Easiest way to change document root for XAMPP(Linux)
- by alfredwesterveld
The easiest way to change document root from /opt/lampp/htdocs to /home/alfred/htdocs for XAMPP(linux) in a step by step guide?
Search Results
Search found 25872 results on 1035 pages for 'document security'.
Page 65/1035 | < Previous Page | 61 62 63 64 65 66 67 68 69 70 71 72 | Next Page >
-
-
Word document has very strange "hidden" formating after converting from PDF to .docx
- by Celeritas
I have a PDF document with my resume which I need to edit. I used this service to convert it to doc. I opened it in Word 2010 and saved it as .docx. There are some bizzare problems where there's empty space and if you try to delete it text gets shifted into vertical columns. How can I fix this? I'm afraid this document has a lot of private information and I can't just fill in dummy text, then the formatting gets even more messed up :/ Otherwise I'd post screen shots.Read the article
-
Identify "Composite Document File"
- by Steven
In a folder containing several PowerPoint Presentations and Spreadsheets, I discovered the following file: Name: ppt115.tmp Size: 160 MB Meta: No EXIF or other metadata Type: (as identified by the cygwin / linux program 'file') Composite Document File V2 Document, No summary info Notes: The filename does not correspond to other files in the directory. Neither MS Power Point nor Excel can open the file. MS Word will only attempt to recover text. Please help me identify this file. Is it just a temporary file that I can safely remove?Read the article
-
I want to remove all images from my word document without losing the data formatting
- by Chella
Can any body help me, in this regard. I just want to remove all the images in my word document. I have about 365 pages document, in which there are images in almost all pages. I can not delete one by one. I can save it in .txt format but I will lose the formatting of the data. Is there any other way to get this. any help would be greatly appreciated. Thanks in advance. Let me know if you people need more clarification on this.Read the article
-
Save Usercredentials permanently without prompt when opening Document from Webdavserver
- by cpt.oneeye
i am opening a word document from a url like https://myurl.com/mydoc.doc. The Webdavserver uses Basic Authentication. At the beginning the Office 2003 is asking for the Username and Password. After i have typed them in I click the checkbox "Save Usercredentials" and the word is opened. When i open the document the next time the login prompt is appearing again (username and passwort are already set in the textfields and I only have to click "Ok"). Is it possible to avoid this one click and make office not show this prompt at all after the first login? Greetings KlausRead the article
-
View Security Server and Direct Connection
- by Poort443
I have a Security Server for my connections from the Internet. This works fine, accept when I enable "Direct Connection to the desktop". I found the following statement on this: If you bypass the secure connection, the client must establish a direct RDP communication to the desktop virtual machine over RDP (port 3389). Does this mean I have to open 3389 (RDP) to the Internet if I want to use Direct Connections? If I disable Direct Connections to get my Security Server working, I have to disable it on my Connection Server. It's my understanding that this means that if I reboot my Connection Server, all the View clients get disconnected. Is there a way I can disable "Direct Connections" for the Security Server, while enabling it for access from the LAN? Tia.Read the article
-
Google document does not print correctly on Mac 10.7.5 using Chrome
- by Android Addict
When attempting to print a Google document, the header does not get printed at all and the text starts almost in the center of the page - cutting off almost half of the text in the printable area horizontally. The vertical alignment appears fine, with the exception of hte missing header. I have searched the product forums at Google, but they are virtually unusable. Endless threads without a solution! For reference, the document prints fine from Windows XP using Chrome. I can also print from other applications on the Mac without issue - so I am thinking it's a Google doc issue at this point.Read the article
-
SharePoint Web Part Constructor Fires Twice When Adding it to the Page (and has a different security
- by Damon
We had some exciting times debugging an interesting issue with SharePoint 2007 Web Parts. We had some code in staging that had been running just fine for weeks and had not been touched or changed in about the same amount of time. However, when we tried to move the web part into a different staging environment, the part started throwing a security exception when we tried to add it to a page. After a bit of debugging, we determined that the web part was throwing the exception while trying to access the SPGroups property on the SharePoint site. This was pretty strange because we were logged in as an admin and the code was working perfectly fine before. During the debugging process, however, we found out that the web part constructor was being fired twice. On one request, the security context did not seem to have everything it needed in order to run. On the other request, the security context was populated with the user context with the user making the request (like it normally is). Moving the security code outside of the constructor seems to have fixed the issue. Why the discrepancy between the two staging environments? Turns out we deployed the part originally, then deployed an update with the security code. Since the part was never "added" to the page after the code updates were made (we just deployed a new assembly to make the updates), we never saw the problem. It seems as though the constructor fires twice when you are adding the web part to the page, and when you run the web part from the web part gallery. My only thought on why this would occur is that SharePoint is instantiating an instance to get some information from it - which is odd because you would think that would happen with reflection without requiring a new object. Anyway, the work around is to just not put anything security related inside the constructor, or to do a good job accounting for the possibility of the security context not being present if you are adding the item to the page. Technorati Tags: SharePoint,.NET,Microsoft,ASP.NETRead the article
