Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 469/886 | < Previous Page | 465 466 467 468 469 470 471 472 473 474 475 476  | Next Page >

• Test descriptions/name, say what the test is? or what it means when it fails?

  - by xenoterracide

  The API docs for Test::More::ok is ok($got eq $expected, $test_name); right now in one of my apps I have $test_name print what the test is testing. So for example in one of my tests I have set this to 'filename exists'. What I realized after I got a bug report recently, and realized that the only time I ever see this message is when the test is failing, if the test is failing that means the file doesn't exist. In your opinion, do you think these $test_name's should say what the test means if successful? what it means if it failed? or do you think it should say something else? please explain why?

  Read the article

• Transition to new site

  - by James Hill

  I'm almost finished rewriting the website for a non-profit organization. The existing site receives ~5,000 a month. The new site is being written in ASP.Net and the existing site is PHP. The current hosting provider does not support .Net hosting, so I'll be switching providers. My question revolves around the transition from the old site to the new. I would really like to get the new site up at the new hosting provider and do thorough testing before changing the DNS records for the domain. Question: How can I put the new site up, test it, make any changes/additions necessary before updating the domain DNS to point to the new IP without Google indexing the content? Also, what SEO repercussions should I be aware of when making such a drastic change to the content that exists under the domain name?

  Read the article

• How should I practice web server administration?

  - by Astyanax

  Security students can practice their skills with software like OWASP's webgoat or something similar to "hackthissite". Students interested in Operating Systems can study MINIX and PintOS, write shell scripts or study POSIX system calls. What would be the best course of action in order to practice Server Administration? Is there any such software/resource available, teaching you such skills with small lessons, or it is totally up to you? I've practiced live FreeBSD server administration and management of VMs (CentOS, Gentoo, Debian) under VirtualBox, but I always feel that this isn't enough and I must push myself harder. So, what would you recommend? What has worked for you?

  Read the article

• HTML5-Canvas: worth using ImpactJS or other framework?

  - by John

  I've been making an HTML5 game without any type of external framework. I haven't found a reason to use one so far. However, there is one thing I'm wondering about. On my Galaxy Nexus, I get about ~40fps. While that would usually be a decent framerate, my game is a rather fast paced game with a gamepad. Because of this, it feels very unsatisfying to play when not capped at 60fps. Are there frameworks out there that can improve performance without toning down on graphics? Or is there something I could do myself without necessarily having to use a framework? I've looked over the basic things such as sticking to integer coordinates, but I didn't see an increase in performance whatsoever? I did some testing with jsperf and results were virtually identical. Does this depend more on the browser?

  Read the article

• Video: Hardcore production debugging in .NET Ingo Rammer

  I got Ingo Rammers permission to post this video of one of his Teched EMEA 2008 talks its about hardcore production debugging, and its a wonderful talk. I highly recommend you watch it. Also you should consider getting the book Advanced .NET Debugging its wonderful (though pretty advanced!) FYI, you can find many other .NET and unit testing videos here. ...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

  Read the article

• Silverlight XAP Signing Certificate promotion from Thawte

  And the offers keep coming in! Another one of our key partners for testing XAP signing for trusted applications was Thawte. Their group helped provide us with valid certificates to verify their process and signing worked as expected (and verified) for Silverlight 4. Today I just got an email from their marketing department that they would like to offer Silverlight developers a discount on Thawte code-signing certificates to $89 for a 1-yearabout 70% off their current rate. Thats pretty amazing of...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

  Read the article

• SilverlightShow for 13-19 Dec 2010

  - by Dave Campbell

  I still haven't updated my friends at SilverlightShow, but I have their list from last week. Check out the Top Five most popular news at SilverlightShow for last week (13 - 19 Dec 2010). First place for the past week takes the post about Mahesh Sabnis' sample Line-Of-Business app using Silverlight 4. A lot of clicks and downloads got also the recording of SilverlightShow webinar 'Building an end-to-end Silverlight 4 Application' presented by Gill Cleeren on Dec 15th. Here is SilverlightShow's weekly top 5: Line of Business (LOB) Application using Silverlight 4, WCF 4, EF 4 and Commanding Architecture Recording, Demos and Slides of the Webinar 'Build an End-to-end Silverlight 4 Application' SilverlightShow Content Updating to Silverlight 4 Free Webcam Photo Application in Silverlight Unit testing MVVM in Silverlight - SDN Event-Code and Slides Visit and bookmark SilverlightShow. Stay in the 'Light

  Read the article

• Is hierarchical product backlog a good idea in TFS 2012-2013?

