Search Results

Search found 1485 results on 60 pages for 'encrypted'.

Page 44/60 | < Previous Page | 40 41 42 43 44 45 46 47 48 49 50 51  | Next Page >

• Is it viable and necessary to encrypt bytes?

  - by Shervin

  We have a requirement from customer that if someone gets access to the database, all data that includes personal information should be encrypted, so that when they do select calls, they shouldn't be able to see anything in clear text. Now this isn't any problem for Strings, but what about bytearrays? (that can potentially be quite huge (several 100mb)) When you do a select call, you get gibberish anyways. Is it possible for a hacker to somehow read the bytes and get the sensitive information without knowing how the structure of the object it is mapped against is? Because if that is the case, then I guess we should encrypt those bytes, even if they can potentially be quite huge. (I am guessing adding encryption will make them even bigger)

  Read the article

• How-to limit feature functionality

  - by ph0enix

  Are there any standard or "best practice" ways of limiting feature functionality for a particular application? Example: We have a product with a variety of features, and our customers can pick and choose which features they would like to use, and the cost of the product varies based on which features they are actually using. In the past, we have distributed along with our software installer an encrypted license file that contains information about the customer, as well as the collection of features that they have enabled. In code, we read from the license file and enable the functionality according to the license file. This seems to work fine, except there a few disadvantages: Upgrading users with new functionality can be sort of a pain If a particular feature shows up in multiple places throughout the application, a developer might not realize that this feature should be licensed, and forget to check the license file before granting functionality to the user If the license file becomes corrupted, deleted, moved, renamed, etc. the application will not run We're getting ready to roll out a new set of features, and I was just curious what others in the community have done to tackle this problem?

  Read the article

• encryption decryption function in php

  - by parthav

  import gnupg, urllib retk = urllib.urlopen("http://keyserver.pramberger.at/pks/" "lookup?op=get&search=userid for the key is required") pub_key = retk.read() #print pub_key gpg = gnupg.GPG(gnupghome="/tmp/foldername", verbose=True) print "Import the Key :", gpg.import_keys(pub_key).summary() print "Encrypt the Message:" msg = "Hellllllllllo" uid = "userid that has the key on public key server" enc = gpg.encrypt(msg, uid,always_trust=True) print "*The enc content***************************== ", enc this function written in python gives me encrypted message.The encryption is done using the public key which i am getting from public key server(pramberger.at). Now how can i implement the same functionality (getting the key from any public key server and using that key encrypt the message) in php

  Read the article

• How do i convert hdb file? ... believed to be from act! source

  - by Wardy

  Any ideas ? I think the original source was a goldmine database, looking around it appears that the file was likely built using an application called ACT which I gather is a huge product I don't really want to be deploying for a one off file total size less than 5 meg. So ... Anyone know of a simple tool that I can run this file through to convert it to a standard CSV or something? It does appear to be (when looking at it in notepad and excel) in some sort of csv type format but it's like the data is encrypted somehow.

  Read the article

• How to secure licensekey generation

  - by Jakob Gade

  Scenario, simplified for brevity: A developer creates an application for a customer. The customer sells this app to end-users. The app requires a license key to run, and this key is generated by the customer for each end-user with a simple tool created by the developer. The license key contains an expiry date for the license and is encrypted so the end-user can’t tamper with it. The problem here is that the developer (or anybody who has a copy of the license key generator) can easily create valid license keys. Should this generator fall into the wrong hands, it could spell disaster for the customers business. Ideally, the customer would have to use a password to create new license keys. And this password would be unknown to the developer, and somehow baked into the decryption algorithm in the application so it will fail if an attempt to use an unauthorized key is made. How would you implement a solution for this problem that is both transparent and secure?

  Read the article

• Reading iTunesMovies file in iPhone?