-
YouTube API Security Error Flex
- by 23tux
Hi, I've tried to use the YoutTube API within a Flex project. But i got this error: *** Security Sandbox Violation *** SecurityDomain 'http://www.youtube.com/apiplayer?version=3' tried to access incompatible context 'file:///Users/YouTubePlayer/bin-debug/YouTubePlayer.html' Here are the two files: <?xml version="1.0" encoding="utf-8"?> <s:Application xmlns:fx="http://ns.adobe.com/mxml/2009" xmlns:s="library://ns.adobe.com/flex/spark" xmlns:mx="library://ns.adobe.com/flex/halo" minWidth="1024" minHeight="768" xmlns:youtube="youtube.*" creationComplete="init();"> <fx:Script> <![CDATA[ [Bindable] private var ready:Boolean = true; private function init():void { Security.allowInsecureDomain("*"); Security.allowDomain("*"); Security.allowDomain('www.youtube.com'); Security.allowDomain('youtube.com'); Security.allowDomain('s.ytimg.com'); Security.allowDomain('i.ytimg.com'); } private function changing():void { /* trace("currentTime: " + player.getCurrentTime()); trace("startTime: " + player.startTime); trace("stopTime: " + player.stopTime); timeSlider.value = player.getCurrentTime() */ } private function startPlaying():void { player.play(); } private function checkStartSlider():void { if(startSlider.value > stopSlider.value) stopSlider.value = startSlider.value + 1; } private function checkStopSlider():void { if(stopSlider.value < startSlider.value) startSlider.value = stopSlider.value - 1; } ]]> </fx:Script> <s:VGroup> <youtube:Player id="player" videoID="DVFvcVuWyfE" change="changing();" ready="ready=true"/> <s:HGroup> <s:Button label="play" click="startPlaying();" /> </s:HGroup> <s:HGroup> <s:HSlider id="timeSlider" width="250" minimum="0" maximum="{player.stopTime}" snapInterval=".01" enabled="{ready}"/> <s:Label id="currentTimeLbl" text="current time: 0" /> </s:HGroup> <s:HGroup> <s:HSlider id="startSlider" width="250" minimum="0" maximum="{player.stopTime}" snapInterval=".01" change="checkStartSlider();" enabled="{ready}" value="0"/> <s:Label id="startTimeLbl" text="start time: {player.startTime}" /> </s:HGroup> <s:HGroup> <s:HSlider id="stopSlider" width="250" minimum="0" maximum="{player.stopTime}" snapInterval=".01" change="checkStopSlider();" enabled="{ready}" value="{player.stopTime}"/> <s:Label id="stopTimeLbl" text="stop time: {player.stopTime}" /> </s:HGroup> </s:VGroup> </s:Application> Here is the player package youtube { import flash.display.Loader; import flash.events.Event; import flash.events.TimerEvent; import flash.net.URLRequest; import flash.system.Security; import flash.utils.Timer; import mx.core.UIComponent; [Event(name="change", type="flash.events.Event")] [Event(name="ready", type="flash.events.Event")] public class Player extends UIComponent { private var player:Object; private var loader:Loader; private var _startTime:Number = 0; private var _stopTime:Number = 0; private var _videoID:String; private var metadataTimer:Timer = new Timer(200); private var playTimer:Timer = new Timer(200); public function Player() { // The player SWF file on www.youtube.com needs to communicate with your host // SWF file. Your code must call Security.allowDomain() to allow this // communication. Security.allowInsecureDomain("*"); Security.allowDomain("*"); // This will hold the API player instance once it is initialized. loader = new Loader(); loader.contentLoaderInfo.addEventListener(Event.INIT, onLoaderInit); loader.load(new URLRequest("http://www.youtube.com/apiplayer?version=3")); } private function onLoaderInit(event:Event):void { addChild(loader); loader.content.addEventListener("onReady", onPlayerReady); loader.content.addEventListener("onError", onPlayerError); loader.content.addEventListener("onStateChange", onPlayerStateChange); loader.content.addEventListener("onPlaybackQualityChange", onVideoPlaybackQualityChange); } private function onPlayerReady(event:Event):void { // Event.data contains the event parameter, which is the Player API ID trace("player ready:", Object(event).data); // Once this event has been dispatched by the player, we can use // cueVideoById, loadVideoById, cueVideoByUrl and loadVideoByUrl // to load a particular YouTube video. player = loader.content; // Set appropriate player dimensions for your application player.setSize(0, 0); } private function onPlayerError(event:Event):void { // Event.data contains the event parameter, which is the error code trace("player error:", Object(event).data); } private function onPlayerStateChange(event:Event):void { // Event.data contains the event parameter, which is the new player state trace("player state:", Object(event).data); } private function onVideoPlaybackQualityChange(event:Event):void { // Event.data contains the event parameter, which is the new video quality trace("video quality:", Object(event).data); } [Bindable] public function get videoID():String { return _videoID; } public function set videoID(value:String):void { _videoID = value; } [Bindable] public function get stopTime():Number { return _stopTime; } public function set stopTime(value:Number):void { _stopTime = value; } [Bindable] public function get startTime():Number { return _startTime; } public function set startTime(value:Number):void { _startTime = value; } public function play():void { if(_videoID!