  - by Matías Fidemraizer

  I'd like to validate I'm not in the wrong way. My team project is using Visual Studio Scrum 2.x. Since each area/product has a lot of kind of requirements (security, user interface, HTTP/REST services...), I tried to manage this creating "parent backlogs" which are "open forever" and they contain generic requirements. Those parent backlogs have other "open forever" backlogs, and/or sprint backlogs. For example: HTTP/REST Services (forever) ___ Profiles API (forever) ________ POST profile (forever) _______________ We need a basic HTTP/REST profiles' API to register new user profiles (sprint backlog) Is it the right way of organizing the product backlog? Note: I know there're different points of view and that would be right for some and wrong for others. I'm looking for validation about if this is a possible good practice on TFS with Visual Studio Scrum.

  Read the article

• Is it possible for a web-server to send more files than requested for, and have the browser accept them?

  - by Osiris

  I've created a basic web server for a school project, and it serves static content without a problem. I thought of having the server parse all htm/html files for links to .js/.css/image files, and send these files to the client without these files being requested by the client later. eg. The browser requests: index.htm The server responds with intex.htm and image.jpg I modified the server to send two distinct http responses for a "GET /index.html HTTP1.1" (one for the html page and one for the image), but the browser ended up requesting the image when it was good and ready. Is there any way to bypass this? (use a multipart response, perhaps) Will these files be accepted by most browsers, or will they be rejected for security reasons?

  Read the article

• Azure

  - by Grant Fritchey

  I've been tasked to learn SQL Azure, as well as test all the Red Gate products on it. My one, BIG, fear has been that I'll receive some mongo bill in the mail because I've exceeded the MSDN testing limit. I know people that have had that problem. I've been trying to keep an eye on my usage, but, let's face it, it's not something I think about every day. But now I don't have to. Red Gate has been working with Azure, long before I showed up. They already released a little piece of software that I just found out about, it's called CloudTally. It gathers your usage and sends you a daily email so you can know if you're starting to approach that limit. Check it out, it's free.

  Read the article

• Lubuntu 12.04 is a non-LTS release - does this mean that LXDE isn't, either?

  - by MHC

  Lubuntu 12.04 is not a long-term-support release. That's mostly due to a lack of manpower. But I don't use Lubuntu on my machine, I use LXDE over stock Ubuntu 12.04 LTS. So my question is: In the next five years, will there be security updates and bug fixes for LXDE-packages such as Openbox, PCmanFM and LXsession? Or does the "LTS" in 12.04 LTS only include stock Unity packages? I guess this question is just as relevant for any other DE out there.

  Read the article

• Why "Fork me on github"?

  - by NoBugs

  I understand how Github works, but one thing I've been confused about is, why almost every OSS project lately has a "Fork me on Github" link on their homepage. For example, http://jqtjs.com/, http://www.daviddurman.com/flexi-color-picker/, and others. Why is this so common? Is it that they want/need code validation, checking for security/performance improvements that they may not know how to do? Is it meant to show that this is a collaborative project - you're welcome to add improvements? Do they work for Github, or want to promote their service? Oddly enough, I don't think I've seen a "Fork project on Bitbucket" logo recently. My first reaction to that logo was that the project probably needs to be modified (forked) in order to integrate it with anything useful - or that they are encouraging fragmented codebase, encouraging everyone to make their own fork of the project. But I don't think that is the intent.

