Search Results

Search found 4187 results on 168 pages for 'secure erase'.

Page 66/168 | < Previous Page | 62 63 64 65 66 67 68 69 70 71 72 73  | Next Page >

  • Ubuntu 14.04 LTS 64-bit install alongside Windows 7

    - by user289222
    I've tried installing Ubuntu 14.04 LTS alongside my Windows 7 OS, following the exact procedure given by the Ubuntu website and random other tutorials. I've tried with a LiveCD and with a USB stick but I always run into the same problem. When I'm at the screen where I'm allowed to select how I want to install Ubuntu ("alongside", "erase Windows 7", "something else"), the first option says "Install Ubuntu inside Windows 7" instead of "Install Ubuntu alongside Windows 7". From pretty much all tutorials I've seen, the tutorial says that the option should say "alongside". I click "inside" anyway, and Ubuntu doesn't install at all. Instead, my computer just reboots, and goes back to the Try Ubuntu or Install Now screen. This happens regardless of using a LiveCD or a USB stick. I've also tried manually resizing my partitions using "something else". Oddly, I see 4 sda partitions: /dev/sda type size used /dev/sda1 1mb unknown Windows 7 (loader) /dev/sda2 ntsf 208mb unknown Recovery Windows Environment (loader) /dev/sda3 ntsf ~752000mb unknown Recovery Windows Environment (loader) /dev/sda4 ~18000mb unknown I try resizing the largest partition, but some sort of internal error occurs and it doesn't let me resize my partitions. Any ideas on what's going on and how to solve it?

    Read the article

  • Sync content from my iPad to iTunes? i.e. "reverse" syncing

    - by Jim
    I recently had to reset my PC back to factory settings which lost my entire iTunes library. I still have my music and other files on my iPad and want to sync it back to the PC. Upon syncing it only gives me two options. "Erase and Sync" which replaces the contents of my iPad with the blank iTunes library, or, "Transfer Purchases" which reads like it will only transfer the purchases from iPad to iTunes. I would like to avoid re-burning my entire CD library to iTunes all over again. Is there a way for me to sync the iPad to the iTunes library (aka the computer)?

    Read the article

  • Moving a File While It's In Use -- How Does it work?

    - by Zaz
    I've noticed that on non-windows OS.... ie linux/mac i can do things like: - Send a zip to a friend over aim - Delete the file while it's in transfer And the transfer does not fail. Or, I can do operations like.. - start a movie - erase the file - the movie still plays to completion (read from disk, not just buffered in memory) Although the files are being "deleted", as i mentioned, they are actually being moved to a different location on the file system... ie a Trash directory or something. So it seems to me like the OS uses a pointer @ the file that is updated when it moves rather than accessing the files directly. Can anyone shed some light on how this AWESOME capability is actually implemented? I'm not even sure what to google to learn more about it. thank you.

    Read the article

  • Does "I securely erased my drive" really work with Truecrypt partitions?

    - by TheLQ
    When you look at Truecrypt's Plausible Deniability page it says that one of the reasons for partition with solely random data is that you securely erased your drive. But what about the partition table with full disk encryption? How can you explain why the partition table says there's a partition of unknown type (With my limited knowledge of partition tables I think that they store all the partition filesystem types) and with solely random data? It seems that if your going to securely erase the drive you would destroy everything, including the partition table. And even if you just wiped the partition, the partition table would still say that the partition was originally NTFS, which it isn't anymore. Does the "I securely erased my drive" excuse still work here? (Note: I know that there's hidden truecrypt volumes, but I'm avoiding them due to the high risk of data loss)

    Read the article

  • How do I get 12.04 to recognize swap partition so that I can hibernate?

    - by Kayla
    I justed installed 12.04 and used gparted to erase and enlarge my swap partition. When I rebooted, gparted said that the file partition for the swap was unknown. Gparted doesn't let me change the file partition to "linux-swap". It does let me change it to NTFS, but when I reboot, it goes back to "unknown". Thanks in advance for your help. Output from sudo swapon -s: Filename Type Size Used Priority /dev/mapper/cryptswap1 partition 9025532 0 -1 Output from sudo fdisk -l: Disk /dev/sda: 250.1 GB, 250059350016 bytes 255 heads, 63 sectors/track, 30401 cylinders, total 488397168 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x9d63ac84 Device Boot Start End Blocks Id System /dev/sda1 * 2048 2459647 1228800 7 HPFS/NTFS/exFAT /dev/sda2 2459648 197836472 97688412+ 7 HPFS/NTFS/exFAT /dev/sda3 466890752 488395119 10752184 7 HPFS/NTFS/exFAT /dev/sda4 197836798 466890751 134526977 5 Extended /dev/sda5 197836800 448837631 125500416 83 Linux /dev/sda6 448839680 466890751 9025536 82 Linux swap / Solaris Partition table entries are not in disk order Disk /dev/mapper/cryptswap1: 9242 MB, 9242148864 bytes 255 heads, 63 sectors/track, 1123 cylinders, total 18051072 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x951b7f53 Disk /dev/mapper/cryptswap1 doesn't contain a valid partition table