="") { player.loadVideoById(_videoID, 0); // add the event listener, so that all 200 milliseconds is an event dispatched metadataTimer.addEventListener(TimerEvent.TIMER, metadataTimeHandler); // if the timer is running, stop and reset it if(metadataTimer.running) metadataTimer.reset(); else metadataTimer.start(); } } private function metadataTimeHandler(e:TimerEvent):void { if(player.getDuration() > 0) { startTime = 0; stopTime = player.getDuration(); metadataTimer.reset(); metadataTimer.stop(); metadataTimer.removeEventListener(TimerEvent.TIMER, metadataTimeHandler); player.playVideo(); playTimer.addEventListener(TimerEvent.TIMER, playTimerHandler); dispatchEvent(new Event("ready")); } } private function playTimerHandler(e:TimerEvent):void { if(getCurrentTime() > _stopTime) { seekTo(startTime); } dispatchEvent(new Event(Event.CHANGE)); } public function getCurrentTime():Number { if(!player.getCurrentTime()) return 0; else return player.getCurrentTime(); } public function seekTo(time:uint):void { player.seekTo(time); } } } Hope someone can help. thx, tuxRead the article
-
Securing Flexfield Value Sets in EBS 12.2
- by Sara Woodhull
Release 12.2 includes a new feature: flexfield value set security. This new feature gives you additional options for ensuring that different administrators have non-overlapping responsibilities, which in turn provides checks and balances for sensitive activities. Separation of Duties (SoD) is one of the key concepts of internal controls and is a requirement for many regulations including: Sarbanes-Oxley (SOX) Act Health Insurance Portability and Accountability Act (HIPAA) European Union Data Protection Directive. Its primary intent is to put barriers in place to prevent fraud or theft by an individual acting alone. Implementing Separation of Duties requires minimizing the possibility that users could modify data across application functions where the users should not normally have access. For flexfields and report parameters in Oracle E-Business Suite, values in value sets can affect functionality such as the rollup of accounting data, job grades used at a company, and so on. Controlling access to the creation or modification of value set values can be an important piece of implementing Separation of Duties in an organization. New Flexfield Value Set Security feature Flexfield value set security allows system administrators to restrict users from viewing, adding or updating values in specific value sets. Value set security enables role-based separation of duties for key flexfields, descriptive flexfields, and report parameters. For example, you can set up value set security such that certain users can view or insert values for any value set used by the Accounting Flexfield but no other value sets, while other users can view and update values for value sets used for any flexfields in Oracle HRMS. You can also segregate access by Operating Unit as well as by role or responsibility.Value set security uses a combination of data security and role-based access control in Oracle User Management. Flexfield value set security provides a level of security that is different from the previously-existing and similarly-named features in Oracle E-Business Suite: Function security controls whether a user has access to a specific page or form, as well as what operations the user can do in that screen. Flexfield value security controls what values a user can enter into a flexfield segment or report parameter (by responsibility) during routine data entry in many transaction screens across Oracle E-Business Suite. Flexfield value set security (this feature, new in Release 12.2) controls who can view, insert, or update values for a particular value set (by flexfield, report, or value set) in the Segment Values form (FNDFFMSV). The effect of flexfield value set security is that a user of the Segment Values form will only be able to view those value sets for which the user has been granted access. Further, the user will be able to insert or update/disable values in that value set if the user has been granted privileges to do so. Flexfield value set security affects independent, dependent, and certain table-validated value sets for flexfields and report parameters. Initial State of the Feature upon Upgrade Because this is a new security feature, it is turned on by default. When you initially install or upgrade to Release 12.2.2, no users are allowed to view, insert or update any value set values (users may even think that their values are missing or invalid because they cannot see the values). You must explicitly set up access for specific users by enabling appropriate grants and roles for those users.We recommend using flexfield value set security as part of a comprehensive Separation of Duties strategy. However, if you choose not to implement flexfield value set security upon upgrading to or installing Release 12.2, you can enable backwards compatibility--users can access any value sets if they have access to the Values form--after you upgrade. The feature does not affect day-to-day transactions that use flexfields. However, you must either set up specific grants and roles or enable backwards compatibility before users can create new values or update or disable existing values. For more information, see: Release 12.2 Flexfield Value Set Security Documentation Update for Patch 17305947:R12.FND.C (Document 1589204.1) R12.2 TOI: Implement and Use Application Object Library (AOL) - Flexfields Security and Separation of Duties for Value Sets (recorded training)Read the article
-
Software Design and documentation – what do people use that has proved valuable?
