Search Results

Search found 87956 results on 3519 pages for 'code hinting'.

Page 86/3519 | < Previous Page | 82 83 84 85 86 87 88 89 90 91 92 93  | Next Page >

  • How I might think like a hacker so that I can anticipate security vulnerabilities in .NET or Java before a hacker hands me my hat [closed]

    - by Matthew Patrick Cashatt
    Premise I make a living developing web-based applications for all form-factors (mobile, tablet, laptop, etc). I make heavy use of SOA, and send and receive most data as JSON objects. Although most of my work is completed on the .NET or Java stacks, I am also recently delving into Node.js. This new stack has got me thinking that I know reasonably well how to secure applications using known facilities of .NET and Java, but I am woefully ignorant when it comes to best practices or, more importantly, the driving motivation behind the best practices. You see, as I gain more prominent clientele, I need to be able to assure them that their applications are secure and, in order to do that, I feel that I should learn to think like a malevolent hacker. What motivates a malevolent hacker: What is their prime mover? What is it that they are most after? Ultimately, the answer is money or notoriety I am sure, but I think it would be good to understand the nuanced motivators that lead to those ends: credit card numbers, damning information, corporate espionage, shutting down a highly visible site, etc. As an extension of question #1--but more specific--what are the things most likely to be seeked out by a hacker in almost any application? Passwords? Financial info? Profile data that will gain them access to other applications a user has joined? Let me be clear here. This is not judgement for or against the aforementioned motivations because that is not the goal of this post. I simply want to know what motivates a hacker regardless of our individual judgement. What are some heuristics followed to accomplish hacker goals? Ultimately specific processes would be great to know; however, in order to think like a hacker, I would really value your comments on the broader heuristics followed. For example: "A hacker always looks first for the low-hanging fruit such as http spoofing" or "In the absence of a CAPTCHA or other deterrent, a hacker will likely run a cracking script against a login prompt and then go from there." Possibly, "A hacker will try and attack a site via Foo (browser) first as it is known for Bar vulnerability. What are the most common hacks employed when following the common heuristics? Specifics here. Http spoofing, password cracking, SQL injection, etc. Disclaimer I am not a hacker, nor am I judging hackers (Heck--I even respect their ingenuity). I simply want to learn how I might think like a hacker so that I may begin to anticipate vulnerabilities before .NET or Java hands me a way to defend against them after the fact.

    Read the article

  • Apache proxy is modifying the HTTP status code

    - by jarnbjo
    I am using Apache as a proxy frontend for a Java web application, which is deployed on WebSphere. The web application is using custom status codes (55x) to signal specific errors to the clients. When accessing the web application directly through the WebSphere HTTP listener, everything works as expected, but when these requests are proxied through an Apache load balancer, the status codes are modified by Apache and replaced with a generic 500 error code (internal server error). In Apache's access.log, the correct status code is logged: <IP> - - [11/Nov/2011:17:24:53 +0100] "POST <URL> HTTP/1.1" 551 36 But the actual response received by the client starts like this (logged with tcpdump): HTTP/1.1 500 Internal Server Error ... Followed by the real status code in the response content: ... Error 551: Berichteter Fehler: 551 ... Is there an obvious reason for this behaviour or does someone have a suggestion on how to modify the Apache configuration to forward the "real" status code instead of 500?

    Read the article

  • Is this a DNS or server-side error?

    - by joshlfisher
    I am having difficulty accessing a specific website. (I get 500 Server fault errors) I can access this site on my iPhone when NOT connected to WiFi. I CANNOT access the site when connected to WiFi or via a Ethernet connection to my home network. I thought it might be a DNS issue, so I copied the DNSservers from a friend who has a different ISP, and has no problem access the site. No luck. Also tried some of the public DNS servers out there, again, with no luck. Does anyone have any idea on how to trace this issue?

    Read the article

  • Big project layout : adding new feature on multiple sub-projects

    - by Shiplu
    I want to know how to manage a big project with many components with version control management system. In my current project there are 4 major parts. Web Server Admin console Platform. The web and server part uses 2 libraries that I wrote. In total there are 5 git repositories and 1 mercurial repository. The project build script is in Platform repository. It automates the whole building process. The problem is when I add a new feature that affects multiple components I have to create branch for each of the affected repo. Implement the feature. Merge it back. My gut feeling is "something is wrong". So should I create a single repo and put all the components there? I think branching will be easier in that case. Or I just do what I am doing right now. In that case how do I solve this problem of creating branch on each repository?