    Read the article

  • EXC_BAD_ACCESS error when box2d joint is destroyed

    - by colilo
    When I destroy the weldJoint in the update method (see below) I get an EXC_BAD_ACCESS error pointing to the line world->DestroyJoint(weldJoint); in the update method below: -(void) update: (ccTime) dt { int32 velocityIterations = 8; int32 positionIterations = 1; // Instruct the world to perform a single step of simulation. It is // generally best to keep the time step and iterations fixed. world->Step(dt, velocityIterations, positionIterations); // using the iterator pos over the set std::set<BodyPair *>::iterator pos; for(pos = bodiesForJoints.begin(); pos != bodiesForJoints.end(); ++pos) { b2WeldJointDef weldJointDef; BodyPair *bodyPair = *pos; b2Body *bodyA = bodyPair->bodyA; b2Body *bodyB = bodyPair->bodyB; weldJointDef.Initialize(bodyA, bodyB, bodyA->GetWorldCenter()); weldJointDef.collideConnected = false; weldJoint = (b2WeldJoint*) world->CreateJoint(&weldJointDef); // Free the structure we allocated earlier. free(bodyPair); // Remove the entry from the set. bodiesForJoints.erase(pos); } for(b2Body *b = world->GetBodyList(); b; b=b->GetNext()) { if (b->GetUserData() != NULL) { CCSprite *mainSprite = (CCSprite*)b->GetUserData(); if (mainSprite.tag == 1) { mainSprite.position = CGPointMake( b->GetPosition().x * PTM_RATIO, b->GetPosition().y * PTM_RATIO); CGPoint mainSpritePosition = mainSprite.position; if (mainSprite.isMoved) { world->DestroyJoint(weldJoint); } } } } } In the HelloWorldLayer.h I set the weldJoint with the assign property. Am I destroying the joint in the wrong way? I would really appreciate any help. Thanks

    Read the article

  • How do I set up a working GUEST USER account in Win XP Pro?

    - by user6501
    I have two user accounts within my WinXP Pro PC. One I'd like to erase. But I'd also like to setup a GUEST user account. I've already gotten 2-step instructions on how to get rid of the extraneous account: a) use an MS tool called delprof.msi b) manually delete the former users files in Documents & Settings. But I guess my original question was too complex -- kind of like a bill in Congress. So now I am just asking the final part of the question: How do I create a GUEST ACCOUNT -- then define what it will authorize/grant access to? i.e. internet browser(s), specific programs and files etc

    Read the article

  • Dual Booting WIndows 7 and Ubuntu 12.04

    - by mfes
    I have Windows 7 32 bit installed on a 64 bit Laptop. I am trying to install Ubuntu 12.04.I am trying to install Ubuntu 12.04 using USB. I created the bootable usb using live usb installer. I have 6 partitions in Windows 7 of which in Windows 7, I created a partition of 50 GB and also having an unallocated space of 50 Gb. I will install Ubuntu 12.04 in any one of these space. When I am booting from USB and selecting the option of "Try Ubuntu" and In Ubuntu desktop, when I click "Install Ubuntu 12.04" , and choosing the option as " Something Else " ( I dont want to Install Ubuntu alongside Windows or want to erase Windows totally ), only 3 paritions getting listed. One is system memory reserved as 100 mb. Second is C drive and third partition is listed as a whole space ie remaining space of the entire hard disk is listed instead of partitions. I tried Gparted Editor and it also lists the same as Ubuntu 12.04 So whats the problem and how can I make the Ubuntu to detect all the partitions so that I can install in the unallocated space or in the 50 GB Partition ? ( P.S - When I try the same in my 32 bit desktop, it is detecting all the partitions )

    Read the article

  • Windows 8 Update on Bootcamp

    - by RazorSharp
    I currently have Windows 8 Consumer Preview installed on a Mac Bootcamp Partition. Microsoft recently released the Windows 8 Release Preview, and I'd like to upgrade, but I'm worried that upgrading to the Release Preview (while in the Windows 8 partition) will erase my other partitions (ex. the Mac OS X partition). By upgrading from Consumer to Release (using the installer on Microsoft's website) while IN the Windows 8 partition, will it end up re-formating the whole hard drive / erasing partitions / removing Mac OS X? Are there any 100% positive answers out there? Will this work, and if not then how would you suggest updating? Note: I have a Time Machine backup of my Mac, but it isn't the WHOLE Mac.