- by eddyparkinson
When creating software, what do you use to design, document and visualize. Looking for evidence/examples. e.g. Use cases, Pseudo code, Gantt chats, PERT charts, DFD, decision trees, decision tables (Answers maybe used to help teach students) What do you use to help with creating software. Also why; when has it proved valuable? --- Edit -- Proved valuable: The pattern so far suggests that the style of UML tool used is linked to an objective. e.g. "get it straight in MY head", explain to business mangers, quality control.Read the article
-
WCF/MSMQ Transport Security with Certificates
- by user104295
Hi there, my goal is to secure the communication between MSMQ Queue Managers – I don’t want unknown clients sending messages to my MSMQ server. I have spent many hours now trying to get Transport security working for the net.msmq binding in WCF, where MSMQ is in Workgroup mode and the client and server do not have Active Directory… so I’m using certificates. I have created a new X.509 certificate, called Kristan and put it into the “Trusted people” store on the server and into the My store of Current User of the client. The error I’m getting is: An error occurred while sending to the queue: Unrecognized error -1072824272 (0xc00e0030).Ensure that MSMQ is installed and running. If you are sending to a local queue, ensure the queue exists with the required access mode and authorization. Using smartsniff, I see that there’s no attempted connection with the remote MSMQ, however, it’s an error probably coming from the local queue manager. The stack trace is: at System.ServiceModel.Channels.MsmqOutputChannel.OnSend(Message message, TimeSpan timeout) at System.ServiceModel.Channels.OutputChannel.Send(Message message, TimeSpan timeout) at System.ServiceModel.Dispatcher.OutputChannelBinder.Send(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) The code:- EndpointAddress endpointAddress = new EndpointAddress(new Uri(endPointAddress)); NetMsmqBinding clientBinding = new NetMsmqBinding(); clientBinding.Security.Mode = NetMsmqSecurityMode.Transport; clientBinding.Security.Transport.MsmqAuthenticationMode = MsmqAuthenticationMode.Certificate; clientBinding.Security.Transport.MsmqProtectionLevel = System.Net.Security.ProtectionLevel.Sign; clientBinding.ExactlyOnce = false; clientBinding.UseActiveDirectory = false; // start new var channelFactory = new ChannelFactory<IAsyncImportApi>(clientBinding, endpointAddress); channelFactory.Credentials.ClientCertificate.SetCertificate("CN=Kristan", StoreLocation.CurrentUser, StoreName.My); The queue is flagged as ‘Authenticated’ on the server. I have checked the effect of this and if I turn off all security in the client send, then I get ‘Signature is invalid’ – which is understandable and shows that it’s definitely looking for a sig. Are there are special ports that I need to check are open for cert-based msmq auth? thanks KrisRead the article
-
Java 7u4 webstart security exception: Class does not match trust level
- by Glstunna
We began to notice that with Java 7 (particularly with update 4), that all our users began to see this with our Webstart app: [14:42:58,422] AWT-EventQueue-0(DEBUG) java.lang.SecurityException: class "CLASSNAME" does not match trust level of other classes in the same package [14:42:58,422] AWT-EventQueue-0(DEBUG) at com.sun.deploy.security.CPCallbackHandler$ChildElement.checkResource(Unknown Source) [14:42:58,422] AWT-EventQueue-0(DEBUG) at com.sun.deploy.security.DeployURLClassPath$JarLoader.checkResource(Unknown Source) [14:42:58,422] AWT-EventQueue-0(DEBUG) at com.sun.deploy.security.DeployURLClassPath$JarLoader.getResource(Unknown Source) [14:42:58,422] AWT-EventQueue-0(DEBUG) at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source) [14:42:58,422] AWT-EventQueue-0(DEBUG) at java.net.URLClassLoader$1.run(Unknown Source) [14:42:58,422] AWT-EventQueue-0(DEBUG) at java.net.URLClassLoader$1.run(Unknown Source) [14:42:58,422] AWT-EventQueue-0(DEBUG) at java.security.AccessController.doPrivileged(Native Method) [14:42:58,422] AWT-EventQueue-0(DEBUG) at java.net.URLClassLoader.findClass(Unknown Source) [14:42:58,422] AWT-EventQueue-0(DEBUG) at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source) [14:42:58,422] AWT-EventQueue-0(DEBUG) at java.lang.ClassLoader.loadClass(Unknown Source) [14:42:58,422] AWT-EventQueue-0(DEBUG) at java.lang.ClassLoader.loadClass(Unknown Source)...More Where CLASSNAME = pretty much every class at random points from several jars in the app execution, breaking several behavior. If our users were to use Java 6, they have no problems! Just 7 (update 4). We sign ALL our jars, both the main application jar and it's library jars. i.e Users launching our webstart app see the blue shield instead of yellow or red. This is obviously an issue as users are more frequently now upgrading to Java 7. I have tried to force our app to use Java 6 on the user machine either by using a previous installation(works), or installing a new one....with the j2se version="1.6" tag around resources but this causes it's own problems that would probably be best to make into it's own thread (the auto-jre-installation part). Did Oracle break Webstart security with Java 7u4? How do I solve this securityexception issue?Read the article
-
How to embed a progressbar into a HTML form?