  Read the article

• PHP accessible shared content between two websites on the same VPS on different domains/IPs

  - by Lee Fentress

  I have two ecommerce websites, selling music digital downloads, on the same VPS, currently using cPanel/WHM (but thinking of switching to Virtualmin). They have separate domains and IPs of course. They both share from the same set of music files, so I have duplicate copies in each website directory, which takes up a lot of disk space. How might I go about sharing the same set of music files across both sites, allowing PHP access, so that it does not break my shopping cart's functionality of serving customers the downloads after they have paid for them? I thought of maybe using symlinks or something, but I don't know if it's possible, or if it would have to somehow circumvent built-in security features of the server. I'm new to VPS management.

  Read the article

• Can it be useful to build an application starting with the GUI?

  - by Grant Palin

  The trend in application design and development seems to be starting with the "guts": the domain, then data access, then infrastructure, etc. The GUI seems to usually come later in the process. I wonder if it could ever be useful to build the GUI first... My rationale is that by building at least a prototype GUI, you gain a better idea of what needs to happen behind the scenes, and so are in a better position to start work on the domain and supporting code. I can see an issue with this practice in that if the supporting code is not yet written, there won't be much for the GUI layer to actually do. Perhaps building mock objects or throwaway classes (somewhat like is done in unit testing) would provide just enough of a foundation to build the GUI on initially. Might this be a feasible idea for a real project? Maybe we could add GDD (GUI Driven Development) to the acronym stable...

  Read the article

• Webcast: Moving Client/Server and .NET Applications to Windows Azure Cloud

  - by Webgui

  The Cloud and SaaS models are changing the face of enterprise IT in terms of economics, scalability and accessibility . Visual WebGui Instant CloudMove transforms your Client / Server application code to run natively as .NET on Windows Azure and enables your Azure Client / Server application to have a secured-by-design plain Web or Mobile browser based accessibility. Itzik Spitzen VP of R&D, Gizmox will present a webcast on Microsoft Academy on Tuesday 8 March at 8am (USA Pacific Time) explaining how VWG bridges the gap between Client/Server applications’ richness, performance, security and ease of development and the Cloud’s economics & scalability. He will then introduce the unique migration and modernization tools which empower customers like Advanced Telemetry, Communitech, and others, to transform their existing Client/Server business application to a native Web Applications (Rich ASP.NET) and then deploy it on Windows Azure which allows accessibility from any browser (or mobile if desired by the customer). Registration page on Microsoft Academy: https://www.eventbuilder.com/microsoft/event_desc.asp?p_event=1u19p08y

  Read the article

• How to change screen resolution in slick2d?

  - by SystemNetworks

  I released my game for testing for both windows and mac. I'm using mac as my development workspace. My friends uses windows and the window was to big. I created a 1000*1500 Screen window. I can change the window size but that means I have to re-do all my sprite sheets again with smaller sheets. I don't want to this again but is there a way which I can make the window smaller without changing the size of my sprite and changing co-ordinates of the mouse clicks?

  Read the article

• Unified Communications Suite Ships New Version

  - by joesciallo

  We shipped the latest version (7.0.5.0.0) of Unified Communications Suite. The following information should get you started: Get the Software New Features Release Notes Some Changes for 7.0.5.0.0 Convergence: Version 3.0.0.0.0 enables you to use the add-on framework to add third-party services to the Convergence UI. These services include: Advertising Click-to-call service Multinetwork IM SMS (both one-way and two-way) Social media applications (Facebook, Twitter, and Flickr) Video and voice calling capability For more information, see Overview of Add-on Services in Convergence. Calendar Server: Version 7.0.4.14.0 provides a number of security enhancements, including supporting the SSL protocol for all front-end and back-end communications, and the ability to list hosts that are allowed to send iSchedule POST requests. For more information, see Securing Communications to Calendar Server Back Ends. New Platform Support: Oracle GlassFish Server 3, Oracle Solaris 11, and Oracle Enterprise Linux 6.x are supported in this release of Communications Suite.

