Search Results

Search found 4187 results on 168 pages for 'secure erase'.

Page 89/168 | < Previous Page | 85 86 87 88 89 90 91 92 93 94 95 96  | Next Page >

  • ASP.NET The underlying connection was closed: Could not establish trust relat

    - by David Lively
    When attempting to use HttpWebRequest to retrieve a page from my dev server, I get a web exception: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel." The remote certificate is invalid according to the validation procedure... The url I'm attempting to read from is a plain-old http://myserver.com/mypage.asp - no SSL. The production server has a valid certificate so this shouldn't be an issue, but our dev server doesn't. Help!

    Read the article

  • RijndaelManaged: IV Generation?

    - by cam
    I want to implement the most secure, and most reliable form of symmetric key cryptography in my application. The user should input a password to encrypt/decrypt, and that's all. For RijndaelManaged, one must enter a key and an IV. I'm not sure how to address the situation. Right now, I have the entered password being hashed by SHA256 and then being used as the key for the Rijndael. What do I use for the IV? Another password?

    Read the article

  • SmtpClient, send email through smtp.gmail.com, but From another account.

    - by dynback.com
    I wonna send email through gmail smtp, but users should see my corporative "From" SmtpClient smtp = new SmtpClient("smtp.gmail.com", 587); smtp.EnableSsl = true; smtp.Credentials = new NetworkCredential("[email protected]", "pass", "mail.dynback.com"); I am getting SmtpException: "The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.5.1 Authentication Required" I heard its all possible and called "Relay", but I am not sure, do i need to put somehow google credentials?

    Read the article

  • Cakephp Shopping Cart

    - by Fabian Brenes
    Hi all, I was wondering which php based carts will be the easiest to integrate with cakephp. I've heard about bakesale but I have no info on it whether is up to par with magento, cubecart or other carts out there. It's been a while since they have updated info on bakesale (August 2008). So if anyone has any info how reliable and secure bakesale is or is it better to use other php carts any info wil be appreciated.