    Read the article

  • Is there a variable width font that does not change width when adding effects like bold, italic?

    - by George Bailey
    NetBeans has a word wrap feature now - but if the font changes width when bold then it gets all jumpy and sometimes hard to work with. Edit: It turns out that even with Courier New that NetBeans word wrap still jumps up and down lines at a time at random. I guess that this question no longer cares for an answer. However,, it seems that there is no answer. (at least nobody has brought one up yet) I am currently using Comic Sans MS which gets wider when bold.

    Read the article

  • This code is of chess game. What is represented by 'DISTANCE' in code? [closed]

    - by rajeshverma423
    package chess; public class Evaluate { public static final int PIECE_KING = 0; public static final int PIECE_QUEEN = 1; public static final int PIECE_ROOK = 2; public static final int PIECE_BISHOP = 3; public static final int PIECE_KNIGHT = 4; public static final int PIECE_PAWN = 5; public static final int FULL_BIT_RANK = 4080; public static final int LAZY_MARGIN = 100; public static final int ISOLATED_PENALTY = 10; public static final int DOUBLE_PENALTY = 4; public static final int[] PIECE_VALUE = { 0, 9, 5, 3, 3, 1 }; public static final int[] PASS_PAWN = { 0, 35, 30, 20, 10, 5 }; public static final byte[] DISTANCE = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7, 6, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7, 6, 5, 6, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7, 6, 5, 4, 5, 6, 7, 0, 0, 0, 0, 0, 0, 0, 0, 7, 6, 5, 4, 3, 4, 5, 6, 7, 0, 0, 0, 0, 0, 0, 7, 6, 5, 4, 3, 2, 3, 4, 5, 6, 7, 0, 0, 0, 0, 7, 6, 5, 4, 3, 2, 1, 2, 3, 4, 5, 6, 7, 0, 0, 7, 6, 5, 4, 3, 2, 1, 0, 1, 2, 3, 4, 5, 6, 7, 0, 0, 7, 6, 5, 4, 3, 2, 1, 2, 3, 4, 5, 6, 7, 0, 0, 0, 0, 7, 6, 5, 4, 3, 2, 3, 4, 5, 6, 7, 0, 0, 0, 0, 0, 0, 7, 6, 5, 4, 3, 4, 5, 6, 7, 0, 0, 0, 0, 0, 0, 0, 0, 7, 6, 5, 4, 5, 6, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7, 6, 5, 6, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7, 6, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7 };

    Read the article

  • Download ASP.NET MVC Source Code

    - by Editor
    From Scott Guthrie’s blog: Last month I blogged about our ASP.NET MVC Roadmap. Two weeks ago we shipped the ASP.NET Preview 2 Release. Phil Haack from the ASP.NET team published a good blog post about the release here. Scott Hanselman has created a bunch of great ASP.NET MVC tutorial videos [...]

    Read the article

  • Simple vs Complex (but performance efficient) solution - which one to choose and when?

    - by ManojGumber
    I have been programming for a couple of years and have often found myself at a dilemma. There are two solutions - one is simple one i.e. simple approach, easier to understand and maintain. It involves some redundancy, some extra work (extra IO, extra processing) and therefore is not the most optimal solution. but other uses a complex approach,difficult to implement, often involving interaction between lot of modules and is a performance efficient solution. Which solution should I strive for when I do not have hard performance SLA to meet and even the simple solution can meet the performance SLA? I have felt disdain among my fellow developers for simple solution. Is it good practice to come up with most optimal complex solution if your performance SLA can be met by a simple solution?

