Search Results

Search found 4103 results on 165 pages for 'party mcfly'.

Page 93/165 | < Previous Page | 89 90 91 92 93 94 95 96 97 98 99 100  | Next Page >

  • Multiple Denial of Service (DoS) vulnerabilities in FreeType

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-1126 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0 FreeType Font Engine Solaris 11 Contact Support Solaris 10 SPARC: 119812-16 X86: 119813-18 Solaris 9 Contact Support CVE-2012-1127 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1128 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1129 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1130 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1131 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1132 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1133 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1134 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1135 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1136 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1137 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1138 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1139 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1140 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1141 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1142 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 CVE-2012-1143 Numeric Errors vulnerability 4.3 CVE-2012-1144 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • From a DDD perspective is a report generating service a domain service or an infrastructure service?

    - by Songo
    Let assume we have the following service whose responsibility is to generate Excel reports: class ExcelReportService{ public String generateReport(String fileFormatFilePath, ResultSet data){ ReportFormat reportFormat = new ReportFormat(fileFormatFilePath); ExcelDataFormatterService excelDataFormatterService = new ExcelDataFormatterService(); FormattedData formattedData = excelDataFormatterService.format(data); ExcelFileService excelFileService = new ExcelFileService(); String reportPath= excelFileService.generateReport(reportFormat,formattedData); return reportPath; } } This is pseudo code for the service I want to design where: fileFormatFilePath: path to a configuration file where I'll keep the format of my excel file (headers, column widths, number of columns,..etc) data: the actual records returned from the database. This data can't be used directly coz I might need to make further calculations to the data before inserting them to the excel file. ReportFormat: Value object to hold the report format, has methods like getHeaders(), getColumnWidth(),...etc. ExcelDataFormatterService: a service to hold any logic that need to be applied to the data returned from the database before inserting it to the file. FormattedData: Value object the represents the formatted data to be inserted. ExcelFileService: a wrapper top the 3rd party library that generates the excel file. Now how do you determine whether a service is an infrastructure or domain service? I have the following 3 services here: ExcelReportService, ExcelDataFormatterService and ExcelFileService?

    Read the article

  • JavaOne + Develop Registration is Open!

    - by justin.kestelyn
    Welcome to "The Zone". Here's what the new JavaOne + Develop registration Website says: The world's most important developer conferences are creating the world's coolest neighborhood for the developer community. Having been intimately involved in the planning process, I can vouch for that statement. Remember, if either co-located conference - JavaOne or Oracle Develop - are the confines of your interest, you can experience either one in standalone mode, if you like (although there are some areas of common interest, of course). Or, considering that a single Full Conference Pass gives you access to both of them, you can partake in any measure that you like. It's up to you. Either way, you will get access not only to session content and keynotes, but also to the massive OTN Night party on Monday night, to open unconference sessions, and to the legendary Appreciate Night concert (acts TBD) on Wednesday. Furthermore, as is customary, the Oracle Technology Network team will offer a full slate of community-focused activities and goodies while the conferences are running - more details on those as we have them. A GOOD time is ensured for all; I look forward to seeing you there!

    Read the article

  • How can I discourage the use of Access?

    - by Greg Buehler
    Lets pretend that a very large company (revenue numbers with more than 8 figures) is looking to do a refresh on a software system, particularly the dashboard used by employees. This system was originally put together in the early 1990's to handle inventory tracking and storage across a variety of facilities (10+). Since this large company is now in the process of implementing some of these inventory processes with SAP they are in need of a major refresh. The existing system: Microsoft Access project performs dashboard duties Unique shipping/receiving configurations at different facilities require unique forms and queries within the Access project Uses 3rd party libraries referenced by Access to directly interface with at control system (read: motors, conveyors, and counters) Individual SQL Server 2000 instances (some traces of pre-update SQL Server 6.0 documents) at each facility The Issue: This system started as a home brewed inventory tracking scheme with a single internal sponsor who is still in charge of the technical direction. The original sponsor prescribing the desired deliverables that are being called for in the current RFP. The RFP describes a system based around a single Access project. Any suggestion that Access is ill suited for a project of this scope are shot down under the reasoning that "it works for the scope now". Are there any case studies, notices, or statements that can be used to disuade this potential customer from repeating their mistake? Does Microsoft make any statements directly about when it is highly recommended to ditch Access?

