Search Results

Search found 25872 results on 1035 pages for 'document security'.

Page 58/1035 | < Previous Page | 54 55 56 57 58 59 60 61 62 63 64 65 | Next Page >

Opinion on LastPass's security for the Average Joe [closed]

- by Rook

This is borderline on objective/subjective, but I'm posting it here since I'm more interested in objective facts, without going into too much technical details, than I am in user reviews of LastPass. I've always used offline ways for (password / sensitive data) storage, but lately I keep hearing good things about LastPass. Indeed, it is more practical having it always accessible from every computer you're using without syncing and related problems, but the security aspect still troubles me. How (in a nutshell for dummies) does LastPass keep your data secure / can their employees see your data, and what is your opinion for such storage of more than usual keeping of sensitive data (bank PIN codes, some financial / business related stuff and so on - you know, the things that would practically hurt if lost / phished)? What are your opinions of it, and do you trust it for such? Any bad experiences? If someone for example is sniffing your wifi network, would such data be easier than usual to sniff out?

Read the article
'Important security update' for Firefox and flash plugin, but the update cannot be selected

- by geoffrey

[This question has been updated as I now have the same problem with Firefox in addition to flash plugin] The update manager (on Ubuntu 12.04, 64bit) shows an 'important security update' for flashplugin-installer:i386, firefox, and firefox-globalmenu. The update is unticked, and cannot be selected, and therefore cannot be updated (I can update other packages without problems). Actually the flashplugin-installer package does not appear to be installed on my computer (judging from the Software Centre). I can't remember how I installed flash, probably directly from the Adobe website. The updater asks me if I want to do a partial upgrade. When running sudo apt-get update && sudo apt-get upgrade from terminal, I get the following: The following packages have been kept back: firefox firefox-globalmenu flashplugin-installer:i386

Read the article
APress Deal of the Day 10/August/2014 - Pro ASP.NET Web API Security

- by TATWORTH

Originally posted on: http://geekswithblogs.net/TATWORTH/archive/2014/08/10/apress-deal-of-the-day-10august2014---pro-asp.net-web.aspxToday’s $10 Deal of the Day from APress at http://www.apress.com/9781430257820 is Pro ASP.NET Web API Security. “ASP.NET Web API is a key part of ASP.NET MVC 4. It has become the platform of choice for building RESTful services. Securing ASP.NET Web API applications requires a move away from traditional WCF-based techniques in favor of new SOAP-less methods. The evaluation, selection and analysis of these new techniques is the focus of this book.”

Read the article
Framework 4 Features: User Propogation to the Database

- by Anthony Shorten

Once of the features I mentioned in a previous entry was the ability for Oracle Utilities Application Framework V4 to automatically propogate the end user to the database connection. This bears more explanation. In the past releases of the Oracle Utilities Application Framework, all database connections are pooled and shared within a channel of access. So for example, the online connections on the Business Application Server share a common pool of connections and the batch in a thread pool shares a seperate pool of connections. The connections are pooled for performance reasons (the most expensive part of a typical transaction is opening and closing connections so we save time by having them ready beforehand). The idea is that when a business function needs some SQL to be execute it takes a spare connection from the pool, executes the SQL and then returns the connection back to the pool for reuse. Unfortunelty to support the pool being started and ready before the transactions arrives means that you need to have a shared userid (as you dont know the users who need them beforehand). Therefore each connection uses the same database user to execute the SQL it needs. This is acceptable for executing transactions, generally but does not allow the DBA or other tools to ascertain which end user is actually running the transaction. In Oracle Utilities Application Framework V4, we now set the CLIENT_IDENTIFIER to the end userid (not the Login Id) when the connection is taken from the pool and used and reset it back to blank when returned to the pool. The CLIENT_IDENTIFIER is a feature that is present in the Oracle Database connection information. From a monitoring perspective, when a connection to the database is actively running SQL, the end user is now able to be determined by querying the CLIENT_IDENTIFIER on the session object within the database. This can be done in the DBA's favorite monitoring tool (even just some SQL on the v$session table is enough). This has other implications as well. Oracle sells a lot of other security addons to the database and so do third parties. If a site wants to have additional levels of security or auditing in the database then the CLIENT_IDENTIFIER, if supported, is now available to be recorded or used by those products to provide additional levels of security. This facility was one of the highly "nice to haves" that customers would ask us about so we now allow it to be used to allow finer grained monitoring and additional security facilities. Note: This facility is only available for customers using the Oracle Database versions of our products.