    Read the article

  • CodeGolf : Find the Unique Paths

    - by st0le
    Here's a pretty simple idea, in this pastebin I've posted some pair of numbers. These represent Nodes of a unidirected connected graph. The input to stdin will be of the form, (they'll be numbers, i'll be using an example here) c d q r a b d e p q so x y means x is connected to y (not viceversa) There are 2 paths in that example. a->b->c->d->e and p->q->r. You need to print all the unique paths from that graph The output should be of the format a->b->c->d->e p->q->r Notes You can assume the numbers are chosen such that one path doesn't intersect the other (one node belongs to one path) The pairs are in random order. They are more than 1 paths, they can be of different lengths. All numbers are less than 1000. If you need more details, please leave a comment. I'll amend as required. Shameless-Plug For those who enjoy Codegolf, please Commit at Area51 for its very own site:) (for those who don't enjoy it, please support it as well, so we'll stay out of your way...)

    Read the article

  • Oracle Magazine - OWB 11gR2 and Heterogeneous Databases

    - by David Allan
    There's a nice article titled 'Oracle Warehouse Builder 11g Release 2 and Heterogeneous Databases' from Oracle ACE director and cofounder of Rittman Mead Consulting, Mark Rittman in the May/June 2010 Oracle Magazine that covers the heterogeneous database support in OWB 11gR2: http://www.oracle.com/technology/oramag/oracle/10-may/o30bi.html Big thanks to Mark for this write up. There is an Oracle white paper on the support here and for examples of this extensibility you can go to the OWB blog archive where there are quite a few posts. I would recommend the following interesting posts out of the archive architecture overview, bulk file loading, MySQL open connectivity and MySQL bulk extract as interesting posts amongst others.

    Read the article

  • Use a template to get alternate behaviour?

    - by Serge
    Is this a bad practice? const int sId(int const id); // true/false it doesn't matter template<bool i> const int sId(int const id) { return this->id = id; } const int MCard::sId(int const id){ MCard card = *this; this->id = id; this->onChange.fire(EventArgs<MCard&, MCard&>(*this, card)); return this->id; } myCard.sId(9); myCard.sId<true>(8); As you can see, my goal is to be able to have an alternative behaviour for sId. I know I could use a second parameter to the function and use a if, but this feels more fun (imo) and might prevent branch prediction (I'm no expert in that field). So, is it a valid practice, and/or is there a better approach?

    Read the article

  • Just when you thought it was safe..........

    - by GrumpyOldDBA
    One of my duties is to handle software releases to our Production system, as is my want I always run my eye down any schema changes, this new object stood out for a number of reasons. I may add this to my interview questions: SET ANSI_NULLS ON SET QUOTED_IDENTIFIER ON GO IF NOT EXISTS ( SELECT 1 FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA= 'dbo' AND TABLE_NAME= 'MSPaymentForExtraction' ) BEGIN CREATE TABLE [dbo].[MSPaymentForExtraction]([MSPaymentID] [ int ] NOT NULL IDENTITY...(read more)

    Read the article

  • Aptana Ext code completion in .php files

    - by Frederik Wordenskjold
    I'm having problems getting the code-completion for the Ext 3.2 plugin to work, when working with .php files. I've also installed the php plugin for Aptana, and the same thing applies for php - I cannot access php code-completion when working with a html-file, so it seems like a general issue... It's also not possible to write Ext in .js files, which is weird... The latter case does make sense of course. But I should be able to write both php and Ext in .php files! Is this possible in any way? I have of course tested the code-completion for php in a .php file, which works. The same applies for Ext code in .html documents!

    Read the article

  • What to do when a project is too difficult to continue developing?

    - by MaxWell
    As a developer, can you tell your project manager that an application is unworkable? Or, if you're a project manager, how would you need this presented to you in order to be compelled? This isn't about "how to work on a poor project", it's assuming you cannot. I can provide an example of the situation if anyone thinks it's important, but I'm trying to avoid proposed solutions to "plodding through".

    Read the article

  • Organizing ASP.Net Single Page Application with Nancy

    - by OnesimusUnbound
    As a personal project, I'm creating a single page, asp.net web application using Nancy to provide RESTful services to the single page. Due to the complexity of the single page, particularly the JavaScripts used, I've think creating a dedicated project for the client side of web development and another for service side will organize and simplify the development. solution | +-- web / client side (single html page, js, css) | - contains asp.net project, and nancy library | to host the modules in application project folder | +-- application / service (nancy modules, bootstrap for other layer) | . . . and other layers (three tier, domain driven, etc) . Is this a good way of organizing a complex single page application? Am I over-engineering the web app, incurring too much complexity?