  - by raziiq

  Hi there. In iPhone, the iPod app saves the media files (audio, video) with strange names and in weird folders (F00,F01 etc). There is a file named iTunesMovies in iPhone, which contains all the information about the metadata of those video files and how they are to be displayed in iPod app. I copied that to my Mac also, and when i tried to open that file in textEdit, it showed some alien characters which made me believe that it is encrypted may be(Thats just a wild guess). I want to read/change the contents of that iTunesMovies file. Can i do that? Is there any Framework which deals with that iTunesMovies file? Thanks in advance

  Read the article

• Ruby on Rails Decryption

  - by user812120

  0 down vote favorite share [g+] share [fb] share [tw] The following function works perfect in PHP. How can it be translated in Ruby on Rails. Please note that both privateKey and iv are 32 characters long. mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $privateKey, base64_decode($enc), MCRYPT_MODE_CBC, $iv) I tried to use the following in Ruby but got a bad decrypt error. cipher = OpenSSL::Cipher.new('aes-256-cbc') cipher.decrypt cipher.key = privateKey cipher.iv = iv decrypted = '' << cipher.update(encrypted) << cipher.final

  Read the article

• PHP Retrieve Cookie which was not set with setcookie

  - by Martin

  I have the following problem - a third party software is setting a cookie with the login credentials and then forward the user to my app. I now need to retrieve the cookie values: The problem is - I can do this easily in the Frontend/AS3 with var ticket : String = CookieUtil.getCookie( 'ticket' ).toString(); but in PHP, the cookie is not within the $_COOKIES array. The cookie values are: Name: ticket Domain: .www.myserver.com Path : / Send for: encrypted connections only Expires: at end of session The one I see, and set before in PHP is: Name: myCookie Host: www.myserver.com Path : / Send for: any type of connection Expires: at end of session Actually, since host/domain are both the same, it should be visible in the PHP script, since it is running on this domain. Any thoughts? Thankx Martin

  Read the article

• Simple number-to-number (or number-to-hex) encryption algorithm that minimizes # of characters

  - by Clay Nichols

  I need to encrypt a number and I and this encrypted value will be given to a customer ask a key so I want to minimize the number of digits and make them all printable. So I'd like the result to be either all number or all Hex characters. The current encryption method I'm using (for non numbers) converts the characters to hex (2 hex digits each). That doubles the number of characters. I also considered just treating the input as hex (so each pair of numbers is treated as a Hex pair, but then you have ambiguity between an input of 0123 and 123 (when decrypting that leading '0' is lost. Any suggestions?

  Read the article

• Ruby fixtures error with password column

  - by user347998

  I am trying to load a fixture for my tests which has a password column (binary datatype). The tool i am using uses EzCrypto gem for encrypting and decrypting passwords before they are stored/retrieved. Now if my column is binary i thought rails would automatically store the password as encrypted - but all i get is: 1) Error: test_is_working(FirstTest): RuntimeError: Failed to decode the field. Incorrect key? /Library/Ruby/Gems/1.8/gems/mislav-will_paginate-2.3.11/lib/will_paginate/finder.rb:170:in method_missing' unit/first_test.rb:8:insetup' 2) Error: test_sanity(FirstTest): RuntimeError: Failed to decode the field. Incorrect key? unit/first_test.rb:8:in `setup' Fixture file looks like this: first_hussle: type: FirstAccount user: jsewq username: [email protected] password: 'abc123' any clues?

  Read the article

• File Encryption Operation

  - by kiruthika

  Hi All, I have doubt in gpg command operation . Actually we are using gpg command for encrypting the file . File.txt has following things. Testing hello world My security things. Now I am doing the file encryption for File.txt gpg --symmetric File.txt Now I got File.txt.gpg file , which is encrypted. My doubt, if some open that file and did someone changes in that I am not able get file content . It says my following things. $ gpg --decrypt File.txt.gpg gpg: no valid OpenPGP data found. gpg: decrypt_message failed: eof I want my file content , even though some body has done changes in that . what should I do for this problem....?

  Read the article

• Encrypting Files with AES, Encrypting Key with RSA - Am I on the right track?

  - by Shawn Steward

  Overview: I'm trying to design an application that will encrypt files to safely send through the mail. I'm planning on using AES/RijndaelManaged encryption from .Net to encrypt the files initially, using a randomly generated key using RNGCryptoServiceProvider. I'm then encrypting this random AES key with a RSA Public key. The receiver of the data is the only one with the RSA Private key to decrypt it. My question: Is this the proper way to do something like this? If so, is it safe to send this RSA-Encrypted key with the data since it requires the private key to decrypt? Also - when having the end user generate their Public/Private key pair, what is the best way to save the Private key? I do not want it to be only accessible from one machine, so I am trying to avoid using the user's key store. But MSDN says it is not safe to save the key to a file, so how else can you accomplish this?

  Read the article

• User account design and security...