    Read the article

  • Can you add doubleclick macros to exisiting ads

    - by picus
    Setup: A few weeks back I made some very simple html5 "ads" to run on a few of our partner sites. They weren't paid ads as we also manage these sites, however there are a few of them, so I made a modular solution that is hosted on one of our web servers and included on each page via javascript which outputs an iframe. Each search (ad has a search box) or click appends a url param that we track using custom vars in Google Analytics. In essence, the ad is a HTML page served in an iframe via javscript. Problem: We have an opportunity to run these ads on a third party site, I had sent them a brief how-to for inserting them and they came back saying that: The creative code doesn't contain the %u macro. We can’t substitute the default click-through URL without it. I am somewhat familiar with doubleclick from a web developer's POV, i have inserted DC dart tags before and even have implemented the ad tool for publishers. I have not, however, actually ever created an ad for the doubleclick network before. I assume the publisher needs these tags to track clicks and hence charge us. However, they have not responded to me in regards to these questions. Are macros something I can just add to or replace the existing links with, or do I need to completely setup the ad with doubleclcik - a big issue in the short term given we do not have a advertiser's account set up with them. Thanks in advance

    Read the article

  • How to stay productive? What time management software is available?

    - by andrewsomething
    So since I started using askubuntu.com I've spent entirely too much time here answering other people's questions. Now maybe someone could help me with that by answering this one. I'm looking for time management software for Ubuntu. There are a number of these programs floating around for Windows. RescueTime is one that is very popular. The key features that I'd like to see in a linux app that RescueTime has are: Automatically records what application you are using, including what websites you visit. Reports and graphs on your time usage. Notifications for when you have spent too much time on "distractions." While RescueTime doesn't officially support linux, there is an open source RescueTime Linux Uploader. Unfortunately, it seems to only support Firefox and Epiphany for website tracking. I'm a Chromium user. The other major drawback to RescueTime is that it is a web service. I'd much rather not upload detailed information about how I spend my time to some third party. Google already knows too much about me as it is. Project Hamster, a GNOME time management app, comes so close. Sadly, it does not automatically track what you are doing. If I had enough discipline to manually report to an applet what I was up to, I doubt I'd need this. (How cool would it be if they provided some Zeitgeist integration to handle that part?)

    Read the article

  • "unresolvable problem" error when upgrading from 12.04 to 14.04

    - by flyingfisch
    So I have solved this issue, but now I have another problem: An unresolvable problem occurred while calculating the upgrade. This can be caused by: * Upgrading to a pre-release version of Ubuntu * Running the current pre-release version of Ubuntu * Unofficial software packages not provided by Ubuntu If none of this applies, then please report this bug using the command 'ubuntu-bug ubuntu-release-upgrader-core' in a terminal. I am not upgrading to a pre-release version of Ubuntu and I am not running a pre-release either. I have unchecked all my 3rd-party packages using Ubuntu Software Manager, EditSoftware Sources... What else might be wrong? UPDATE After doing sudo update-manager -d and sudo apt-get update;sudo apt-get dist-upgrade as per JimB's post, and then running sudo do-release-upgrade, here what I get: Err http://extras.ubuntu.com trusty/main Translation-en Err http://extras.ubuntu.com trusty/main Translation-en_US Err http://extras.ubuntu.com trusty/main Translation-en Ign http://extras.ubuntu.com trusty/main Translation-en_US Ign http://extras.ubuntu.com trusty/main Translation-en Fetched 0 B in 0s (0 B/s) Checking package manager Reading package lists... Done Building dependency tree Reading state information... Done Building data structures... Done Calculating the changes Calculating the changes Could not calculate the upgrade An unresolvable problem occurred while calculating the upgrade. This can be caused by: * Upgrading to a pre-release version of Ubuntu * Running the current pre-release version of Ubuntu * Unofficial software packages not provided by Ubuntu If none of this applies, then please report this bug using the command 'ubuntu-bug ubuntu-release-upgrader-core' in a terminal. Restoring original system state Aborting Reading package lists... Done Building dependency tree Reading state information... Done Building data structures... Done === Command detached from window (Mon Aug 18 23:53:10 2014) === === Command terminated with exit status 1 (Mon Aug 18 23:53:10 2014) ===

    Read the article

  • Application toolkits like QT versus traditional game/multimedia libraries like SFML