  Read the article

• Multiple vulnerabilities in Thunderbird

  - by chandan

  CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-2372 Permissions, Privileges, and Access Controls vulnerability 3.5 Thunderbird Solaris 11 11/11 SRU 2 Solaris 10 Contact Support CVE-2011-2995 Denial Of Service (DoS) vulnerability 10.0 CVE-2011-2997 Denial Of Service (DoS) vulnerability 10.0 CVE-2011-2998 Denial Of Service (DoS) vulnerability 10.0 CVE-2011-2999 Permissions, Privileges, and Access Controls vulnerability 4.3 CVE-2011-3000 Improper Control of Generation of Code ('Code Injection') vulnerability 4.3 CVE-2011-3001 Permissions, Privileges, and Access Controls vulnerability 4.3 CVE-2011-3005 Denial Of Service (DoS) vulnerability 9.3 CVE-2011-3232 Improper Control of Generation of Code ('Code Injection') vulnerability 9.3 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

  Read the article

• How does session middleware generally verify browser sessions?

  - by BBnyc

  I've been using session middleware to build web apps for years: from PHP's built-in session handling layer to node's connect session middleware. However, I've never tried (or needed) to roll my own session handling layer. How would one go about it? What sort of checks are necessary to provide at least some modicum of security against HTTP session highjacking? I figure setting a cookie with a token to keep track of the session, and then perhaps some check to see that the originating IP address of the session doesn't change and that the client browser software remains consistent. Hoping to hear about current best-practices...

  Read the article

• Public Cloud, co-location and managed services ... what is the cloud?

  - by llaszews

  Recently I have had conversation with a number of people that are selling and implementing 'cloud' solutions. I put cloud in quotes as implementations like co-location (aka co-lo) and managed services (sometimes referred to as 'your mess for less') have become popular options for companies moving to the cloud. These are obviously not pure public cloud offerings and probably more of hybrid cloud implementations as the infrastructure (PasS and IaaS)is dedicated to a specific customer. This eliminates the security, multi-tenancy, performance and other concerns that companies have regarding public cloud. Are co-location and managed services cloud to you? Are they something your company is considering when you think about cloud ?

  Read the article

• How can I detect and delete all lost configuration folders?

  - by Takkat

  Over the time there is an increasing number of hidden .configuration folders in my home folder. Many of these come from applications I only installed for testing or from applications that I don't use any more. I would not mind really but these folders do clutter my home, and worse than that sum up to as much as 80 GBytes by now. As there are also applications I never heard of (at least I can't remember I had installed them) I hesitate to delete them. Is there a way to find out which folders came from purged applications? May there even be a way to auto-remove a configuration folder when purging (not removing) the application that created it?

  Read the article

• Rapid Application Development, good, bad or ugly?

  - by chrisw

  I have been working for such a shop for the past three years and I know deep down it cannot be like this everywhere. When I think of Rapid Application Development I immediately think programming without fore-thought. For example, when my company decides to come out with a new product, they don't do any type of relationship mapping, no ER diagrams, no round table discussions on expandability. No, the senior developer that ends up working on the product puts together a screen shot walk-through of the application to show to the client. Once the client signs off on the project work is underway by the senior developer. Now you have a senior developer (I use that term "senior" loosely) coding the application in under a week with no unit testing. Well I guess the good to this is it keeps programmers employed due to the enormous amount of unforeseen "features" in the newly created application. Have any of you dealt with a company like this? If you did how did you preserve your sanity?

  Read the article

• Is it costly to leave the Console and Script features enabled in Firebug?

  - by parisminton

  For some time now, I've run Firebug constantly enabled to do quick DOM inspections, leaving the Console and Script panels disabled. I'm just starting to use these two features so I don't have to keep using alerts for testing and debugging. I enable them while I use them and turn them back off when I'm done. I'd like to know if these particular features can slow things down such that they shouldn't be left on round-the-clock. Like do they slow down page loads, use inordinate chunks of memory or something? I don't see anything about it in the Firebug wiki.