    Read the article

  • Ideas for multiplatform encrypted java mobile storage system

    - by Fernando Miguélez
    Objective I am currently designing the API for a multiplatform storage system that would offer same interface and capabilities accross following supported mobile Java Platforms: J2ME. Minimum configuration/profile CLDC 1.1/MIDP 2.0 with support for some necessary JSRs (JSR-75 for file storage). Android. No minimum platform version decided yet, but rather likely could be API level 7. Blackberry. It would use the same base source of J2ME but taking advantage of some advaced capabilities of the platform. No minimum configuration decided yet (maybe 4.6 because of 64 KB limitation for RMS on 4.5). Basically the API would sport three kind of stores: Files. These would allow standard directory/file manipulation (read/write through streams, create, mkdir, etc.). Preferences. It is a special store that handles properties accessed through keys (Similar to plain old java properties file but supporting some improvements such as different value data types such as SharedPreferences on Android platform) Local Message Queues. This store would offer basic message queue functionality. Considerations Inspired on JSR-75, all types of stores would be accessed in an uniform way by means of an URL following RFC 1738 conventions, but with custom defined prefixes (i.e. "file://" for files, "prefs://" for preferences or "queue://" for message queues). The address would refer to a virtual location that would be mapped to a physical storage object by each mobile platform implementation. Only files would allow hierarchical storage (folders) and access to external extorage memory cards (by means of a unit name, the same way as in JSR-75, but that would not change regardless of underlying platform). The other types would only support flat storage. The system should also support a secure version of all basic types. The user would indicate it by prefixing "s" to the URL (i.e. "sfile://" instead of "file://"). The API would only require one PIN (introduced only once) to access any kind of secure object types. Implementation issues For the implementation of both plaintext and encrypted stores, I would use the functionality available on the underlying platforms: Files. These are available on all platforms (J2ME only with JSR-75, but it is mandatory for our needs). The abstract File to actual File mapping is straight except for addressing issues. RMS. This type of store available on J2ME (and Blackberry) platforms is convenient for Preferences and maybe Message Queues (though depending on performance or size requirements these could be implemented by means of normal files). SharedPreferences. This type of storage, only available on Android, would match Preferences needs. SQLite databases. This could be used for message queues on Android (and maybe Blackberry). When it comes to encryption some requirements should be met: To ease the implementation it will be carried out on read/write operations basis on streams (for files), RMS Records, SharedPreferences key-value pairs, SQLite database columns. Every underlying storage object should use the same encryption key. Handling of encrypted stores should be the same as the unencrypted counterpart. The only difference (from the user point of view) accessing an encrypted store would be the addressing. The user PIN provides access to any secure storage object, but the change of it would not require to decrypt/re-encrypt all the encrypted data. Cryptographic capabilities of underlying platform should be used whenever it is possible, so we would use: J2ME: SATSA-CRYPTO if it is available (not mandatory) or lightweight BoncyCastle cryptographic framework for J2ME. Blackberry: RIM Cryptographic API or BouncyCastle Android: JCE with integraced cryptographic provider (BouncyCastle?) Doubts Having reached this point I was struck by some doubts about what solution would be more convenient, taking into account the limitation of the plataforms. These are some of my doubts: Encryption Algorithm for data. Would AES-128 be strong and fast enough? What alternatives for such scenario would you suggest? Encryption Mode. I have read about the weakness of ECB encryption versus CBC, but in this case the first would have the advantage of random access to blocks, which is interesting for seek functionality on files. What type of encryption mode would you choose instead? Is stream encryption suitable for this case? Key generation. There could be one key generated for each storage object (file, RMS RecordStore, etc.) or just use one for all the objects of the same type. The first seems "safer", though it would require some extra space on device. In your opinion what would the trade-offs of each? Key storage. For this case using a standard JKS (or PKCS#12) KeyStore file could be suited to store encryption keys, but I could also define a smaller structure (encryption-transformation / key data / checksum) that could be attached to each storage store (i.e. using addition files with the same name and special extension for plain files or embedded inside other types of objects such as RMS Record Stores). What approach would you prefer? And when it comes to using a standard KeyStore with multiple-key generation (given this is your preference), would it be better to use a record-store per storage object or just a global KeyStore keeping all keys (i.e. using the URL identifier of abstract storage object as alias)? Master key. The use of a master key seems obvious. This key should be protected by user PIN (introduced only once) and would allow access to the rest of encryption keys (they would be encrypted by means of this master key). Changing the PIN would only require to reencrypt this key and not all the encrypted data. Where would you keep it taking into account that if this got lost all data would be no further accesible? What further considerations should I take into account? Platform cryptography support. Do SATSA-CRYPTO-enabled J2ME phones really take advantage of some dedicated hardware acceleration (or other advantage I have not foreseen) and would this approach be prefered (whenever possible) over just BouncyCastle implementation? For the same reason is RIM Cryptographic API worth the license cost over BouncyCastle? Any comments, critics, further considerations or different approaches are welcome.

    Read the article

  • How to build Lucene / Solr from source code in windows environment in order to add patches