    Read the article

  • iTunes for Ubuntu Studio

    - by soundblastdj
    I have finally gotten my old Mac HDD sorted out, and now I would like to know if anybody has either: a) a way to run iTunes without wine, as it did not work out well for me the last time I tried it, or b) any other media player that will sync with an iPod and, more importantly, use the same file system. When my Mac died, I started to get into open source. I bought a MacBook Air, only out of necessity. For almost two years now, I have not once backed up or synced my iPod. I am getting nervous that it may give up on it's life soon and would like to find a solution. I don't have enough room on my Air, and it would just erase my iPod anyway... Another thing that I am having trouble with is the way iTunes arranged the music. Now, it is arranged all by artist, then album, the song and I would like to have a media library, but somewhere around 400GB of music is a lot to sift through (I have attempted in the past). Thus I am looking for something that will use the same library format. A side note: As I was writing this I started to wonder; Is a Hackintosh in order here? If somebody will give me instructions on how to install MacOSX for free (maybe Mavericks?) in a dual boot with Ubuntu, I will be ever grateful. :) Thanks, soundblastdj

    Read the article

  • C++/msvc6 application crashes due to heap corruption, any hints?

    - by David Alfonso
    Hello all, let me say first that I'm writing this question after months of trying to find out the root of a crash happening in our application. I'll try to detail as much as possible what I've already found out about it. About the application It runs on Windows XP Professional SP2. It's built with Microsoft Visual C++ 6.0 with Service Pack 6. It's MFC based. It uses several external dlls (e.g. Xerces, ZLib or ACE). It has high performance requirements. It does a lot of network and hard disk I/O, but it's also cpu intensive. It has an exception handling mechanism which generates a minidump when an unhandled exception occurs. Facts about the crash It only happens on multiprocessor/multicore machines and under heavy loads of work. It happens at random (neither we nor our client have found a pattern yet). We cannot reproduce the crash on our testing lab. It only happens on some production systems (but always in multicore machines) It always ends up crashing at the same point, although the complete stack is not always the same. Let me add the stack of the crashing thread (obtained using WinDbg, sorry we don't have symbols) ChildEBP RetAddr Args to Child WARNING: Stack unwind information not available. Following frames may be wrong. 030af6c8 7c9206eb 77bfc3c9 01a80000 00224bc3 MyApplication+0x2a85b9 030af960 7c91e9c0 7c92901b 00000ab4 00000000 ntdll!RtlAllocateHeap+0xeac (FPO: [Non-Fpo]) 030af98c 7c9205c8 00000001 00000000 00000000 ntdll!ZwWaitForSingleObject+0xc (FPO: [3,0,0]) 030af9c0 7c920551 01a80898 7c92056d 313adfb0 ntdll!RtlpFreeToHeapLookaside+0x22 (FPO: [2,0,4]) 030afa8c 4ba3ae96 000307da 00130005 00040012 ntdll!RtlFreeHeap+0x1e9 (FPO: [Non-Fpo]) 030afacc 77bfc2e3 0214e384 3087c8d8 02151030 0x4ba3ae96 030afb00 7c91e306 7c80bfc1 00000948 00000001 msvcrt!free+0xc8 (FPO: [Non-Fpo]) 030afb20 0042965b 030afcc0 0214d780 02151218 ntdll!ZwReleaseSemaphore+0xc (FPO: [3,0,0]) 030afb7c 7c9206eb 02e6c471 02ea0000 00000008 MyApplication+0x2965b 030afe60 7c9205c8 02151248 030aff38 7c920551 ntdll!RtlAllocateHeap+0xeac (FPO: [Non-Fpo]) 030afe74 7c92056d 0210bfb8 02151250 02151250 ntdll!RtlpFreeToHeapLookaside+0x22 (FPO: [2,0,4]) 030aff38 77bfc2de 01a80000 00000000 77bfc2e3 ntdll!RtlFreeHeap+0x647 (FPO: [Non-Fpo]) 7c92056d c5ffffff ce7c94be ff7c94be 00ffffff msvcrt!free+0xc3 (FPO: [Non-Fpo]) 7c920575 ff7c94be 00ffffff 12000000 907c94be 0xc5ffffff 7c920579 00ffffff 12000000 907c94be 90909090 0xff7c94be *** WARNING: Unable to verify checksum for xerces-c_2_7.dll *** ERROR: Symbol file could not be found. Defaulted to export symbols for xerces-c_2_7.dll - 7c92057d 12000000 907c94be 90909090 8b55ff8b MyApplication+0xbfffff 7c920581 907c94be 90909090 8b55ff8b 08458bec xerces_c_2_7 7c920585 90909090 8b55ff8b 08458bec 04408b66 0x907c94be 7c920589 8b55ff8b 08458bec 04408b66 0004c25d 0x90909090 7c92058d 08458bec 04408b66 0004c25d 90909090 0x8b55ff8b The address MyApplication+0x2a85b9 corresponds to a call to erase() of a std::list. What I have tried so far Reviewing all the code related to the point where the crash ends happening. Trying to enable pageheap on our testing lab though nothing useful has been found by now. We have substituted the std::list for a C array and then it crashes in other part of the code (although it is related code, it's not in the code where the old list resided). Coincidentally, now it crashes in another erase, though this time of a std::multiset. Let me copy the stack contained in the dump: ntdll.dll!_RtlpCoalesceFreeBlocks@16() + 0x124e bytes ntdll.dll!_RtlFreeHeap@12() + 0x91f bytes msvcrt.dll!_free() + 0xc3 bytes MyApplication.exe!006a4fda() [Frames below may be incorrect and/or missing, no symbols loaded for MyApplication.exe] MyApplication.exe!0069f305() ntdll.dll!_NtFreeVirtualMemory@16() + 0xc bytes ntdll.dll!_RtlpSecMemFreeVirtualMemory@16() + 0x1b bytes ntdll.dll!_ZwWaitForSingleObject@12() + 0xc bytes ntdll.dll!_RtlpFreeToHeapLookaside@8() + 0x26 bytes ntdll.dll!_RtlFreeHeap@12() + 0x114 bytes msvcrt.dll!_free() + 0xc3 bytes c5ffffff() Possible solutions (that I'm aware of) which cannot be applied "Migrate the application to a newer compiler": We are working on this but It's not a solution at the moment. "Enable pageheap (normal or full)": We can't enable pageheap on production machines as this affects performance heavily. I think that's all I remember now, if I have forgotten something I'll add it asap. If you can give me some hint or propose some possible solution, don't hesitate to answer! Thank you in advance for your time and advice.