- by Noah Brainey
I have this code below and want it to show the progress of a form submission of a file upload. I want it to work on my website visit it through this IP (24.148.156.217). So if you saw the website I want the progress bar to be displayed when the user fills in the information and then hits the submit button. Then the progress bar displays with the time until it's finished. <style> <!-- .hide { position:absolute; visibility:hidden; } .show { position:absolute; visibility:visible; } --> </style> <SCRIPT LANGUAGE="JavaScript"> //Progress Bar script- by Todd King ([email protected]) //Modified by JavaScript Kit for NS6, ability to specify duration //Visit JavaScript Kit (http://javascriptkit.com) for script var duration=3 // Specify duration of progress bar in seconds var _progressWidth = 50; // Display width of progress bar. var _progressBar = "|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||" var _progressEnd = 5; var _progressAt = 0; // Create and display the progress dialog. // end: The number of steps to completion function ProgressCreate(end) { // Initialize state variables _progressEnd = end; _progressAt = 0; // Move layer to center of window to show if (document.all) { // Internet Explorer progress.className = 'show'; progress.style.left = (document.body.clientWidth/2) - (progress.offsetWidth/2); progress.style.top = document.body.scrollTop+(document.body.clientHeight/2) - (progress.offsetHeight/2); } else if (document.layers) { // Netscape document.progress.visibility = true; document.progress.left = (window.innerWidth/2) - 100+"px"; document.progress.top = pageYOffset+(window.innerHeight/2) - 40+"px"; } else if (document.getElementById) { // Netscape 6+ document.getElementById("progress").className = 'show'; document.getElementById("progress").style.left = (window.innerWidth/2)- 100+"px"; document.getElementById("progress").style.top = pageYOffset+(window.innerHeight/2) - 40+"px"; } ProgressUpdate(); // Initialize bar } // Hide the progress layer function ProgressDestroy() { // Move off screen to hide if (document.all) { // Internet Explorer progress.className = 'hide'; } else if (document.layers) { // Netscape document.progress.visibility = false; } else if (document.getElementById) { // Netscape 6+ document.getElementById("progress").className = 'hide'; } } // Increment the progress dialog one step function ProgressStepIt() { _progressAt++; if(_progressAt > _progressEnd) _progressAt = _progressAt % _progressEnd; ProgressUpdate(); } // Update the progress dialog with the current state function ProgressUpdate() { var n = (_progressWidth / _progressEnd) * _progressAt; if (document.all) { // Internet Explorer var bar = dialog.bar; } else if (document.layers) { // Netscape var bar = document.layers["progress"].document.forms["dialog"].bar; n = n * 0.55; // characters are larger } else if (document.getElementById){ var bar=document.getElementById("bar") } var temp = _progressBar.substring(0, n); bar.value = temp; } // Demonstrate a use of the progress dialog. function Demo() { ProgressCreate(10); window.setTimeout("Click()", 100); } function Click() { if(_progressAt >= _progressEnd) { ProgressDestroy(); return; } ProgressStepIt(); window.setTimeout("Click()", (duration-1)*1000/10); } function CallJS(jsStr) { //v2.0 return eval(jsStr) } </script> <SCRIPT LANGUAGE="JavaScript"> // Create layer for progress dialog document.write("<span id=\"progress\" class=\"hide\">"); document.write("<FORM name=dialog id=dialog>"); document.write("<TABLE border=2 bgcolor=\"#FFFFCC\">"); document.write("<TR><TD ALIGN=\"center\">"); document.write("Progress<BR>"); document.write("<input type=text name=\"bar\" id=\"bar\" size=\"" + _progressWidth/2 + "\""); if(document.all||document.getElementById) // Microsoft, NS6 document.write(" bar.style=\"color:navy;\">"); else // Netscape document.write(">"); document.write("</TD></TR>"); document.write("</TABLE>"); document.write("</FORM>"); document.write("</span>"); ProgressDestroy(); // Hides </script> <form name="form1" method="post"> <center> <input type="button" name="Demo" value="Display progress" onClick="CallJS('Demo()')"> </center> </form> <a href="javascript:CallJS('Demo()')">Text link example</a>Read the article
-
Interesting articles and blogs on SPARC T4
- by mv
Interesting articles and blogs on SPARC T4 processor I have consolidated all the interesting information I could get on SPARC T4 processor and its hardware cryptographic capabilities. Hope its useful. 1. Advantages of SPARC T4 processor Most important points in this T4 announcement are : "The SPARC T4 processor was designed from the ground up for high speed security and has a cryptographic stream processing unit (SPU) integrated directly into each processor core. These accelerators support 16 industry standard security ciphers and enable high speed encryption at rates 3 to 5 times that of competing processors. By integrating encryption capabilities directly inside the instruction pipeline, the SPARC T4 processor eliminates the performance and cost barriers typically associated with secure computing and makes it possible to deliver high security levels without impacting the user experience." Data Sheet has more details on these : "New on-chip Encryption Instruction Accelerators with direct non-privileged support for 16 industry-standard cryptographic algorithms plus random number generation in each of the eight cores: AES, Camellia, CRC32c, DES, 3DES, DH, DSA, ECC, Kasumi, MD5, RSA, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512" I ran "isainfo -v" command on Solaris 11 Sparc T4-1 system. It shows the new instructions as expected : $ isainfo -v 64-bit sparcv9 applications crc32c cbcond pause mont mpmul sha512 sha256 sha1 md5 camellia kasumi des aes ima hpc vis3 fmaf asi_blk_init vis2 vis popc 32-bit sparc applications crc32c cbcond pause mont mpmul sha512 sha256 sha1 md5 camellia kasumi des aes ima hpc vis3 fmaf asi_blk_init vis2 vis popc v8plus div32 mul32 2. Dan Anderson's Blog have some interesting points about how these can be used : "New T4 crypto instructions include: aes_kexpand0, aes_kexpand1, aes_kexpand2, aes_eround01, aes_eround23, aes_eround01_l, aes_eround_23_l, aes_dround01, aes_dround23, aes_dround01_l, aes_dround_23_l. Having SPARC T4 hardware crypto instructions is all well and good, but how do we access it ? The software is available with Solaris 11 and is used automatically if you are running Solaris a SPARC T4. It is used internally in the kernel through kernel crypto modules. It is available in user space through the PKCS#11 library." 