Read the article
Oracle Solaris 11.1 Security Lab

- by user12608073

Recently I developed a set of lab exercises for an Oracle OpenWorld Hands On Lab, entitled HOL10201, Reduce Risk with Oracle Solaris Access Control to Restrain Users and Isolate Applications. This explored the new Extended Policy for privilege assignments in Oracle Solaris 11.1. Today, Oracle Solaris 11.1 has been officially released via the Package Repository. Today's release and branch are numbered 0.5.11-0.175.1.0.0.24.2, which means it is based on build 24b of 11.1 which is, in turn, based on build 175a of 11.0. There is a good summary of new features available here: Oracle Solaris 11.1 - What's New . Pages 5 thru 7 give an overview of some of the new security enhancements. There is much more information available in the newly published documentation for Oracle Solaris 11.1. I plan to explore some of these enhancements in a series of blog entries. Meanwhile, I've published a copy of the lab materials, which you can try out with this new release.

Read the article
Week in Geek: New Security Hole Found Just Hours After Latest Java Update Released

- by Asian Angel

Our first edition of WIG for September is filled with news link coverage on topics such as Firefox 16 Beta introduces new command line feature for developers, Google to restore passwords lost using Chrome iOS app, new password stealing malware is targeting Linux & Mac OS X users, and more. Special Note: The title refers to the latest security update of Java just released this past Thursday. Please refer to our article on disabling Java here. Skull and crosshair targeting scope clipart courtesy of Clker.com. HTG Explains: How Windows Uses The Task Scheduler for System Tasks HTG Explains: Why Do Hard Drives Show the Wrong Capacity in Windows? Java is Insecure and Awful, It’s Time to Disable It, and Here’s How

Read the article
Design suggestions for creating document management structure using hidden shares.

- by focus.nz

I need to add some document management functionality into my software. Documents will be grouped by company name and project name. The folders need to be accessed by the application using the id numbers of clients/projects, but also easily browsed by the end user using windows explorer. Clients and Projects will be stored in a database. I am thinking of having the software create the folders using the friendly name and then using a hidden share with the id number for the software to access the files. The folder structure would be something like this --Company 1 (Company-1234$) -- Project 101 (Project-101$) -- Project 102 (Project-102$) -- Project 103 (Project-103$) -- Company 2 (Company-5678$) -- Project 201 (Project-201$) -- Project 202 (Project-202$) -- Project 203 (Project-203$) So in the example above there would be a company called "Company 1" with a ID of "1234". When browsing the folders using windows explorer the user would see \\ServerName\Documents\Company1 and you could also access the same folder from \\ServerName\Documents\Company-1234$ By using the hidden share, if the company name changes or its renamed for some reason it doesn't break the link in the application because its using the hidden shared based on the ID that never changes. Will having hundreds (maybe thousands) or hidden shares on a server provide a huge performance hit? Does any one have any suggestions or alternatives to provide this feature?

Read the article
Panda Antivirus Pro 2012 and Secunia Windows Updater

As with other offerings in the Panda Security portfolio, the core of Panda Antivirus Pro 2012's reliability comes from its innovative Collective Intelligence technology. This security model automatically analyzes, classifies, and fixes the approximately 73,000 files PandaLabs receives on a daily basis to offer users the highest protection possible against malware that is not only known, but also unknown. Best of all, the protection is provided with little impact on system performance to ensure a user-friendly experience. Speaking of user-friendly, Panda Antivirus Pro 2012 is described as the...

Read the article
Why do we need REST service security if we have HTTPS

- by Vangel

I refer to this excellent article http://www.thebuzzmedia.com/designing-a-secure-rest-api-without-oauth-authentication/ which speaks of amazon like security for web service. However I was asked a question in the team of why do we need it if we already use HTTPS. I was unable to answer as it really seems to me they may be right although gut tells me otherwise. Also is there places when providing REST services where HTTPS may not work? Like 3rd party websites? If anyone has experience in securing Web Services over the public interwebs please shed some light with your experience. Thanks in advance. EDIT: To clarify I am not speaking of user authentication but more of client authentication. The user authentication can be assumed to be plain text over HTTPS+ REST. My worry is that this still allows anyone to use the web service without my client to access it since everything is plai text although over HTTPS the client end point can still use my web service without the client application.