    Read the article

  • Beginner question: ArrayList can't seem to get it right! Pls help

    - by elementz
    I have been staring at this code all day now, but just can't get it right. ATM I am just pushing codeblocks around without being able to concentrate anymore, with the due time being within almost an hour... So you guys are my last resort here. I am supposed to create a few random balls on a canvas, those balls being stored within an ArrayList (I hope an ArrayList is suitable here: the alternative options to choose from were HashSet and HashMap). Now, whatever I do, I get the differently colored balls at the top of my canvas, but they just get stuck there and refuse to move at all. Apart from that I now get a ConcurrentModificationException, when running the code: java.util.ConcurrentModificationException at java.util.AbstractList$Itr.checkForComodification(AbstractList.java:372) at java.util.AbstractList$Itr.next(AbstractList.java:343) at BallDemo.bounce(BallDemo.java:109) Reading up on that exception, I found out that one can make sure ArrayList is accessed in a threadsafe manner by somehow synchronizing access. But since I have remember fellow students doing without synchronizing, my guess is, that it would actually be the wrong path to go. Maybe you guys could help me get this to work, I at least need those stupid balls to move ;-) /** * Simulate random bouncing balls */ public void bounce(int count) { int ground = 400; // position of the ground line System.out.println(count); myCanvas.setVisible(true); // draw the ground myCanvas.drawLine(50, ground, 550, ground); // Create an ArrayList of type BouncingBalls ArrayList<BouncingBall>balls = new ArrayList<BouncingBall>(); for (int i = 0; i < count; i++){ Random numGen = new Random(); // Creating a random color. Color col = new Color(numGen.nextInt(256), numGen.nextInt(256), numGen.nextInt(256)); // creating a random x-coordinate for the balls int ballXpos = numGen.nextInt(550); BouncingBall bBall = new BouncingBall(ballXpos, 80, 20, col, ground, myCanvas); // adding balls to the ArrayList balls.add(bBall); bBall.draw(); boolean finished = false; } for (BouncingBall bBall : balls){ bBall.move(); } } This would be the original unmodified method we got from our teacher, which only creates two balls: /** * Simulate two bouncing balls */ public void bounce() { int ground = 400; // position of the ground line myCanvas.setVisible(true); myCanvas.drawLine(50, ground, 550, ground); // draw the ground // crate and show the balls BouncingBall ball = new BouncingBall(50, 50, 16, Color.blue, ground, myCanvas); ball.draw(); BouncingBall ball2 = new BouncingBall(70, 80, 20, Color.red, ground, myCanvas); ball2.draw(); // make them bounce boolean finished = false; while(!finished) { myCanvas.wait(50); // small delay ball.move(); ball2.move(); // stop once ball has travelled a certain distance on x axis if(ball.getXPosition() >= 550 && ball2.getXPosition() >= 550) { finished = true; } } ball.erase(); ball2.erase(); } }

    Read the article

  • C++ - getline() keeps reading the same line over and over again for some reason