    - by Aaron
    I currently intend to use SFML for my next game project. I'll need a substantial GUI though (RPG/strategy-type) so I'll either have to implement my own or try to find an appropriate third party library, which seem to boil down to CEGUI, libRocket, and GWEN. At the same time, I do not anticipate doing that many advanced graphical effects. My game will be 2D and primarily sprite-based with some sprite animations. I've recently discovered that QT applications can have their appearance styled so that they don't have to look like plain OS apps. Given that, I am beginning to consider QT a valid alternative to SFML. I wouldn't have to implement the GUI functionality I'd need, and I may not be taking advantage of SFML's lower-level access anyway. The only drawbacks I can think of immediately are the learning curve for QT and figuring out how to fit game logic inside such a framework after getting used to the input/update/render loop of traditional game libraries. When would an application toolkit like QT be more appropriate for a game than a traditional game or multimedia library like SFML?

    Read the article

  • Demantra Implementation Tip Windows and Unix or Linux

    - by user702295
    Hello!  Are you implementing using a third party or consulting resources?   Recently we have seen some cases where customers no longer have a windows installation.  After the initial install and configuration, once the instance has gone live, the windows install is either deleted or most likely no longer with the customer as the same was installed on the implementers' laptop to start with. As a result when support comes back requesting the customer to apply a patch and/or upgrade they do not have a windows installation.  This has started happening after Oracle Demantra gave them the option to configure the engine on Unix.  Workaround: It is advisable that the customer keep their Windows installation intact for further patching and/or upgrade.  It is aslo possible that the implementer had installed Demantra on his Windows box and you do not have access to it any more.  It is possible that with the web and engine on Unix, and the silent installer having downloaded all the executable for Business Modeler, to work on the User's client machine, you may no longer need the windows install. I have not tested the above 

    Read the article

  • Developing wheel reinventing tendencies into a skill as opposed to reluctantly learning wheel-finding skills? [duplicate]

    - by Korey Hinton
    This question already has an answer here: Is reinventing the wheel really all that bad? 20 answers I am more of a high-level wheel reinventor. I definitely prefer to make use of existing API features built into a language and popular third-party frameworks that I know can solve the problem, however when I have a particular problem that I feel capable of solving within a reasonable time I am very reluctant to find someone else's solution. Here are a few reasons why I reinvent: It takes time to learn a new API API restrictions might exist that I don't know about Avoiding re-work of unfamiliar code I am conflicted between doing what I know and shifting to a new technique I don't feel comfortable with. On one hand I feel like following my instincts and getting really good at solving problems, especially ones that I would never challenge myself with if all I did was try to find answers. And on the other hand I feel like I might be missing out on important skills like saving time by finding the right framework and expanding my knowledge by learning how to use a new framework. I guess my question comes down to this: My current attitude is to stick to the built-in API and APIs I know well* and to not spend my time searching github for a solution to a problem I know I can solve myself within a reasonable amount of time. Is that a reasonable balance for a successful programmer? *Obviously I will still look around for new frameworks that save time and solve/simplify difficult problems.

    Read the article

  • Microsoft Public License Question

    - by ryanzec
    Let preface this by saying that I understand that any advice I may receive is not to be taken as 100% correct, I am just looking for what people's understand of what this license is. I have been looking for a library that allow be to deal with archived compressed files (like zip files) and so far the best one I have found is DotNetZip. The only concern I have is that I am not familiar with the Microsoft Public License. While I plan to release a portion of my project (a web application platform) freely (MIT/BSD style) there are a few things. One is that I don't plan on actually releasing the source code, just the compiled project. Another thing is that I don't plan on releasing everything freely, only a subset of the application. Those are reason why I stay away form (L)GPL code. Is this something allowed while using 3rd party libraries that are licensed under the Microsoft Public License? EDIT The part about the Microsoft license that concerns me is Section 3 (D) which says (full license here): If you distribute any portion of the software in source code form, you may do so only under this license by including a complete copy of this license with your distribution. If you distribute any portion of the software in compiled or object code form, you may only do so under a license that complies with this license. I don't know what is meant by 'software'. My assumption would be that 'software' only refers to the library included under the license (being DotNetZip) and that is doesn't extends over to my code which includes the DotNetZip library. If that is the case then everything is fine as I have no issues keeping the license for DotNetZip when release this project in compiled form while having my code under its own license. If 'software' also include my code that include the DotNetZip library then that would be an issue (as it would basically act like GPL with the copyleft sense).