  Read the article

• WMemoryProfiler is Released

  - by Alois Kraus

  What is it? WMemoryProfiler is a managed profiling Api to aid integration testing. This free library can get managed heap statistics and memory usage for your own process (remember testing) and other processes as well. The best thing is that it does work from .NET 2.0 up to .NET 4.5 in x86 and x64. To make it more interesting it can attach to any running .NET process. The reason why I do mention this is that commercial profilers do support this functionality only for their professional editions. An normally only since .NET 4.0 since the profiling API only since then does support attaching to a running process. This thing does differ in many aspects from “normal” profilers because while profiling yourself you can get all objects from all managed heaps back as an object array. If you ever wanted to change the state of an object which does only exist a method local in another thread you can get your hands on it now … Enough theory. Show me some code /// <summary> /// Show feature to not only get statisics out of a process but also the newly allocated /// instances since the last call to MarkCurrentObjects. /// GetNewObjects does return the newly allocated objects as object array /// </summary> static void InstanceTracking() { using (var dumper = new MemoryDumper()) // if you have problems use to see the debugger windows true,true)) { dumper.MarkCurrentObjects(); Allocate(); ILookup<Type, object> newObjects = dumper.GetNewObjects() .ToLookup( x => x.GetType() ); Console.WriteLine("New Strings:"); foreach (var newStr in newObjects[typeof(string)] ) { Console.WriteLine("Str: {0}", newStr); } } } … New Strings: Str: qqd Str: String data: Str: String data: 0 Str: String data: 1 … This is really hot stuff. Not only you can get heap statistics but you can directly examine the new objects and make queries upon them. When I do find more time I can reconstruct the object root graph from it from my own process. It this cool or what? You can also peek into the Finalization Queue to check if you did accidentally forget to dispose a whole bunch of objects … /// <summary> /// .NET 4.0 or above only. Get all finalizable objects which are ready for finalization and have no other object roots anymore. /// </summary> static void NotYetFinalizedObjects() { using (var dumper = new MemoryDumper()) { object[] finalizable = dumper.GetObjectsReadyForFinalization(); Console.WriteLine("Currently {0} objects of types {1} are ready for finalization. Consider disposing them before.", finalizable.Length, String.Join(",", finalizable.ToLookup( x=> x.GetType() ) .Select( x=> x.Key.Name)) ); } } How does it work? The W of WMemoryProfiler is a good hint. It does employ Windbg and SOS dll to do the heavy lifting and concentrates on an easy to use Api which does hide completely Windbg. If you do not want to see Windbg you will never see it. In my experience the most complex thing is actually to download Windbg from the Windows 8 Stanalone SDK. This is described in the Readme and the exception you are greeted with if it is missing in much greater detail. So I will not go into this here.   What Next? Depending on the feedback I do get I can imagine some features which might be useful as well Calculate first order GC Roots from the actual object graph Identify global statics in Types in object graph Support read out of finalization queue of .NET 2.0 as well. Support Memory Dump analysis (again a feature only supported by commercial profilers in their professional editions if it is supported at all) Deserialize objects from a memory dump into a live process back (this would need some more investigation but it is doable) The last item needs some explanation. Why on earth would you want to do that? The basic idea is to store in your live process some logging/tracing data which can become quite big but since it is never written to it is very fast to generate. When your process crashes with a memory dump you could transfer this data structure back into a live viewer which can then nicely display your program state at the point it did crash. This is an advanced trouble shooting technique I have not seen anywhere yet but it could be quite useful. You can have here a look at the current feature list of WMemoryProfiler with some examples.   How To Get Started? First I would download the released source package (it is tiny). And compile the complete project. Then you can compile the Example project (it has this name) and uncomment in the main method the scenario you want to check out. If you are greeted with an exception it is time to install the Windows 8 Standalone SDK which is described in great detail in the exception text. Thats it for the first round. I have seen something more limited in the Java world some years ago (now I cannot find the link anymore) but anyway. Now we have something much better.

  Read the article

• 6 Ways To Secure Your Dropbox Account

  - by Chris Hoffman

  Dropbox is a hugely popular cloud storage service beloved by many. Unfortunately, it’s had a history of security problems, ranging from compromised accounts to once allowing access to every Dropbox account without requiring a password for several hours. If you’re using Dropbox, there are a variety of ways you can secure your account against unauthorized access and protect your files even if someone does gain access to your account. Why Does 64-Bit Windows Need a Separate “Program Files (x86)” Folder? Why Your Android Phone Isn’t Getting Operating System Updates and What You Can Do About It How To Delete, Move, or Rename Locked Files in Windows

  Read the article

< Previous Page | 465 466 467 468 469 470 471 472 473 474 475 476  | Next Page >