    - by Jammanuser
    I am wondering WTF my while loop which calls istream& getline ( istream& is, string& str ); keeps reading the same line again. I have the following while loop (nested down several levels of other while loops and if statements) which calls getline, but my output statement which is the first code line in the while loop's block of code tells me it is reading the same line over and over again, which explains why my output file doesn't contain the right data when my program is finished. while (getline(file_handle, buffer_str)) { cout<< buffer_str <<endl; cin.get(); if ((buffer_str.find(';', 0) != string::npos) && (buffer_str.find('\"', 0) != string::npos)) { //we're now at the end of the 'exc' initialiation statement buffer_str.erase(buffer_str.size() - 2, 1); buffer_str += '\n'; for (size_t i = 0; i < pos; i++) { buffer_str += ' '; } buffer_str += "throw(exc);\n"; for (size_t i = 0; i < (pos - 3); i++) { buffer_str += ' '; } buffer_str += '}'; } else if (buffer_str.find(search_str6, 0) != string::npos) { //we're now at the second problem line of the first case buffer_str += " {\n"; output_str += buffer_str; output_str += '\n'; getline(file_handle, buffer_str); //We're now at the beginning of the 'exc' initialiation statement output_str += buffer_str; output_str += '\n'; while (getline(file_handle, buffer_str)) { if ((buffer_str.find(';', 0) != string::npos) && (buffer_str.find('\"', 0) != string::npos)) { //we're now at the end of the 'exc' initialiation statement buffer_str.erase(buffer_str.size() - 2, 1); buffer_str += '\n'; for (size_t i = 0; i < pos; i++) { buffer_str += ' '; } buffer_str += "throw(exc);\n"; for (size_t i = 0; i < (pos - 3); i++) { buffer_str += ' '; } buffer_str += '}'; } output_str += buffer_str; output_str += '\n'; if (buffer_str.find("return", 0) != string::npos) { getline(file_handle, buffer_str); output_str += buffer_str; output_str += '\n'; about_to_break = true; break; //out of this while loop } } } if (about_to_break) { break; //out of the level 3 while loop (execution then goes back up to beginning of level 2 while loop) } output_str += buffer_str; output_str += '\n'; } Because of this problem, my if statement and then my else statement in my loop are not functioning as they should, and it doesn't break out of that loop when it should (though it eventually does break out of it, but I don't know exactly how yet). Anyone have any idea what could be causing this problem?? Thanks in advance.

    Read the article

  • How to Authenticate to Active Directory Services (ADs) using .NET 3.5 / C#

    - by Ranger Pretzel
    After much struggling, I've figured out how to authenticate to my company's Active Directory using just 2 lines of code with the Domain, Username, and Password in .NET 2.0 (in C#): // set domain, username, password, and security parameters DirectoryEntry entry = new DirectoryEntry("LDAP://" + domain, username, password, AuthenticationTypes.Secure | AuthenticationTypes.SecureSocketsLayer); // force Bind to AD server to authenticate object obj = entry.NativeObject; If the 2nd line throws an exception, then the credentials and/or parameters were bad. (Specific reason can be found in the exception.) If no exception, then the credentials are good. Trying to do this in .NET 3.5 looks like it should be easy, but has me at a roadblock instead. Specifically, I've been working with this example: PrincipalContext domainContext = new PrincipalContext(ContextType.Domain, domain); using (domainContext) { return domainContext.ValidateCredentials(UserName, Password); } Unfortunately, this doesn't work for me as I don't have both ContextOptions set to Sealed/Secure and SSL (like I did above in the .NET 2.0 code.) There is an alternate constructor for PrincipalContext that allows setting the ContextOptions, but this also requires supplying a Distinguished Name (DN) of a Container Object and I don't know exactly what mine is or how I would find out. public PrincipalContext(ContextType contextType, string name, string container, ContextOptions options); // container: // The container on the store to use as the root of the context. All queries // are performed under this root, and all inserts are performed into this container. // For System.DirectoryServices.AccountManagement.ContextType.Domain and System.DirectoryServices.AccountManagement.ContextType.ApplicationDirectory // context types, this parameter is the distinguished name of a container object. Any suggestions?

    Read the article

  • Silverlight and Encryption, how to store/generate they key/iv pair?