    Read the article

  • Are Intel compilers really better than the Microsoft ones?

    - by Rocket Surgeon
    Years ago, I was surprised when I discovered that Intel sells Visual Studio compatible compilers. I tried it in particular for C/C++ as well as fantastic diagnostic tools. But the code was simply not that computationally intensive to notice the difference. The only impression was: did Intel really do it for me just now, wow, amazing tools with nanoseconds resolution, unbelievable. But the trial ended and the team never seriously considered a purchase. From your experience, if license cost does not matter, which vendor is the winner? It is not a broad or vague question or attemt to spark a holy war. This sort of question is about two very visible tools. Nobody likes when tools have any mysteries or surprises. And choices between best and best are always the pain. I also understand the grass is always greener argument. I want to hear all "what ifs" stories. What if Intel just locally optimizes it for the chip stepping of the month, and not every hardware target will actually work as well as Microsoft compiled? What if AMD hardware is the target and everything will slow down for no reason? Or on the other hand, what if Intel's hardware has so many unnoticable opportunities, that Microsoft compiler writers are too slow to adopt and never implement it in the compiler? What if both are the same exactly, actually a single codebase just wrapped into two different boxes and licensed to both vendors by some third-party shop? And so on. But someone knows some answers.

    Read the article

  • My new anti-patent BSD-based license: necessary and effective? [closed]

    - by paperjam
    I am writing multimedia software in a domain that is rife with software patents. I want to open source my software but only for the benefit of those who don't play the patent game, that is enthusiasts, small companies, research projects, etc. The idea is, if my code would infringe a software patent somewhere and a company pays to license that patent, they then lose the right to use and distribute my software. Now I detest license proliferation as much as anyone but I can't find an existing OSI approved license that does this. The GPL comes close, but it only restricts distribution, not use. I want to stop someone using my software should they obtain a patent license to do so. Does another license do this job? Is the wording below unambiguous? - I don't want a legal opinion, just whether it would be interpreted as I intend. Copyright (c) <year>, <copyright holder> All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: [ three standard new-BSD conditions not shown here] * No patents are licensed from any third party in respect of redistribution or use of this software or its derivatives unless the patent license is arranged to permit free use and distribution by all. THIS SOFTWARE IS... [standard BSD disclaimer not shown here]

    Read the article

  • Large enterprise application - clients wish to use duplicate e-mails addresses?

    - by Alex Key
    I'd like to know people's opinions, reactions to clients and technical work arounds (if applicable), to the issue of an enterprise application where a client wishes to use duplicate e-mail addresses? To clarify, when I say duplicate e-mail addresses I mean within the same client system, having multiple users that have the same e-mail address. So not just using generic e-mail addresses but using the e-mail address of another user. e.g. Bob Jenkins: [email protected] James Jeffery: [email protected] Context To give this some further context, in the e-learning sector it is common that although all staff in an organisation must complete e-learning - they may not have their own e-mail address so they choose to use their managers e-mail address. Albeit against good practice in public sites... it's a requirement we've over and over again where an organisation is split between office based staff and perhaps e.g. staff in a warehouse. Where problem lies Mr Steak, good point, the problem lies in password resets and perhaps in situations where semi-personal information could be sent (not confidential enough to worry about the insecurities of email). Perhaps reminders for specific system actions, which would be confusing for the unintended party to see (if perhaps misreading the e-mail's intended recipient) Possible solutions System knowing the difference between a "for the attention of" and direct to the person e-mails, including this in the body text. Using alternative communication such as SMS Simply not having e-mails sent to people who are not the intended recipient. Providing an e-mail service ourselfs (not really viable for a corporate IT dept) Thoughts?