    Read the article

  • Is there a variable width font that does not change width when adding effects like bold, italic?

    - by George Bailey
    NetBeans has a word wrap feature now - but if the font changes width when bold then it gets all jumpy and sometimes hard to work with. Edit: It turns out that even with Courier New that NetBeans word wrap still jumps up and down lines at a time at random. I guess that this question no longer cares for an answer. However,, it seems that there is no answer. (at least nobody has brought one up yet) I am currently using Comic Sans MS which gets wider when bold.

    Read the article

  • Unit testing time-bound code

    - by maasg
    I'm currently working on an application that does a lot of time-bound operations. That is, based on long now = System.currentTimeMillis();, and combined with an scheduler, it will calculate periods of time that parametrize the execution of some operations. e.g.: public void execute(...) { // executed by an scheduler each x minutes final int now = (int) TimeUnit.MILLISECONDS.toSeconds(System.currentTimeMillis()); final int alignedTime = now - now % getFrequency() ; final int startTime = alignedTime - 2 * getFrequency(); final int endTimeSecs = alignedTime - getFrequency(); uploadData(target, startTime, endTimeSecs); } Most parts of the application are unit-tested independently of time (in this case, uploadData has a natural unit test), but I was wondering about best practices for testing time-bound parts that rely on System.currentTimeMillis() ?

    Read the article

  • What's the best algorithm for... [closed]

    - by Paska
    Hi programmers! Today come out a little problem. I have an array of coordinates (latitude and longitude) maded in this way: [0] = "45.01234,9.12345" [1] = "46.11111,9.12345" [2] = "47.22222,9.98765" [...] etc In a loop, convert these coordinates in meters (UTM northing / UTM easting) and after that i convert these coords in pixel (X / Y) on screen (the output device is an iphone) to draw a route line on a custom map. [0] = "512335.00000,502333.666666" [...] etc The returning pixel are passed to a method that draw a line on screen (simulating a route calculation). [0] = "20,30" [1] = "21,31" [2] = "25,40" [...] etc As coordinate (lat/lon) are too many, i need to truncate lat/lon array eliminating the values that doesn't fill in the map bound (the visible part of map on screen). Map bounds are 2 couple of coords lat/lon, upper left and lower right. Now, what is the best way to loop on this array (NOT SORTED) and check if a value is or not in bound and after remove the value that is outside? To return a clean array that contains only the coords visible on screen? Note: the coords array is a very big array. 4000/5000 couple of items. This is a method that should be looped every drag or zoom. Anyone have an idea to optimize search and controls in this array? many thanks, A

    Read the article

  • HP openview servicedesk: looking for api information ?

    - by Zagorulkin Dmitry
    Good day folks. I am very confused in this situation. I need to implement system which will be based on HP open view service desk 4.5 api. But this system are reached the end of supporting period. On oficial site no information available I am looking an information about this API(articles, samples etc). Now i have only web-api.jar and javadoc. Methods in javadoc is bad documented. If you have any info, please share it with me. Thanks. Second question: there are methods for api(with huge amount of methods) understanding if it not documented or information is not available? PS:If it question is not belong here i will delete it.

    Read the article

  • Adding new events to be handled by script part without recompilation of c++ source code

    - by paul424
    As in title I want to write an Event system with handling methods written in external script language, that is Angelscript. The AS methods would have acess to game's world modifing API ( which has to be regsitered for Angelscript Machine as the game starts) . I have come to this problem : if we use the Angelsript for rapid prototyping of the game's world behavior , we would like to be able to define new Event Types, without recompiling the main binary. Is that ever possible , don't stick to Angelscript, I think about any possible scripting language. The main thought is this : If there's some really new Event possible to be constructed , we must monitor some information coming from the binary, for example some variable value changing and the Events are just triggered on some conditions on those changes , wer might be monitoring the Creatures HP, by having a function call on each change, there we could define new Events such as Creature hurt, creature killed, creature healed , creature killed and tormented to pieces ( like geting HP very much below 0 ) . Are there any other ideas of constructing new Events at the scripting side ?

    Read the article

< Previous Page | 82 83 84 85 86 87 88 89 90 91 92 93  | Next Page >