tried all 3 methods above with no success. Am I doing something wrong? How can I exclude myself from my Google Analytics using an exclusion cookie for my browser? Update I've been testing this for several days now, and I've confirmed that the 2nd method of excluding yourself from tracking does indeed work. The problem was that the filter settings weren't properly applied to my profile, which has been corrected. See the accepted answer below.

    Read the article

  • Cooking with Wessty: WordPress and HTML 5

    - by David Wesst
    WordPress is easily one, if not the most, popular blogging platforms on the web. With the release of WordPress 3.x, the potential for what you can do with this open source software is limitless. This technique intends to show you how to get your WordPress wielding the power of the future web, that being HTML 5. --- Ingredients WordPress 3.x Your favourite HTML 5 compliant browser (e.g. Internet Explorer 9) Directions Setup WordPress on your server or host. Note: You can setup a WordPress.com account, but you will require an paid add-on to really take advantage of this technique.Login to the administration panel. Login to the administration section of your blog, using your web browser.  On the left side of the page, click the Appearance heading. Then, click on Themes. At the top of the page, select the Install Themes tab. In the search box, type the “toolbox” and click search. In the search results, you should see an theme called Toolbox. Click the Install link in the Toolbox item. A dialog window should appear with a sample picture of what the theme looks like. Click on the Install Now button in the bottom right corner. Et voila! Once the installation is done, you are done and ready to bring your blog into the future of the web. Try previewing your blog in HTML 5 by clicking the preview link.   Now, you are probably thinking “Man…HTML 5 looks like junk”. To that, I respond: “HTML was never why your site looked good in the first place. It was the CSS.” Now you have an un-stylized theme that uses HTML 5 elements throughout your WordPress site. If you want to learn how to apply CSS to your WordPress blog, you should check out the WordPress codex that pretty much covers everything there is to cover about WordPress development. Now, remember how we noted earlier that your free WordPress.com account wouldn’t take advantage of this technique? That is because, as of the time of this writing, you needed to pay a fee to use custom CSS. Remember now, this only gives you the foundation to create your own HTML 5 WordPress site. There are some HTML 5 themes out there that already look good, and were built using this as the foundation and added some CSS 3 to really spice it up. Looking forward to seeing more HTML 5 WordPress sites! Enjoy developing the future of the web. Resources Toolbox Theme JustCSS Theme WordPress Installation Tutorial WordPress Theme Development Tutorial This post also appears at http://david.wes.st

    Read the article

  • How to Download Hulu Videos to Your PC for Offline Viewing

    - by Taylor Gibb
    If you have ever tried to download videos from the Hulu website, you will have probably noticed that most methods don’t work because of the protocol that Hulu uses. Here’s how to download any video you want from the Hulu website. Note: This will work on both x86 and x64 installations of Windows, however the browser you are using must be 32-Bit. How to Use an Xbox 360 Controller On Your Windows PC Download the Official How-To Geek Trivia App for Windows 8 How to Banish Duplicate Photos with VisiPic

    Read the article

  • Using Url Rewrite to Block Page Requests

    - by The Official Microsoft IIS Site
    The other day I was checking the traffic stats for my WordPress blog to see which of my posts were the most popular. I was a little concerned to see that wp-login.php was in the Top 5 total requests almost every month. Since I’m the only author on my blog my logins could not possibly account for the traffic hitting that page. The only explanation could be that the additional traffic was coming from automated hacking attempts. Any server administrator concerned about security knows that “ footprinting...(read more)

    Read the article

  • Unhandled event loop exception "Unknown Mozilla path" with Eclipse 3.7.1

    - by r.bitter
    I installed the Tizen SDK 2.0 which uses Eclipse 3.7.1 as an IDE on Ubuntu 12.10 64bit. When trying to create a Tizen Web Project I got the following error message from Eclipse: Unhandled event loop exception No more handles [Unknown Mozilla path (MOZILLA_FIVE_HOME not set)] The problem is that Eclipse is configured to use Xulrunner as a headless browser inside the IDE. Xulrunner is not in the repositories for Ubuntu 12.10 any more, therefore Eclipse is not able to find the libraries.

    Read the article

  • How to make Gwibber notifications clickable?

    - by yossile
    One of the accounts that I have in Gwibber is my Twitter account. It nicely shows every now and then notifications with the new twits. Whenever a twit has a link (URL) within it I feel an urge to click on the link withing the notification to directly open it within a browser. However, it seems like notifications are not clickable and when hovering over them they just become opaque. Is there a way to make those links clickable?

    Read the article

  • Post-retirement plans for Ruby package in Precise 12.04LTS?

    - by Alexandr Kurilin
    Now that Ruby 1.8.7 is officially retired, is it at all possible that the default ruby package in precise might be updated all the way up to 2.0? I understand that backporting is generally not done with Ubuntu releases for concerns of breaking people, but in this case we're dealing with a deprecated package that might either already have security issues, or have more of them discovered in the future without any chance of them being fixed. What's the plan? Will 12.04 march on with 1.8.7?