3. Dans' Blog on Where's the Crypto Libraries? Although this was written in 2009 but still is very useful "Here's a brief tour of the major crypto libraries shown in the digraph: The libpkcs11 library contains the PKCS#11 API (C_\*() functions, such as C_Initialize()). That in turn calls library pkcs11_softtoken or pkcs11_kernel, for userland or kernel crypto providers. The latter is used mostly for hardware-assisted cryptography (such as n2cp for Niagara2 SPARC processors), as that is performed more efficiently in kernel space with the "kCF" module (Kernel Crypto Framework). Additionally, for Solaris 10, strong crypto algorithms were split off in separate libraries, pkcs11_softtoken_extra libcryptoutil contains low-level utility functions to help implement cryptography. libsoftcrypto (OpenSolaris and Solaris Nevada only) implements several symmetric-key crypto algorithms in software, such as AES, RC4, and DES3, and the bignum library (used for RSA). libmd implements MD5, SHA, and SHA2 message digest algorithms" 4. Difference in T3 and T4 Diagram in this blog is good and self explanatory. Jeff's blog also highlights the differences "The T4 servers have improved crypto acceleration, described at https://blogs.oracle.com/DanX/entry/sparc_t4_openssl_engine. It is "just built in" so administrators no longer have to assign crypto accelerator units to domains - it "just happens". Every physical or virtual CPU on a SPARC-T4 has full access to hardware based crypto acceleration at all times. .... For completeness sake, it's worth noting that the T4 adds more crypto algorithms, and accelerates Camelia, CRC32c, and more SHA-x." 5. About performance counters In this blog, performance counters are explained : "Note that unlike T3 and before, T4 crypto doesn't require kernel modules like ncp or n2cp, there is no visibility of crypto hardware with kstats or cryptoadm. T4 does provide hardware counters for crypto operations. You can see these using cpustat: cpustat -c pic0=Instr_FGU_crypto 5 You can check the general crypto support of the hardware and OS with the command "isainfo -v". Since T4 crypto's implementation now allows direct userland access, there are no "crypto units" visible to cryptoadm. " For more details refer Martin's blog as well. 6. How to turn off SPARC T4 or Intel AES-NI crypto acceleration I found this interesting blog from Darren about how to turn off SPARC T4 or Intel AES-NI crypto acceleration. "One of the new Solaris 11 features of the linker/loader is the ability to have a single ELF object that has multiple different implementations of the same functions that are selected at runtime based on the capabilities of the machine. The alternate to this is having the application coded to call getisax(2) system call and make the choice itself. We use this functionality of the linker/loader when we build the userland libraries for the Solaris Cryptographic Framework (specifically libmd.so and libsoftcrypto.so) The Solaris linker/loader allows control of a lot of its functionality via environment variables, we can use that to control the version of the cryptographic functions we run. To do this we simply export the LD_HWCAP environment variable with values that tell ld.so.1 to not select the HWCAP section matching certain features even if isainfo says they are present. This will work for consumers of the Solaris Cryptographic Framework that use the Solaris PKCS#11 libraries or use libmd.so interfaces directly. For SPARC T4 : export LD_HWCAP="-aes -des -md5 -sha256 -sha512 -mont -mpul" .. For Intel systems with AES-NI support: export LD_HWCAP="-aes"" Note that LD_HWCAP is explained in http://docs.oracle.com/cd/E23823_01/html/816-5165/ld.so.1-1.html "LD_HWCAP, LD_HWCAP_32, and LD_HWCAP_64 - Identifies an alternative hardware capabilities value... A “-” prefix results in the capabilities that follow being removed from the alternative capabilities." 7. Whitepaper on SPARC T4 Servers—Optimized for End-to-End Data Center Computing This Whitepaper on SPARC T4 Servers—Optimized for End-to-End Data Center Computing explains more details. It has DTrace scripts which may come in handy : "To ensure the hardware-assisted cryptographic acceleration is configured to use and working with the security scenarios, it is recommended to use the following Solaris DTrace script. #!/usr/sbin/dtrace -s pid$1:libsoftcrypto:yf*:entry, pid$target:libsoftcrypto:rsa*:entry, pid$1:libmd:yf*:entry { @[probefunc] = count(); } tick-1sec { printa(@ops); trunc(@ops); }" Note that I have slightly modified the D Script to have RSA "libsoftcrypto:rsa*:entry" as well as per recommendations from Chi-Chang Lin. 8. References http://www.oracle.com/us/corporate/features/sparc-t4-announcement-494846.html http://www.oracle.com/us/products/servers-storage/servers/sparc-enterprise/t-series/sparc-t4-1-ds-487858.pdf https://blogs.oracle.com/DanX/entry/sparc_t4_openssl_engine https://blogs.oracle.com/DanX/entry/where_s_the_crypto_libraries https://blogs.oracle.com/darren/entry/howto_turn_off_sparc_t4 http://docs.oracle.com/cd/E23823_01/html/816-5165/ld.so.1-1.html https://blogs.oracle.com/hardware/entry/unleash_the_power_of_cryptography https://blogs.oracle.com/cmt/entry/t4_crypto_cheat_sheet https://blogs.oracle.com/martinm/entry/t4_performance_counters_explained https://blogs.oracle.com/jsavit/entry/no_mau_required_on_a http://www.oracle.com/us/products/servers-storage/servers/sparc-enterprise/t-series/sparc-t4-business-wp-524472.pdfRead the article
-
Can Google Employees See My Saved Google Chrome Passwords?