    - by Simon
    I have successfully implemented Apache’s Solr for free text searching a database driven web site build for windows platforms using Visual Studio in c#. I am trying to get a version Solr working with field collapsing (which is not in the release version). There are patches available from apache and discussions on the web of people successfully doing this for the version I am using but my problem is cannot get the build to work. I am a c# coder on windows platforms so java development is new to me. I understand I need to get the correct source code (and revision) from SVN, add the appropriate patches, then build the war file to deploy to my system. I cannot seem to get the source to build and produce the deployment code including jar (and subsequent war) files. My system is: Windows 7 Ultimate for development Visual Studio 2010 for c# / javascript development MyEclipse 8.6 / Eclipse 3.5 for the java build from source Subecplise 1.6x SVN plugin to get the source from apache’s SVN Apache Solr 1.4.1 So far I have: Found the right patches for the function I need: https://issues.apache.org/jira/browse/SOLR-236 Specifically I need to patch: field_collapsing_1.1.0.patch HTTPS //issues.apache.org/jira/secure/attachment/12357681/field_collapsing_1.1.0.patch and SOLR-236-1_4_1.patch HTTPS //issues.apache.org/jira/secure/attachment/12448216/SOLR-236-1_4_1.patch I downloaded the Lucene trunk version from the day before the patch was released (revision 958303 from 28/6/10) via subeclipse into a java package in myeclipse from: HTTPS //svn.apache.org/repos/asf/lucene/dev/trunk (Solr is the web implementation of Lucene and is in the subfolder solr/) I can apply patches to the solr directory once it has downloaded but the parent Lucene project doesn’t build the war files, copy the jar or other files into the bin folder (it stays empty). The build process starts, but doesn’t do anything apart from creating the folders bin and src. I am building the whole Lucene project, which contains Solr. I have tried building the source without patching and the same happens. If I copy out the Solr directory into a new project, it runs the build and copies all the related files, tests, etc but fails with 4,500 errors and does not produce the jar files or war file, which I assume is because it can’t find the Lucene trunk files which it depends on. I have two interrelated problems 1) I can't get the Lucene downloaded trunk to build 2) The jar, war and associated files are not created Can anyone help with what I am missing to build the war file? I have spent 2 days to get this far as the help online is extremely patchy and I can’t find a walk though tutorial on building a java war file from source in a windows environment. Any help will be much appreciated. Simon

    Read the article

  • Why use Soap as authenitcation in webservice?

    - by chobo2
    Hi I am looking at this tutorial http://www.codeproject.com/KB/cpp/authforwebservices.aspx and I am wondering what the reason for using authentication through soap is? Like why not just pass the username and password through the parameters instead? Is it more secure to do it like the way the guy is in the tutorial verus just using passing it through as parameters? Thanks

    Read the article

  • Cloud security and privacy

    - by Rakesh K
    Hi, I have a very basic doubt regarding cloud computing that is catching up pretty fast these days. To my understanding, cloud computing is a paradigm in which companies put up their data and applications on somebody else's machines aka 'The Cloud'. I want to know just how secure is it to put up my data on some third party machines, especially if my data contains private details. In particular, how can an enterprise trust the cloud computing service providers in this data privacy aspect? Thanks, rakesh.

    Read the article

  • Setting Cookie Port

    - by MasterMax1313
    I'm trying to set the port on a cookie in ASP.NET (code below), but I'm getting a very unusual error at runtime (below the code). Any thoughts? target.Cookie = new Cookie { Comment = "Test Comment", CommentUri = new System.Uri("http://www.tempuri.org"), Discard = false, Domain = "tempuri.com", Expired = false, Expires = new DateTime(2015, 12, 31), HttpOnly = false, Name = "TestCookie", Path = "/", Port = "443", Secure = false, Value = "Test Value", Version = 1, }; Exception: System.Net.CookieException: The 'Port'='443' part of the cookie is invalid..

    Read the article

  • C# Wrapping an application within another application

    - by Gio Borje
    I want to secure some applications for some people without teaching them how to add an encryption or authentication, so I thought about mocking up a simple application that launches another application if some password or authentication function returns true. How would I wrap the application so that only the launcher would be able to access the file?

    Read the article

  • Paypal IPN security

    - by keithics
    Hello! I am developing a website which will allow users to pay via Paypal. Paypal IPN seems to be easy to integrate and it works on my localhost. Now the problem is that, the amount and the business name are passed to paypal using POST Data. I know it's very dangerous to put it that way, but I am not sure what are the alternatives. How can I make Paypal IPN secure?

