Search Results

Search found 6535 results on 262 pages for '3d secure'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 76/262 | < Previous Page | 72 73 74 75 76 77 78 79 80 81 82 83  | Next Page >

  • How secure is a PostgreSQL database if my server is stolen?

    - by orokusaki
    If I have a server with a database if top secret data in PostgreSQL and my password is practically impossible to crack (128 character string of all sorts of weird chars, generated by hand). The server password is also uncrackable in theory (basically, ignore the possibility of a password crack on the DB). Aside from a password crack, how easy is it to get the data out of this database? Assumptions: Only the DB exists on the server. There is no password in a PHP script or anything like that The person who has the server is a computer / DB / hard-drive recovery expert I'm not using any hard-drive encryption or anything out of the norm for protection I'm trying to understand the risks involved with somebody gaining physical access to my server's hard-drives.

    Read the article

  • PHP check http referer for form submitted by AJAX, secure?

    - by Michael Mao
    Hi all: This is the first time I am working for a front-end project that requires server-side authentication for AJAX requests. I've encountered problems like I cannot make a call of session_start as the beginning line of the "destination page", cuz that would get me a PHP Warning : Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\xampp\htdocs\comic\app\ajaxInsert Book.php:1) in C:\xampp\htdocs\comic\app\common.php on line 10 I reckon this means I have to figure out a way other than checking PHP session variables to authenticate the "caller" of this PHP script, and this is my approach : I have a "protected" PHP page, which must be used as the "container" of my javascript that posts the form through jQuery $.ajax(); method In my "receiver" PHP script, what I've got is: <?php define(BOOKS_TABLE, "books"); define(APPROOT, "/comic/"); define(CORRECT_REFERER, "/protected/staff/addBook.php"); function isRefererCorrect() { // the following line evaluates the relative path for the referer uri, // Say, $_SERVER['HTTP_REFERER'] returns "http://localhost/comic/protected/staff/addBook.php" // Then the part we concern is just this "/protected/staff/addBook.php" $referer = substr($_SERVER['HTTP_REFERER'], 6 + strrpos($_SERVER['HTTP_REFERER'], APPROOT)); return (strnatcmp(CORRECT_REFERER, $referer) == 0) ? true : false; } //http://stackoverflow.com/questions/267546/correct-http-header-for-json-file header('Content-type: application/json charset=UTF-8'); header('Cache-Control: no-cache, must-revalidate'); echo json_encode(array ( "feedback"=>"ok", "info"=>isRefererCorrect() )); ?> My code works, but I wonder is there any security risks in this approach? Can someone manipulate the post request so that he can pretend that the caller javascript is from the "protected" page? Many thanks to any hints or suggestions.

    Read the article

  • Help with calling a secure (SSL) webservice in Android.

    - by mmattax
    I'm new to Android and am struggling to make a call to an SSL web service for an Android Application. My code is as follows: Log.v("fs", "Making HTTP call..."); HttpClient http = new DefaultHttpClient(); HttpGet request = new HttpGet("https://example.com/api"); try { String response = http.execute(request, new BasicResponseHandler()); Log.v("fs", response); } catch (Exception e) { Log.v("fs", e.toString()); } The Output is: Making HTTP call... javax.net.SSLPeerUnverifiedException: No peer certificate Any suggestions to make this work would be great. EDIT I should note that this is a valid cert. It is not self-signed.

    Read the article

  • How to connect to a secure FtP from my website/web application?

    - by msandbot
    Hi, I'm working on making a website/web application that displays images every 5 or so minutes, kinda like a webcam. The images are uploaded to an SFTP server. How can I access those from the web? Does anyone have any recommendations for what to use as well? Right now I'm looking at PHP but have checked out javascript and ruby as well. Only the application needs to ssh to a predetermined place, not the users.

    Read the article

  • How to make a secure login using UDID or device token?

    - by Erik B
    So I'm making an app where I want the users to be able add, edit and rate content, but I do not want to force them to register. Instead I was planning on just using their device id or device token to identify them. I'm planning on making both an iPhone and Android version, so I'm looking for a general solution, but the iPhone version has higher priority, so an iPhone specific solution would also be welcome. The problem is that I don't want just anyone to be able to use my web service by sending a phony device id or someone else's device id. How would the client prove to the server that it is providing the correct device id?

    Read the article

  • How do I secure a .NET Web Service for use by an iPhone application?

    - by David A Gibson
    Hello, The title says it all, I have a Web Service written in .NET that provides data for an iPhone application. It will also allow the application make a "reservation." Currently it's all internal to the corporate network but obviously when the iPhone application is published I will need ensure the Web Service is available externally. How would I go about securing the Web Service? There are two aspects I'm looking into: Authentication for accessing the web service Protection for the data being transferred I'm no so bothered about the data being passed back and forth as it will be viewable in the application anyway (which will be free). The key issue for me is preventing users from accessing the Web Service and making reservations themselves. At the moment I am considering encrypting any strings in the XML data passed back and forth so only the client can effectively use the web service sidestepping the need for authentication and providing protection for the data. This is the only model I have seen but I think the overheads on the iPhone and even for the web service make for a poor user experience. Any solutions at all would be most welcome? Thanks

    Read the article

  • which of these modes : cbc,cfb,ctr,ecb,ncfb,nofb,ofb,stream are secure and which are absolute no-no

    - by user393087
    By security I mean that encoded string is indistinguishable from random noise and is different on every encryption of the same text so it is impossible to make a guess on encryption algorithm used or do any dictionary attack on the encoded text. Second: output string length does not correspond to the input string length in easy way, so it is not possible of make guessing on that account. Third: it is possible to verify that the provided password is incorrect so the decoding function could return false instead of supposedly decoded random string.