- by Jason Fitzpatrick
Storing your passwords in your web browser seems like a great time saver, but are the passwords secure and inaccessible to others (even employees of the browser company) when squirreled away? Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites. The Question SuperUser reader MMA is curious if Google employees have (or could have) access to the passwords he stores in Google Chrome: I understand that we are really tempted to save our passwords in Google Chrome. The likely benefit is two fold, You don’t need to (memorize and) input those long and cryptic passwords. These are available wherever you are once you log in to your Google account. The last point sparked my doubt. Since the password is available anywhere, the storage must in some central location, and this should be at Google. Now, my simple question is, can a Google employee see my passwords? Searching over the Internet revealed several articles/messages. Do you save passwords in Chrome? Maybe you should reconsider: Talks about your passwords being stolen by someone who has access to your computer account. Nothing mentioned about the central storage security and vulnerability. There is even a response from Chrome browser security tech lead about the first issue. Chrome’s insane password security strategy: Mostly along the same line. You can steal password from somebody if you have access to the computer account. How to Steal Passwords Saved in Google Chrome in 5 Simple Steps: Teaches you how to actually perform the act mentioned in the previous two when you have access to somebody else’s account. There are many more (including this one at this site), mostly along the same line, points, counter-points, huge debates. I refrain from mentioning them here, simply carry a search if you want to find them. Coming back to my original query, can a Google employee see my password? Since I can view the password using a simple button, definitely they can be unhashed (decrypted) even if encrypted. This is very different from the passwords saved in Unix-like OS’s where the saved password can never be seen in plain text. They use a one-way encryption algorithm to encrypt your passwords. This encrypted password is then stored in the passwd or shadow file. When you attempt to login, the password you type in is encrypted again and compared with the entry in the file that stores your passwords. If they match, it must be the same password, and you are allowed access. Thus, a superuser can change my password, can block my account, but he can never see my password. So are his concerns well founded or will a little insight dispel his worry? The Answer SuperUser contributor Zeel helps put his mind at ease: Short answer: No* Passwords stored on your local machine can be decrypted by Chrome, as long as your OS user account is logged in. And then you can view those in plain text. At first this seems horrible, but how did you think auto-fill worked? When that password field gets filled in, Chrome must insert the real password into the HTML form element – or else the page wouldn’t work right, and you could not submit the form. And if the connection to the website is not over HTTPS, the plain text is then sent over the internet. In other words, if chrome can’t get the plain text passwords, then they are totally useless. A one way hash is no good, because we need to use them. Now the passwords are in fact encrypted, the only way to get them back to plain text is to have the decryption key. That key is your Google password, or a secondary key you can set up. When you sign into Chrome and sync the Google servers will transmit the encrypted passwords, settings, bookmarks, auto-fill, etc, to your local machine. Here Chrome will decrypt the information and be able to use it. On Google’s end all that info is stored in its encrpyted state, and they do not have the key to decrypt it. Your account password is checked against a hash to log in to Google, and even if you let chrome remember it, that encrypted version is hidden in the same bundle as the other passwords, impossible to access. So an employee could probably grab a dump of the encrypted data, but it wouldn’t do them any good, since they would have no way to use it.* So no, Google employees can not** access your passwords, since they are encrypted on their servers. * However, do not forget that any system that can be accessed by an authorized user can be accessed by an unauthorized user. Some systems are easier to break than other, but none are fail-proof. . . That being said, I think I will trust Google and the millions they spend on security systems, over any other password storage solution. And heck, I’m a wimpy nerd, it would be easier to beat the passwords out of me than break Google’s encryption. ** I am also assuming that there isn’t a person who just happens to work for Google gaining access to your local machine. In that case you are screwed, but employment at Google isn’t actually a factor any more. Moral: Hit Win + L before leaving machine. While we agree with zeel that it’s a pretty safe bet (as long as your computer is not compromised) that your passwords are in fact safe while stored in Chrome, we prefer to encrypt all our logins and passwords in a LastPass vault. Have something to add to the explanation? Sound off in the the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.Read the article
-
Convert excel document (xls) to a plist
- by John
I have a pretty straightforward excel document in which I need to use the data in an iPhone app. The xls document has 6 columns, 200 plus rows. I would like to create a plist from the xls document and other than manual copy/paste, is there a means to convert one to the other? Anyone written a macro on the excel side or a utility (perl, etc) to make such a conversion? Thanks John iPhoneDevTipsRead the article
-