    - by cmaduro
    I have a Silverlight app that connects to a php webservice. I want to encrypt the communication between the webservice and the Silverlight client. I'm not relying on SSL. I'm encrypting/decrypting the POST string myself using AES 256bit Key and IV. The big questions then are: How do I generate a random unique key/iv pair in PHP. How do I share this key/iv pair between the web service and silverlight client in a secure way. It seems impossible without having some kind of hard coded key or iv on the client. Which would compromise security. This is a public website, there are no logins. Just the requirement of secure communication. I can hard code the seed for the key/iv (which is hashed with SHA256 with a time stamp salt and then assigned as the key or iv) in PHP source code, that's on the server so that is pretty safe. However on the client the seed for the key/iv pair would be visible, if it is hard coded. Further more using a time stamp as the basis for uniqueness/randomness is definitely not ok, since timestamps are predictable. It does however provide a common factor between the C# code and the PHP code. The only other option that I can think of would be to have a 3rd service involved that provides the key/iv to the Silverlight client, as well as the php webservice. This of course start the cycle anew, with the question of how to store the credentials for accessing the key/iv distribution service on the Silverlight client. Sounds like the solution is then asymmetric encryption, since sensitive data will be viewed only on the administrative back end of the website. Unfortunately Silverlight has no asymmetric encryption classes. The solution? Roll my own Diffie-Hellman key exchange! Plug that key into AES256!

    Read the article

  • Implementing a 2 Legged OAuth Provider

    - by Rob Wilkerson
    I'm trying to find my way around the OAuth spec, its requirements and any implementations I can find and, so far, it really seems like more trouble than its worth because I'm having trouble finding a single resource that pulls it all together. Or maybe it's just that I'm looking for something more specialized than most tutorials. I have a set of existing APIs--some in Java, some in PHP--that I now need to secure and, for a number of reasons, OAuth seems like the right way to go. Unfortunately, my inability to track down the right resources to help me get a provider up and running is challenging that theory. Since most of this will be system-to-system API usage, I'll need to implement a 2-legged provider. With that in mind... Does anyone know of any good tutorials for implementing a 2-legged OAuth provider with PHP? Given that I have securable APIs in 2 languages, do I need to implement a provider in both or is there a way to create the provider as a "front controller" that I can funnel all requests through? When securing PHP services, for example, do I have to secure each API individually by including the requisite provider resources on each? Thanks for your help.

    Read the article

  • SSL certificates: No Client certificate key exhange

    - by user334246
    I am trying to access a WCF web service, that is using two way SSL encryption. When I try to call the service I get a System.ServiceModel.Security.SecurityNegotiationException: Could not establish secure channel for SSL/TLS with authority 'XXX.xx'. --- System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel. I have tried activating wire shark, to see what is sent to and from the server: I see a client hello and a server hello. But there is no client response to the server hello. I was expecting a "Certificate. Client key exchange. Change cipher. Encrypted handshake Message" package, but none is sent. I'm thinking it is a problem with the certificate sent by the server, that somehow my client server does not trusy it. Here is what I have already tried: I have created the certificate, through the proper authority, though I could have made a mistake in the certificate request without knowing it. I have added the two root certificates to: trusted root certificates, trusted publishers and trusted people. I have also added the client certificate to trusted people. My colleague has succeded in establishing connection on a win 2008 server (i'm using a 2003, because it is necessary for some odd reason - don't ask). I can't see any differences in our approach, so i'm a bit lost. Any help would be greatly appreciated.

    Read the article

  • spring security login pages?

    - by es11
    I have some confusion with how spring security works: In my application, I need to have a login page for users after which they are redirected back the page from where they came. I went through a few spring security tutorials and read some articles, and the examples work by securing a certain page on a site (managed by the <intercept url ..> tag). Then Spring security will generate a login page (or you can specify your own) in order to access the secured page. I am confused because I don't want to necessary secure a given page on my site: I want a login page for users to log into after which they have access to elevated features of the site (through spring security's authorization features). My question is: given what I described, what would be the strategy to create this login page which, after login, would grant the logged in user the appropriate authorities? The hack I thought of would be to create a simple JSP page who's only function is to redirect back to the previous page. Then I would use Spring Security to secure that JSP page. But it seems like there should be a better way of doing this... Thanks

    Read the article

  • Open Source Web Frameworks : Security

    - by trappedIntoCode
    How secure are popular open source web frameworks? I am particularly interested in popular frameworks like Rails and DJango. If I am building a site which is going to do heavy e-commerce, is it Ok to use frameworks like DJango and Satchmo? Is security compromised because their open architecture ? I know being OS does not mean being down right open to hackers, Linux uses superb authentication mechanism, but web is a different game. What can be done in this regard? UPDATE: Thanks for answers guys. I understand that I will have to find a suitable hosting service for a secure e-commerce application and that additional layers of security will be needed. I understand that Django and Rails have been designed keeping security aspects in mind, the most common form attacks like XSS, Injections etc. (Django book has a ch on Security) I was expecting comments from security Gurus. If you are a security Guru, would you recommend an important site, which is likely going to be popular, to be built on DJango or Rails?