Read the article
No keyring secrets found for [ssid] /802-11-wireless-security, ubuntu 12.04

- by acimer

I'm on Ubuntu 12.04 x64bit, installed it couple of days ago. The issue i'm having is this: on startup it connects to my wireless without a problem, but after a while I am disconnected and prompted to enter the key for the wireless network (which is entered - saved) so i just click 'ok', but wireless doesn't connect again. Reseting network manager doesn't help either. Only restart, after which, ubuntu connects to the said wireless without a problem. Terminal outputs this error message: ** Message: No keyring secrets found for cimermanovic /802-11-wireless-security; asking user. cimermanovic is the ssid name. also, here are some error messages that network manager is giving: (nm-applet:31926): GdkPixbuf-CRITICAL **: gdk_pixbuf_scale_simple: assertion `dest_width 0' failed (nm-applet:31693): GdkPixbuf-CRITICAL **: gdk_pixbuf_scale_simple: assertion `dest_width 0' failed (nm-applet:30184): GdkPixbuf-CRITICAL **: gdk_pixbuf_scale_simple: assertion `dest_width 0' failed What should i do to fix this? Thanks!

Read the article
How do I execute a page-defined JavaScript function from a Firefox extension?

- by yuku

Hi, I'm creating a Firefox extension for demo purposes. I to call a specific JavaScript function in the document from the extension. I wrote this in my HTML document (not inside extension, but a page that is loaded by Firefox): document.funcToBeCalled = function() { // function body }; Then, the extension will run this on some event: var document = Application.activeWindow.activeTab.document; document.funcToBeCalled(); However it raises an error saying that funcToBeCalled is not defined. Note: I could get an element on the document by calling document.getElementById(id);

Read the article
Jetzt anmelden: Oracle Database Security Seminare

- by A&C Redaktion

Die Anforderungen an Datensicherheit steigen stetig. Seit mehr als 30 Jahren verfügt Oracle über Kompetenz im Bereich der Informationssicherheit. Wenn es um handfeste Lösungen für die Datensicherheit geht, sind Sie bei uns also in den besten Händen. Nutzen Sie die kostenlosen Database Security Seminare, um sich mit Experten von Oracle und Platinum Partner Trivadis über den Schutz Ihrer IT-Infrastruktur auszutauschen und mehr darüber zu erfahren, wie Sie Schwachstellen erkennen und welche Maßnahmen Ihnen bei der Verbesserung des Sicherheitsstatus Ihres Unternehmens helfen können. Die Plätze sind begrenzt - melden Sie sich gleich online an: 13. Juni 2012, Oracle Geschäftsstelle Hamburg 20. Juni 2012, Oracle Geschäftsstelle Stuttgart

Read the article
Auto convert odt to pdf

- by Gautam K

I am creating a few documents in Libre office and I have to always send them as .pdf. but each and every time I forget to export it as pdf , So is there any way to auto convert the .odt document into pdf every time I save the document ? I have only about 4 docs , I keep making changes on them , So each and every time I make a change and save the odt I need that change to be updated in the corresponding pdf file . Ps : I understand that unoconv can be used to convert via command line but is there a way to automatically do it ? Another Ps : I found out that there is something called inotify and inotify-tools and that can be used to trigger events when a file changes . But I have no idea on how to use it .

Read the article
how to detect keylogger in windows that hooked up key-press?

- by saber tabatabaee yazdi

For security reasons we have to detect all key-loggers and log them in somewhere like windows events. I have piece of C# code that it is very easy to install all clients and up and running every day in system trays and no one can close it. We want to modify that code and send logs to central web service in our network (that this also web service is installed last year and receive and log all another security logs).

Read the article
Is it better to use a relational database or document-based database for an app like Wufoo?