    Read the article

  • Make a Method of the Business Layer secure. best practice / best pattern [.net/c#]

    - by gsharp
    Hi We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-) Thanks for you help.

    Read the article

  • MATLAB: How do I get 3D coordiantes from a user-click?

    - by John
    I'm using Matlab to create a small chess game for one of my courses this semester. The thing I'm having trouble with is having the user be able to select one of the chess pieces. To simplify things, I'm making it so that the user selects a piece by clicking on the square that the chess piece resides on rather than clicking the piece itself (which I assume would be much more difficult). I know how to get the x and y coordinates of the view-port, but how do I transform these coordinates into 3-space coordinates? I know that there are multiple x,y,z coordinates associated with each view-port coordinate, but I'm only interested in the x,y,z coordinate where z = 0 (since the board itself is in the x,y plane that intersects the z axis where z = 0). Thanks!

    Read the article

  • What is SSL Certificates and How Does It Work

    SSL is an acronym for Secure Sockets Layer. The Secure Sockets Layer is a basically a web security protocol that is developed to establish a secure connection between web server and a browser. SSL is... [Author: Jack Melde - Computers and Internet - May 01, 2010]

    Read the article

  • Make a Method of the Business Layer secure. best practice / best pattern

    - by gsharp
    We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-)

    Read the article

  • WYSIWYG-editor with "add custom html feature" and secure (validated) html output?

    - by Tom
    I've been looking into some of the WYSIWYG editors (TinyMCE, FCKEditor, etc.) and they all seem to offer a lot of options. However, one vital feature that seems to lack is a simple "add custom html" option which would allow the user to input any of these embed-snippets you find all around the web these days, for example a youtube video. This is different than a "edit html/source" feature as that requires actual knowledge of html and there is the risk of the user writing invalid code. Another issue that I couldn't find much about is the output html. How would I make sure that this output causes no security invulnerabilities? Even when the user has the ability to add his own html? So, basically, is there an open source WYSIWYG editor which covers these 2 features?

    Read the article

  • Alternatives to sql like databases

    - by user613326
    Well i was wondering these days computers usually have 2GB or 4GB memory I like to use some secure client server model, and well an sql database is likely candidate. On the other hand i only have about 8000 records, who will not frequently be read or written in total they would consume less then 16 Megabyte. And it made me wonder what would be good secure options in a windows environment to store the data work with it multi-client single server model, without using SQL or mysql Would for well such a small amount of data maybe other ideas better ? Because i like to keep maintenance as simple as possible (no administrators would need to know sql maintenance, as they dont know databases in my target environment) Maybe storing in xml files or.. something else. Just wonder how others would go if ease of administration is the main goal. Oh and it should be secure to, the client server data must be a bit secure (maybe NTLM files shares https or...etc)

    Read the article

  • How to secure images to users logged in with Rails?

    - by NotDan
    I have a gallery in my rails app that needs to only allow certain images to be shown to specific logged in users. I am using Paperclip for image processing now, but it saves all images in a public folder available to anyone. Is it possible to only allow these images to be served to authenticated users?

    Read the article

  • Fastest way to find the closest point to a given point in 3D, in Python.

    - by Saebin
    So lets say I have 10,000 points in A and 10,000 points in B and want to find out the closest point in A for every B point. Currently, I simply loop through every point in B and A to find which one is closest in distance. ie. B = [(.5, 1, 1), (1, .1, 1), (1, 1, .2)] A = [(1, 1, .3), (1, 0, 1), (.4, 1, 1)] C = {} for bp in B: closestDist = -1 for ap in A: dist = sum(((bp[0]-ap[0])**2, (bp[1]-ap[1])**2, (bp[2]-ap[2])**2)) if(closestDist > dist or closestDist == -1): C[bp] = ap closestDist = dist print C However, I am sure there is a faster way to do this... any ideas?

    Read the article

  • Secure, simple php faq creating/editing script to base further development off of?

    - by Tchalvak
    I'm looking to build a simple site centered around a simple faq system in php. The faq concept is simple, but I want to have an administrative-access backend for editing and creating the entries, and securing a login seems more complex and time-consuming, so I'm looking for suggestions for code to start me off. Does anyone know of any open source php scripts or snippets that would work as base code for administrative login to some php scripts that could be used as a simple faq system? Or base code for both, the faq php code + web administrative access code?

    Read the article

  • How to get response from secure site (https) using curl in php?

    - by Chirag
    Hi, i have used below code for reading the response from HTTTPS secured site using curl but it shows an error like 'Page can't be displayed" curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true); curl_setopt($ch, CURLOPT_URL, $gatewayURI); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_POST, 1); curl_setopt ($curl_ch, CURLOPT_CAINFO, dirname(__FILE__)."/tempcert.pem"); any help??

    Read the article

  • Can a python view template be made to be 'safe/secure' if I make it user editable?

    - by Blankman
    Say I need to have a templating system where a user can edit it online using an online editor. So they can put if tags, looping tags etc., but ONLY for specific objects that I want to inject into the template. Can this be made to be safe from security issues? i.e. them somehow outputing sql connection string information or scripting things outside of the allowable tags and injected objects.

    Read the article

  • What is the best way to secure a shared git repo for a small distributed team ?

    - by ashy_32bit
    We have a Scala project and we decided to use git. The problem is we are a very small distributed team and we want nobody outside of the team to have even the read only access to our git server (which has a valid IP and is world-accessible in the IP level). I have heard the git-daemon has no authentication mechanism by itself and you should somehow integrate it with ssh or something. What is the best (and easiest) way to make the git server respond only to authorized users ? Or perhaps git-daemon is not for this task ? I may add that I am looking for a simple and straightforward approach. I don't want to compete with github ;-)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 72 73 74 75 76 77 78 79 80 81 82 83  | Next Page >