    Read the article

  • CVE-2012-3410 stack-based buffer overflow vulnerability in Bash

    - by RitwikGhoshal
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-3410 Buffer overflow vulnerability 4.6 Bash Solaris 11 Contact Support Solaris 10 SPARC: 126546-04 X86: 126547-04 Solaris 9 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Multiple Denial of Service vulnerabilities in Quagga

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-3323 Denial of Service (DoS) vulnerability 5.0 Quagga Solaris 10 SPARC: 126206-09 X86: 126207-09 Solaris 11 11/11 SRU 4 CVE-2011-3324 Denial of Service (DoS) vulnerability 5.0 CVE-2011-3325 Denial of Service (DoS) vulnerability 5.0 CVE-2011-3326 Denial of Service (DoS) vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Multiple Denial of Service vulnerabilities in Quagga

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2007-4826 Denial of Service (DoS) vulnerability 3.5 Quagga Solaris 10 SPARC: 126206-09 X86: 126207-09 Solaris 11 11/11 SRU 4 CVE-2009-1572 Denial of Service (DoS) vulnerability 5.0 CVE-2010-1674 Denial of Service (DoS) vulnerability 5.0 CVE-2010-1675 Denial of Service (DoS) vulnerability 5.0 CVE-2010-2948 Denial of Service (DoS) vulnerability 6.5 CVE-2010-2949 Denial of Service (DoS) vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2012-2763 Buffer overflow vulnerability in Gimp

    - by RitwikGhoshal
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-2763 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 7.5 Gimp Solaris 11 11/11 SRU 11.4 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Multithreading: Communication from Parent thread to child thread

    - by Dennis Nowland
    I have a List of threads normally 3 threads each of the threads reference a webbrowser control that communicates with the parent control to populate a datagridview. What I need to do is when the user clicks the button in a datagridviewButtonCell corresponding data will be sent back to the webbrowser control within the child thread that originally communicated with the main thread. but when I try to do this I receive the following error message 'COM object that has been separated from its underlying RCW cannot be used.' my problem is that I can not figure out how to reference the relevant webbrowser control. I would appreciate any help that anyone can give me. The language used is c# winforms .Net 4.0 targeted Code sample: The following code is executed when user click on the Start button in the main thread private void StartSubmit(object idx) { /* method used by the new thread to initialise a 'myBrowser' inherited from the webbrowser control each submitters object is an a custom Control called 'myBrowser' which holds detail about the function of the object eg: */ //index: is an integer value which represents the threads id int index = (int)idx; //submitters[index] is an instance of the 'myBrowser' control submitters[index] = new myBrowser(); //threads integer id submitters[index]._ThreadNum = index; // naming convention used 'browser' +the thread index submitters[index].Name = "browser" + index; //set list in 'myBrowser' class to hold a copy of the list found in the main thread submitters[index]._dirs = dirLists[index]; // suppress and javascript errors the may occur in the 'myBrowser' control submitters[index].ScriptErrorsSuppressed = true; //execute eventHandler submitters[index].DocumentCompleted += new WebBrowserDocumentCompletedEventHandler(DocumentCompleted); //advance to the next un-opened address in datagridview the navigate the that address //in the 'myBrowser' control. SetNextDir(submitters[index]); } private void btnStart_Click(object sender, EventArgs e) { // used to fill list<string> for use in each thread. fillDirs(); //connections is the list<Thread> holding the thread that have been opened //1 to 10 maximum for (int n = 0; n < (connections.Length); n++) { //initialise new thread to the StartSubmit method passing parameters connections[n] = new Thread(new ParameterizedThreadStart(StartSubmit)); // naming convention used conn + the threadIndex ie: 'conn1' to 'conn10' connections[n].Name = "conn" + n.ToString(); // due to the webbrowser control needing to be ran in the single //apartment state connections[n].SetApartmentState(ApartmentState.STA); //start thread passing the threadIndex connections[n].Start(n); } } Once the 'myBrowser' control is fully loaded I am inserting form data into webforms found in webpages loaded via data enter into rows found in the datagridview. Once a user has entered the relevant details into the different areas in the row the can then clicking a DataGridViewButtonCell that has tha collects the data entered and then has to be send back to the corresponding 'myBrowser' object that is found on a child thread. Thank you

    Read the article

  • How to make a directory with permanent permissions different from default

    - by Carlos Fernández San Millán
    I have system-wide default permissions set with umask 027. I am in the need to make a directory whose sub-directories would need 775 permission and whose files would need 664 permissions and make these permissions permanent after booting the system. I am looking for the best options out there without compromising security. Any ideas? Thank you. Some research done: sudo chfn -o "umask=002" daemon_username bash script running at boot with umask 022 on the desired directory

    Read the article

  • Heavy Criticism on Patch Process Thrown Microsoft's Way

    Plus: McAfee explains patching problem; what security concerns make you lose sleep?; Patching in the dark....Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • Is Your Corporate Network Secure and Confidential?

    - by Chandra Vennapoosa
    Businesses are increasingly conducted over IT networks and it is imperative for them to maintain network confidentiality more than ever before. A failure to ensure the security of business IT network can lead to dire consequences. In order to secure these network, a number of changes are made to the infrastructure of the underlying network, and a network administrator is designated to create policies which will protect the network from unauthorized access. Read here:  Is Your Corporate Network Secure and Confidential?

    Read the article

  • Do Spambots have access to unlimited IP addresses?

    - by Reg Gordon
    I have been attacked for weeks by the same spambot trying to brute force the login page. I have a login security module now installed on my Drupal 6 website and it bans on IP after x amount of attempts. It's been going on for ever and I have banned about 1000 IP addresses. Is there any point in me banning on IP due to the spambot having access to unlimited IP addresses or will they run out of them eventually?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 426 427 428 429 430 431 432 433 434 435 436 437  | Next Page >