    Read the article

  • wcf configuration for this code

    - by user208081
    I have the following code and would like to convert a lot of code into configuration settings for WCF. As you can see, the code is using wshttpbinding. I appreciate any help on this. try { // Provides a unique network address that a client uses to communicate with a service endpoint. EndpointAddress endpointAddress = new EndpointAddress(new Uri(FAXServiceSettings.Default.FAXReceiveServiceURL)); // Specify the protocols, transports, and message encoders used for communication between the client and the service. // WSHttpBinding represents an interoperable binding that supports distributed transactions and secure, reliable sessions. // Spefically, SOAP message security is enabled for secure transmission of the message content. WSHttpBinding clientBinding = new WSHttpBinding(SecurityMode.Message); clientBinding.OpenTimeout = TimeSpan.FromSeconds(FAXServiceSettings.Default.FAXReceiveServiceOpenTimeoutInSeconds); clientBinding.SendTimeout = TimeSpan.FromSeconds(FAXServiceSettings.Default.FAXReceiveServiceOpenTimeoutInSeconds); // Use the ChannelFactory to enable the creation of channels to the binding and endpoint. using (ChannelFactory<IReceiveFAX> channelFactory = new ChannelFactory<IReceiveFAX>(clientBinding, endpointAddress)) { // Creates a channel of a specified type to a specified endpoint address. IReceiveFAX channel = channelFactory.CreateChannel(); if (channel != null) { try { // Submit the FaxSchedule instance for routing. channel.SubmitFAXForRouting(CreateNewFaxScheduleContainerInstance()); // Explicitly close the channel using the IClientChannel interface. CloseChannel((channel as IClientChannel)); } finally { // Explicitly dispose of the channel using IDisposable interface. DisposeOfChannel((channel as IDisposable)); channel = null; } } // This method causes a CommunicationObject to gracefully transition from any state, other than the Closed state, into the Closed state. The Close method allows any // unfinished work to be completed before returning. For example, finish sending any buffered messages. channelFactory.Close(); } } catch { throw; } Pratik

    Read the article

  • latex list environment inside the tabular environment: extra line at top preventing alignment

    - by Usagi
    Hello good people of stackoverflow. I have a LaTeX question that is bugging me. I have been trying to get a list environment to appear correctly inside the tabular environment. So far I have gotten everything to my liking except one thing: the top of the list does not align with other entries in the table, in fact it looks like it adds one line above the list... I would like to have these lists at the top. This is what I have, a custom list environment: \newenvironment{flushemize}{ \begin{list}{$\bullet$} {\setlength{\itemsep}{1pt} \setlength{\parskip}{0pt} \setlength{\parsep}{0pt} \setlength{\partopsep}{0pt} \setlength{\topsep}{0pt} \setlength{\leftmargin}{12pt}}}{\end{list}} Renamed ragged right: \newcommand{\rr}{\raggedright} and here is my table: \begin{table}[H]\caption{Tank comparisons}\label{tab:tanks} \centering \rowcolors{2}{white}{tableShade} \begin{tabular}{p{1in}p{1.5in}p{1.5in}rr} \toprule {\bf Material} & {\bf Pros} & {\bf Cons} & {\bf Size} & {\bf Cost} \\ \midrule \rr Reinforced concrete &\rr \begin{flushemize}\item Strong \item Secure \end{flushemize}&\rr \begin{flushemize}\item Prone to leaks \item Relatively expensive to install \item Heavy \end{flushemize} & 100,000 gal & \$299,400 \\ \rr Steel & \begin{flushemize}\item Strong \item Secure \end{flushemize} & \begin{flushemize}\item Relatively expensive to install \item Heavy \item Require painting to prevent rusting \end{flushemize} & 100,000 gal & \$130,100 \\ \rr Polypropylene & \begin{flushemize}\item Easy to install \item Mobile \item Inexpensive \item Prefabricated \end{flushemize} & \begin{flushemize}\item Relatively insecure \item Max size available 10,000 gal \end{flushemize} & 10,000 gal & \$5,000 \\ \rr Wood & \begin{flushemize}\item Easy to install \item Mobile \item Cheap to install \end{flushemize} & \begin{flushemize}\item Prone to rot \item Must remain full once constructed \end{flushemize} & 100,000 gal & \$86,300\\ \bottomrule \end{tabular} \end{table} Thank you for any advice :)

    Read the article

  • Flash Security Error Accessing URL with crossdomain.xml

    - by user163757
    Hello, I recently deployed a Flash application to a server, and am now experiencing errors when making HTTPService requests. I have put what I believe to be the most permissive crossdomain.xml possible in the wwwroot folder, and still get the errors. Interestingly enough, the error only seems to occur when the request is made from a direct user interaction (i.e. button click). The application makes other requests that are initiated by other means(i.e creationComplete) , and they seem to work as expected. Anyone see anything wrong with the crossdomain.xml, or have any other suggestions? ERROR MESSAGE [RPC Fault faultString="Security error accessing url" faultCode="Channel.Security.Error" faultDetail="Destination: DefaultHTTP"] at mx.rpc::AbstractInvoker/http://www.adobe.com/2006/flex/mx/internal%3A%3AfaultHandler() at mx.rpc::Responder/fault() at mx.rpc::AsyncRequest/fault() at DirectHTTPMessageResponder/securityErrorHandler() at flash.events::EventDispatcher/dispatchEventFunction() at flash.events::EventDispatcher/dispatchEvent() at flash.net::URLLoader/redirectEvent() <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <site-control permitted-cross-domain-policies="all" /> <allow-access-from domain="*" secure="false" /> <allow-http-request-headers-from domain="*" headers="*" secure="false" /> </cross-domain-policy>