  - by espinet

  Before I begin, I am using Ruby on Rails and the Devise gem for user authentication. Hi, I was doing some research about account security and I found a blog post about the topic awhile ago but I can no longer find it again. I read something about when making a login system you should have 1 model for User, this contains a user's username, encrypted password, and email. You should also have a model for a user's Account. This contains everything else. A User has an Account. I don't know if I'm explaining this correctly since I haven't seen the blog post for several months and I lost my bookmark. Could someone explain how and why I should or shouldn't do this. My application deals with money so I need to cover my bases with security. Thanks.

  Read the article

• Centralized Credentials Service For Various Apps

  - by Vlad

  We are researching the possibility to build a centralized credentials storage for internal applications. These apps (vb6, vb.net, web apps in asp.net, etc) are using various instances of SQL servers and iSeries. We want to implement a central credentials facility that would act as a security broker. Basically it should work like this: Client app supplies AppID (I am Sales Application) and EnvironmentID (I am running in QA environment) and in return will get either a connection object (preferred) or encrypted connection string that will allow said application to connect to resources it needs. There will be cases when application needs to connect to two (or more) database resources (i.e. to SQL and iSeries). What are looking at DP API at the moment, but I am not convinced that DP API is the solution as it tied in with machine key. In our case using machine key isn't feasible, so I want to know if there are other approaches available.

  Read the article

• dreamweaver sites

  - by ngreenwood6

  Hello, We have over 500 sites that we host. All of there ftp information is in a database. Whenever one of our programmers have to add a site they have to get all the info and set it up. However, I found that you can export them and it has all the info except for one problem. The password is encrypted. I am not trying to hack anything, I want to know how to encrypt our passwords so that we can import them using dreamweavers import feature. Can anyone tell me what encryption they use or a link on how to encrypt. I am not interested in decrypting at all because we already have all of them so it would not do me any good. Thanks for any help

  Read the article

• Encrypt/Decrypt SQLite-database and use it "on the fly"

  - by Berschi

  Here's the thing: In my Qt4.6-Project, I use a SQLite-Database. This database shouldn't be unencrypted on my harddrive. So I want, that on every start of my program, the user gets asked to enter a password to decrypt the database. Of course the database never should appear "in clear" (not encrypted) on my harddrive. So is there any possibility to decrypt a SQLite-database "on the fly" and read and write data? What algorithm is here the best (maybe AES)? When it's not possible (or very slow), maybe it's better to encrypt every string in the database and decrypt the string when the password was right (so that a user could open the database, but has no clue what all the entrys could mean)?

  Read the article

• Capture DDE Data that is being streamed in to a software

  - by user534391

  Hello, I have a trading software that gets data from the internet. I want to capture that tick data. There is one software that has been made by a local develop which is able to do that and it looks like it uses DDE (NDde.dll, NetSQL.dll). I want to write a custom application that does the same. Any pointers how I can check how the data is being streamed and how to capture that data. I don't think it is encrypted, since the other developer would not have been able to decrypt either. I just need to scan how the software is getting the data. Thank you.

  Read the article

• mysql: encrypting and decrypting data

  - by cbrulak

  Does mysql provide a mechanism for storing and retrieving encrypted data? I don't mean passwords, I mean real strings. I'd like to encrypt a string, store in mysql and then retrieve the decrypted string at a later date. So, I know there is the AES_Encrypt and decrypt functions. But they ask for a key. (which is fine) but I wondering if you call those functions and use your user password as the key. Or something else that is super-simple. Also, is there a simple wrapper for the AES_Encrypt & decrypt functions in Rails? Or do you need to build the query manually?

  Read the article

• Secure login on your domain with Google App Engine

  - by mhost

  Hi, We are starting a very large web based service project. We are trying to decide what hosting environment to use. We would really like to use Google App Engine for scalability reasons and to eliminate the need to deal with servers ourselves. Secure logins/registrations is very important to us, as well as using our own domain. Our target audience is not very computer savvy. For this reason, we don't want to have the users have to sign up with OpenID as this can't be done within our site. We also do not want to force our customers to sign up with Google. As far as I can see, I am out of luck. I am hoping to have a definite answer to this question. Can I have an encrypted login to our site accessed via our domain, without having to send the customers to another site for the login (OpenID/Google). Thanks.