    Read the article

  • Troubleshooting Multiple Endpoints Problem in WCF

    - by omatase
    I have been using WCF for a few years now and am fairly comfortable with it, however there is one simple WCF concept that I have yet to employ and am having difficulties with it. Following this article about WCF addressing as it specifically relates to multiple endpoints in IIS I see these two excerpts: "Suppose you have a file named calc.svc and you place it in a virtual directory that corresponds to (http://localhost:8080/calcservice). The base address for this service will be (http://localhost:8080/calcservice/calc.svc)." and "Now, consider the endpoint configuration found in the virtual directory’s web.config file (in Figure 3). In this case, the address of the first endpoint becomes the same as the base address (http://localhost:8080/calcservice/calc.svc) since I left the endpoint address empty. The address of the second endpoint becomes the combination of the base address appended with "secure", like this: (http://localhost:8080/calcservice/calc.svc/secure)." Now in my application I'm trying to create two endpoints for the same service (shown below). The service name is MainService.svc. For endpoint one I have address="" and endpoint two has address="Soap11". Bringing the site up in IIS I can successfully hit this URL: (https://localhost:444/MainService.svc). This is the base address for the service according to all the documentation I can find. According to this article and others I have seen that confirm its information I should have the second endpoint at (https://localhost:444/MainService.svc/Soap11) but if I navigate to that URL I get a .Net exception indicating the resource is not found. Is there a tool I can use to see where my different endpoints will be available? Maybe some IIS or aspnet_isapi.dll logging I can turn on? My web.config section defining my endpoints follows. Thanks in advance for your help <service behaviorConfiguration="MyService.MainServiceBehavior" name="MyService.MainService"> <endpoint address="" binding="wsHttpBinding" bindingConfiguration="WSBindingConfig" contract="MyService.IMainService"> <identity> <dns value="localhost" /> </identity> </endpoint> <endpoint address="Soap11" binding="basicHttpBinding" bindingConfiguration="BasicBindingWithCredentials" contract="MyService.IMainService"> <identity> <dns value="localhost" /> </identity> </endpoint> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" /> </service>

    Read the article

  • Is pdf virus proof? [closed]

    - by Jonathan
    I am creating a secure document portal for a client. One of the things that they are worried about is having someone upload a document with a virus. One solution that might work is to enforce that they only upload pdf files. My question is two fold: Most importantly, is a pdf document virus proof? How can you determine in a *nix environment that a file is a pdf, besides just looking at the extension. Thanks! Jonathan

    Read the article

  • False sense of security with `snprintf_s`

    - by xtofl
    MSVC's "secure" sprintf funcions have a template version that 'knows' the size of the target buffer. However, this code happily paints 567890 over the stack after the end of bytes... char bytes[5]; _snprintf_s( bytes, _TRUNCATE, "%s", "1234567890" ); Any idea what I do wrong, or is this a known bug? (I'm working in VS2005 - didn't test in 2008 or 2010)

    Read the article

  • Android: how to share code between projects signed with the same certificate

    - by tomash
    In Android documentation concerning code signing we can read: "By signing multiple applications with the same certificate and using signature-based permissions checks, your applications can share code and data in a secure manner." How exactly such code sharing can be done? Is it possible to release main application and multiple exchangeable plugins then discover them at runtime? What does source code looks like and what are advantages over "standard" intents calls from/to different APK packages?

    Read the article

  • java database backup restore

    - by jawath
    how do i backup /restore any kind of databases inside my java application to flate files.Are there any tools framework available to backup database to flat file like CSV, XML,or secure encrypted file,or restore from csv or xml files to databases ,it should be also capable of dumping table vise restore and backup also

    Read the article

  • sha1(password) encryption

    - by Jason
    Alright, so I tried to make my users info super secure by adding '" . sha1($_POST['password']) . "' when inserting their password when they register. THAT WORKS great, looking at the database, I have no clue what their password is. Now the problem is logging in. I'm running some tests and when I try to log in, the password 12345 doesn't match the encrypted password using "$password=sha1($_POST['mypassword']);" Any idea's why?

    Read the article

  • Securing username/password embedded in Java Desktop App

    - by William
    My Java desktop application includes a component for communicating with a web service. We therefore need to include the access details for it within the application, but do not want it to be easily accessible in the event that the code is decompiled (we will be obfuscating). What techniques can we use to secure these details?

    Read the article

  • "Register My Computer" on a website

    - by user279521
    I am working on a secure web site, that will allow the user to register their computer, to avoid answering the primary security questions. Is this just placing a cookie on their machine, and checking to see if the cookie exists? Or do I need to retrieve the client machines ID data?

    Read the article

< Previous Page | 85 86 87 88 89 90 91 92 93 94 95 96  | Next Page >