- by mboyle

I'm working on an application that's similar to Wufoo in that it allows our users to create their own databases and collect/present records with auto generated forms and views. Since every user is creating a different schema (one user might have a database of their baseball card collection, another might have a database of their recipes) our current approach is using MySQL to create separate databases for every user with its own tables. So in other words, the databases our MySQL server contains look like: main-web-app-db (our web app containing tables for users account info, billing, etc) user_1_db (baseball_cards_table) user_2_db (recipes_table) .... And so on. If a user wants to set up a new database to keep track of their DVD collection, we'd do a "create database ..." with "create table ...". If they enter some data in and then decide they want to change a column we'd do an "alter table ....". Now, the further along I get with building this out the more it seems like MySQL is poorly suited to handling this. 1) My first concern is that switching databases every request, first to our main app's database for authentication etc, and then to the user's personal database, is going to be inefficient. 2) The second concern I have is that there's going to be a limit to the number of databases a single MySQL server can host. Pretending for a moment this application had 500,000 user databases, is MySQL designed to operate this way? What if it were a million, or more? 3) Lastly, is this method going to be a nightmare to support and scale? I've never heard of MySQL being used in this way so I do worry about how this affects things like replication and other methods of scaling. To me, it seems like MySQL wasn't built to be used in this way but what do I know. I've been looking at document-based databases like MongoDB, CouchDB, and Redis as alternatives because it seems like a schema-less approach to this particular problem makes a lot of sense. Can anyone offer some advice on this?

Read the article
Security settings for this service require 'Basic' Authentication

- by Jake Rutherford

Had an issue calling WCF service today. The following exception was being thrown when service was called:WebHost failed to process a request. Sender Information: System.ServiceModel.ServiceHostingEnvironment+HostingManager/35320229 Exception: System.ServiceModel.ServiceActivationException: The service '/InteliChartVendorCommunication/VendorService.svc' cannot be activated due to an exception during compilation. The exception message is: Security settings for this service require 'Basic' Authentication but it is not enabled for the IIS application that hosts this service..Ensured Basic authentication was indeed enabled in IIS before getting stumped on what actual issue could be. Turns out it was CustomErrors setting. Value was set to "off" vs "Off". Would have expected different exception from .NET (i.e. web.config parse exception) but it works now either way.

Read the article
Good Introductory Books on Writing Secure Software

- by cosmic.osmo

What are some good introductory books about writing secure software? Specifically, one that covers basic strategies and design patterns for writing a secure software and surveys common security vulnerabilities, how they're exploited, and how you can protect against them. Personally, I've picked up bits of security know-how here and there over my career, but now I'd like a more systematic overview.

Read the article
Live Security Talk Webcast: Using Standards-Based Internet Explorer Features to Protect Apps (Level

If you are building mashups and other web applications, what do you need to know to make sure that you are building secure applications that don't expose security vulnerabilities? What do you need to consider when building your applications using features from HTML 5, HTML 4.01, and important features of the browser? Attend this webcast to learn how to use standards-based Windows Internet Explorer features to protect the applications you develop....Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

Read the article
IE HTML Debugger Causing Issues with IE Enhanced Security

- by Damon

In an effort to debug a Silverlight component on a page in SharePoint I opened the Developer Tools in Internet Explorer. After choosing the Find > Select Element by Click option my page refreshed for some reason and a small bar appeared at the top of the page reading: You may be trying to access this site from a secured browser on the server. Please enable scripts and reload this page. After a quick look around the internet, some seemed to be suggesting that you have to disable the Internet Explorer Enhanced Security Configuration (IE ESC) in Server Manager. Since this is one of the very first things I do when creating a VM, I figured the solution did not apply to me. However, I decided to go ahead and enable IE ESC and then disable it again to see if that would fix the problem, and it did. So if you see that error message in IE, the bar and you've already got IE ESC disabled, you can just enable it and disable it to get rid of the bar.