  Read the article

• Web.config encryption/decryption

  - by Akshay

  In my applications we.config file I have a connection string stored. I encrypted it using '---open the web.config file Dim config As Configuration = _ ConfigurationManager.OpenWebConfiguration( _ Request.ApplicationPath) '---indicate the section to protect Dim section As ConfigurationSection = _ config.Sections("connectionStrings") '---specify the protection provider section.SectionInformation.ProtectSection(protectionProvider) '---Apple the protection and update config.Save() Now I can decrypt it using the code Dim config As Configuration = _ ConfigurationManager.OpenWebConfiguration( _ Request.ApplicationPath) Dim section As ConfigurationSection = _ config.Sections("connectionStrings") section.SectionInformation.UnProtectSection() config.Save() I want to know where is the key stored. Also If somehow my web.config file is stolen, will it be possible for him/her to decrypt it using thhe code above.

  Read the article

• Best way to encrypt certain fiels in SQL Server 2008?

  - by Josh

  I'm writing a .net web app that will read and write information to a SQL 2008 backend database. Some of this information will be highly confidential in nature so I want to encrypt certain data elements. I dont want to use TDE or any full-database encryption for performance reasons. My main concern is protecting this sensitive data as a last resort against a SQL injection or even a database server compromise. My question is what is the best way to do this to preserve performance? Is it faster to use the SQL2008 encryption functions such as EncryptByKey, or would it be faster to encrypt and decrypt the data in the .NET web app itself using a symmetric key stored in the secure web.config and store the encrypted values in the DB?

  Read the article

• Custom certificate as proof of transaction

  - by Andy

  I'm developing a site where a user conducts a given transaction and once completed, the user is issued with a 'secure certificate'. The certificate serves as proof of the transaction and the user is able to upload the certificate at a later stage, to view the details of the transaction. At the moment I'm using a custom XML document with encrypted fields. It works perfect, but I would like a standardized approach, such as an X.509 certificate. I'm no encryption expert, but from what I gather, X.509 is more geared towards SSL issued by a CA. Is it possible to create your own valid valid CRT file? As a test, I created a CRT file with the example provided on WikiPedia. However, when I open the file in Windows I get this warning: Invalid Public Key Security Object File - This file is invalid as the following: Security Certificate. Not having much luck here, so time to ask the experts. What direction should I be heading in? Any guidance would be greatly appreciated.

  Read the article

• RSA Encrypt in PHP to decrypt in .NET

  - by user312904

  In PHP I am RSA encrypting a message to be decrypted by .NET application... but I keep getting a "Bad Key" exception from .NET.... For RSA encryption, I am using PEAR class Crypt_RSA- encrypting with the public key (which is a modulus, exponent pair) I get from working encryption system in .NET... I guess the easiest question would be- does "Bad Key" mean it is not able to decrypt the message whatsoever? IE, it is not encrypted correctly? The harder question is- Is there anything specific about RSA encryption that causes quirks between .NET and PHP?

  Read the article

• user model password field default password field in django

  - by imran-glt

  Hi, I've created a custom user model in my application. This user model is working fine, but there are a couple of problems I have with it. 1) The change password link in the my register.html page doesn't work? 2) The default password box on the add/edit page for a user is a little unfriendly. Ideally, what I'd like is the two password fields from the change password form on the add/edit user form in the admin, which will automatically turn convert the entered password into a valid encrypted password in Django. This would make the admin system MUCH friendlier and much more suited to my needs, as a fair number of user accounts will be created and maintained manually in this app, and the person responsible for doing so will likely be scared off at the sight of that admin field, or just type a clear text password and wonder why it doesn't work. Is this possible / How do I do this?

  Read the article

• Authentication for SaaS

  - by josh

  What would be recommended as an authentication solution for a Software-as-a-service product? Specifically, my product would have clients that would typically have low information technology skills, potentially not even having an IT department within their organization. I would still like to have my application authenticate against their internal directory service (eDirectory, Active Directory, etc.). I don't want them, however, to have to open/forward ports (for instance, opening up port 636 so I can do LDAPS binds directly to their directory service). One idea I had was to have an application installed on a server within their organization's network that would backconnect to my service. This would be a persistant socket. When I need to authenticate a user, I send the credentials via the socket (encrypted) - the application then performs a bind/whatever to authenticate against the directory service and replies with OK/FAIL. What would you suggest? My goal here is to essentially have the client install an application within their network, with very little configuration or intervention.

  Read the article

< Previous Page | 40 41 42 43 44 45 46 47 48 49 50 51  | Next Page >