    Read the article

  • Problem with non blocking fifo in bash

    - by timdel
    Hi! I'm running a few Team Fortress 2 servers and I want to write a little management script. Basically the TF2 servers are a fg process which provides a server console, so I can start the server, type status and get an answer from it: ***@purple:~/tf2$ ./start_server_testing Auto detecting CPU Using AMD Optimised binary. Server will auto-restart if there is a crash. Console initialized. [bla bla bla] Connection to Steam servers successful. VAC secure mode is activated. status hostname: Team Fortress version : 1.0.6.1/15 3883 secure udp/ip : ***.***.133.31:27600 map : ctf_2fort at: 0 x, 0 y, 0 z players : 0 (2 max) # userid name uniqueid connected ping loss state adr Great, now I want to create a script which sends the command sm_reloadadmins to all my servers. The best way I found to do this is using a fifo named pipe. Now what I want to do is having this pipe readonly and non blocking to the server process, so I can write into the pipe and the server executes it, but still I want to write via console one the server, so if I switch back to the fg process of the server and I type status I want an answer printed. I tried this (assuming serverfifo is mkfifo serverfifo): ./start_server_testing < serverfifo Not working, the server won't start until something is written to the pipe. ./start_server_testing <> serverfifo Thats actually working pretty good, I can see the console output of the server and I can write to the fifo and the server executes the commands, but I can't write via console to the server anymore. Also, if I write 'exit' to the pipe (which should end the server) and I'm running it in a screen the screen window is getting killed for some reason (wtf why?). I only need the server to read the fifo without blocking AND all my keyboard input on the server itself should be send to the server AND all server ouput should be written to the console. Is that possible? If yes, how?

    Read the article

  • How do I securely authenticate the calling assembly of a WCF service method?

    - by Tim
    The current situation is as follows: We have an production .net 3.5 WCF service, used by several applications throughout the organization, over wsHttpBinding or netTcpBinding. User authentication is being done on the Transport level, using Windows integrated security. This service has a method Foo(string parameter), which can only be called by members of given AD groups. The string parameter is obligatory. A new client application has come into play (.net 3.5, C# console app), which eliminates the necessity of the string parameter. However, only calls from this particular application should be allowed to omit the string parameter. The identity of the caller of the client application should still be known by the server because the AD group limitation still applies (ruling out impersonation on the client side). I found a way to pass on the "evidence" of the calling (strong-named) assembly in the message headers, but this method is clearly not secure because the "evidence" can easily be spoofed. Also, CAS (code access security) seems like a possible solution, but I can't seem to figure out how to make use of CAS in this particular scenario. Does anyone have a suggestion on how to solve this issue? Edit: I found another thread on this subject; apparently the conclusion there is that it is simply impossible to implement in a secure fashion.

    Read the article

  • User roles - why not store in session?

    - by Phil
    I'm porting an ASP.NET application to MVC and need to store two items relating to an authenitcated user: a list of roles and a list of visible item IDs, to determine what the user can or cannot see. We've used WSE with a web service in the past and this made things unbelievably complex and impossible to debug properly. Now we're ditching the web service I was looking foward to drastically simplifying the solution simply to store these things in the session. A colleague suggested using the roles and membership providers but on looking into this I've found a number of problems: a) It suffers from similar but different problems to WSE in that it has to be used in a very constrained way maing it tricky even to write tests; b) The only caching option for the RolesProvider is based on cookies which we've rejected on security grounds; c) It introduces no end of complications and extra unwanted baggage; All we want to do, in a nutshell, is store two string variables in a user's session or something equivalent in a secure way and refer to them when we need to. What seems to be a ten minute job has so far taken several days of investigation and to compound the problem we have now discovered that session IDs can apparently be faked, see http://blogs.sans.org/appsecstreetfighter/2009/06/14/session-attacks-and-aspnet-part-1/ I'm left thinking there is no easy way to do this very simple job, but I find that impossible to believe. Could anyone: a) provide simple information on how to make ASP.NET MVC sessions secure as I always believed they were? b) suggest another simple way to store these two string variables for a logged in user's roles etc. without having to replace one complex nightmare with another as described above? Thank you.

    Read the article

< Previous Page | 62 63 64 65 66 67 68 69 70 71 72 73  | Next Page >