Using SharePoint label to display document version in Word 2007 doesn't work when moved to another l
- by ITManagerWhoCodes
I am surfacing the Document Library version of a Word 2007 document by creating a Label ({version}) within the content type of the Document Library and adding it as a Quick-part Label in the Word 2007 document. This works great. The latest version always shows up when I open the Word document. I also added this Version quick-part field to the footer of the Word document and then added this document as a document template to my content type, "ContentTypeMain". Now, I can go to my Document Library and I can create a New instance of "ContentTypeMain" with the Version field automatically there. This works great as well. However, if I create another Document Library and add the same Content Type, "ContentTypeMain" to it, the value of the Version quick-part doesn't update or refresh. The only way is to add another copy of the Label quick-part. It seems like the Quick-Part Label that maps to the Document Library Version is unique to the Document Library. My application dynamically creates subsites using site definitions and list templates. Thus the document library in each of the subsites are all being created from the same List Template. I inspected the XML files under the hood of the Word Document and it does look like there is a GUID attached to the Quick-Part Version field.Read the article
-
C# and XSLT (using document() function in XSLT generates error)
- by Simon
I'd like to use embedded resources in my XSLT file, but while invoking 'document(...)' C# complains that "Error during loading document ..." I'd like to use defined resources in XSLT file and get them by this: "document('')//my:resources/"... How can i do that?? ex xsl: <?xml version="1.0" encoding="utf-8"?> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:my="xslt-gruper-v1.2.xsl" exclude-result-prefixes="my"> tryb <xsl:variable name="res" select="document('')/*/my:resources/("/> How can i get access to such structure without exceptions in C#? I'll add that during static transform via ex. Opera everything works fine.Read the article
-
Lucene multiple indexes : Normalize document scores??
- by Roey
Hi All. Suppose I've got multiple lucene indexes (not replicas) on several PC's. I query each index and then merge the results. Is there any way to normalize the document scores so that I could sort by score (relevance)? I mean, the scores for document A from index A would not be comparable with document B from index B, unless I do some sort of normalization.... not so? Thanks RoeyRead the article
-
Hyper reference links in Latex document starts from the beginning of the page
- by okhalid
Hi, I have a latex document. I am using hyperref, makeidx and glossary packages for my document. Every thing is created fine; table of content (all references works nicely), glossary and index except that page numbers printed in the glossary and index are correct but they point to page numbers starting from the beginning of the document where initial 10 pages are in arabic numbers and then roman numbers from 1 starts. e.g. I have 10 pages for initial front matter (abstract, declaration, table of contents etc etc). After that, mainmatter begins and so does the page numbers in roman from 1. So on this page 1, I have an index entry "hello" Now in the index, it prints "hello 1" which is correct except that when one clicks on 1, then it goes to the right at the beginning of the document rather then numbered page 1. Your help would be much appreciated. Thanks, OmerRead the article
-
Getting document.xml from a docx file using ZipInputStream
- by meenakshik
Hello, I have a inputStream of a docx file and I need to get hold of the document.xml which lies inside the docx. I am using ZipInputStream to read my stream and my code is something like ZipInputStream docXFile = new ZipInputStream(fileName); ZipEntry zipEntry; while ((zipEntry = docXFile.getNextEntry()) != null) { if(zipEntry.getName().equals("word/document.xml")) { System.out.println(" --> zip Entry is "+zipEntry.getName()); } } As you can see The output for zipEntry.getName comes as "word/document.xml" at some point. I need to pass this document.xml as a stream and unlike the ZipFile method where you can easily pass this on calling .getInputStream, I am wondering how can I do this docXFile? Thanks in advance, MeenakshiRead the article
-
How to use role-hierarchy in Spring Security 3 with Spring EL?
- by Aleksey
I want to use @PreAuthorize annotation on service methods with Spring Security. One of requirements is to use role-hierarchy. But by default it is not enabled. I found that in SecurityExpressionRoot class ("the base class for expression root objects") there is a property roleHierarchy. The class actually does use this property for methods like hasRole() and hasAnyRole(). I suppose that if I supply it with my own RoleHierarchy bean I will be able to use @PreAuthorize annotations with hierarchical roles. How can I inject my hierarchy bean into SecurityExpressionRoot?Read the article
-
source code to insert image into word document using java
- by sukhada garud
please provide me with source code to insert image into word document using javaRead the article
-
Pros/Cons of document based database vs relational database
- by damian
I've been trying to see if I can accomplish some requirements with a document based database, in this case CouchDB. Two generic requirements: CRUD of entities with some fields which have unique index on it ecommerce web app like eBay (better description here). And I'm begining to think that a Document-based database isn't the best choice to address these requirements. Furthermore, I can´t imagine a use for a Document based database (maybe my imagination is too little). Can you explain me if I am asking pears to an elm when I try to use a Document based database for this requirements?Read the article