Read the article
Oracle Event: Database Enterprise User Security

- by user12603048

One of the high-value benefits of an integrated Identity and Access Management platform is the ability to leverage a unified corporate directory as the primary authentication source for database access. On July 11, 2012 at 08:00 am PDT, Oracle will host a webcast showing how Enterprise User Security (EUS) can be used to externalize and centrally manage database users in a directory server. The webcast will briefly introduce EUS, followed by a detailed discussion about the various directory options that are supported, including integration with Microsoft Active Directory. We'll conclude how to avoid common pitfalls deploying EUS with directory services. Discussion topics will include Understanding EUS basics Understanding EUS and directory integration options Avoiding common EUS deployment mistakes Make sure to register and mark this date on your calendar! - Click here to register.

Read the article
SharePoint Database security corruption

- by H(at)Ni

Hello, One time I faced an issue where my customer is having an HTTP 500 internal server error while trying to access any SharePoint site. The problem appeared once he moved back and forth with inheriting/breaking inheritance of permissions over different levels in the site collection. "Security corruption in database" sounds very tough for a customer running a production portal with a backup that can make him lose around 3 weeks of valuable data. However, the solution tends not to be that hard, there's an stsadm command that help us detect the corruption and even delete the orphaned items causing the corruption. Follow these steps: a. stsadm -o databaserepair -url http://SITEURL -databasename DBNAME and it returned some orphaned items. b. stsadm -o databaserepair -url http://SITEURL -databasename DBNAME -deletecorruption and it removed the orphaned items. Cheers,

Read the article
Multi Level Security via Roles

- by Geertjan

I'm simulating a small scenario: Users can be dragged into roles; roles can be dragged into role groups. When a drop is made into a role group, a new role is created (WindowManager.getDefault().setRole("")). Then, when the user logs in, they log into a particular role. Depending on the role they log into, a different role group is assigned, which maps to a certain "role" in NetBeans Platform terms, i.e., the related level of security is applied and the related windows open.

Read the article
Content disappearing

- by Koen_vdp

several times now, I've had a document with very large parts of the content simply disappearing. I have Ubuntu (precise pangolin) a few days now. all of the years with windows, I never encountered this-very unpleasant-problem. Anyone knows a solution? Type document: docx; Which Ubuntu: Precise Pangolin LTS. &In the meantime, I'm discovering more & more documents like that with very large parts of the concent just... vanished :-(( A very 'dangereous' situation :-(

Read the article
Cannot reach reach jQuery (in parent document ) from IFRAME

- by Michael Joyner

I have written a backup program for SugarCRM. My program sets a iframe to src=BACKUP.PHP My backup program sends updates to parent window with: echo "<script type='text/javascript'>parent.document.getElementById('file_size').value='".fileSize2human(filesize($_SESSION['archive_file_name']))."';parent.document.getElementById('file_count').value=".$_SESSION['archive_file_count'].";parent.document.getElementById('description').innerHTML += '".$log_entry."\\r\\n';parent.document.getElementById('description').scrollTop = parent.document.getElementById('description').scrollHeight;</script>"; echo str_repeat( ' ', 4096); flush(); ob_flush(); I have added a JQUERY UI PROGRESS BAR and I need to know how I update the progress bar on the parent window. I tried this: $percent_complete = $_SESSION['archive_file_count'] / $_SESSION['archive_total_files']; echo "<script type='text/javascript'>parent.document.jquery('#progressbar').animate_progressbar($percent_complete); </script>"; ......... and get this error in browser. Uncaught TypeError: Object [object HTMLDocument] has no method 'jquery' HOW CAN I UPDATE THE PROGRESS BAR IN PARENT DOCUMENT FROM THE IFRAME?

Read the article
Microsoft Office document is "locked for editing by 'another user'"

- by Chris

A few of my users are in and out of various Excel 2007 spreadsheets all day. One of them reports that "50% of the time" she tries to open a spreadsheet from the file server, an information message comes up stating: foo.xlsx is locked for editing by 'another user'. Open "Read-Only" or click "Notify" to open read-only and receive notification when the document is no longer in use. Nine times out of ten the document is not open by another user. My users immediately try to open the same document again, and it works. I imagine this is caused by Excel leaving owner files on the server, but I do not know why. An added clue: When one of my users selects "Notify," a dialog pops up in a moment informing them the file is available for them to edit. Any guidance on how to solve this issue and make my users' days flow better?

Read the article

< Previous Page | 54 55 56 57 58 59 60 61 62 63 64 65 | Next Page >