    Read the article

  • Additional new material WebLogic Community 2013

    - by JuergenKress
    Load Balancing T3 Initial Context Retrieval for WebLogic using Oracle Traffic Director Demystifying WebLogic and Fusion Middleware Management WebLogic Server- Integrated & Optimized w/ Best of Breed Oracle Offerings to Turbo Charge your Applications Get a Bird’s-Eye View of IT Architecture: IT Strategies from Oracle IT Strategies from Oracle, a complimentary authorized library of guidelines and reference architectures, can help you put together a strong IT architecture that takes into account individual technology components as well as big-picture IT concepts and strategies. Read More. Deploying Oracle Application Development Framework Applications on Oracle Java Cloud Service and Oracle Database Cloud Service With the new Oracle Cloud environment you no longer have to maintain an Oracle WebLogic server or a database server of your own – you can instead use instances hosted on Oracle Cloud. More Oracle Application Development Framework Development with Eclipse Oracle Enterprise Pack for Eclipse now provides even more Oracle Application Development Framework tooling with each release. Check out this new tutorial on Oracle Enterprise Pack for Eclipse 12.1.1.2. Oracle WebLogic Devcast Series Join us for the March 28 Oracle WebLogic Devcast Webcast, “What to Expect from Maven on Oracle WebLogic,” featuring Pyounguk Cho, Oracle’s principal product manager. Learn what developers can expect when utilizing Apache Maven with Oracle WebLogic. Customer Webcasts: WebLogic Devcast Series – Register Leveraging Third-Party Libraries to Create and Deploy Applications to Oracle Cloud Oracle ADF: Tuning Application Module Pools and Connection Pools WebLogic Partner Community For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center. Blog Twitter LinkedIn Mix Forum Wiki Technorati Tags: WebLogic,WebLogic Community,Oracle,OPN,Jürgen Kress

    Read the article

  • Changing Launchpad username, and How to know what sites will be affected?

    - by Daniel Clem
    I am setting up my developer profile on Launchpad, and would like to change my username so it would be same as other sites I use, as well as better reflect me as a person. (that's a much more important thing than it sounds) I want to do this now while I can, because as I understand it, once I set up a PPA it will be impossible to change it due to the username being locked into the PPA URL's to prevent breakages and other problems. But when trying to change my username, it warned me with this message. "Changing your name will change your public OpenID identifier. This means that you might be locked out of certain sites where you used it, or that somebody could create a new profile with the same name and log in as you on these third-party sites." How can I find out which sites will be locked out, and how to still change the username while preventing problems with other sites? Sorry if this is actually a question for Launchpad itself. But I don't know where to post questions like this on the Launchpad site. Edit I understand that it is an issue with OpenID. But how am I to know what sites will be affected? And how do i fix the problems this will cause? Can't I just reset the password (and as a side affect, re-establish the connection with the new username) using my email address?

    Read the article

  • What are some general guidelines for setting up an iOS project I will want to personally publish but sell in the future?

    - by RLH
    I have an idea for a personal iOS project that I would like to write and release to the iOS store. I'm the type of developer who enjoys developing and publishing. I want to write quality software and take care of my customers. Assuming that I wrote an application that had reasonable success, there is a fair chance that I would want to sell the ownership rights of the app to another party and I'd use the proceeds to develop my next personal project which, in turn, I'd probably want to sell in the future. With that said, what are some general guidelines for creating, making and publishing an iOS project that I will eventually want to transfer to another company/developer? I know this is a bit of a broad question, but I request that the given advice be a general list of tips, suggestions and pitfalls to avoid. If any particular bullet point on your list needs more explanation, I'll either search for the answer or post a new question specific to that requirement. Thank you! Note Regarding this Question I am posting this question on Programmers.SO because I think that this is an issue of software architecting, seeking advice for setting a new application project and publishing a project to the Apple iOS store-- all within the requirements for questions on this site.

    Read the article

  • Why job postings always looking for "rockstars?"

    - by Xepoch
    I have noticed a recent trend in requesting programmers who are rockstars. I get it, they're looking for someone who is really good at what they do. But why (pray) make the reference to a rockstar? Do these companies really want these traits as a real rockstar? Party all night and wake up to take care of quick business in the morning? Substance abuse, Narcissism with celebrity, Compensation well exceeding their management, Excellent at putting on a short-lived show, Entertainment instead of value, 1 hit (project) wonders or single-genre performers, Et cetera What is wrong with Senior or Principal Software Engineer who has an established and proven passion for the business? Rather do we mean quite the opposite, someone who: rolls up the sleeves and gets to work, takes appropriate direction and helps influence teams, programs in lessons' learned and proper practices, provides timely communication to the whole team, can code and understand multiple languages, understands the science and theory behind computation, Is there a trend to diversify the software engineering ranks? How many software rockstars can you hire before your band starts breaking up? Sure, there are lots of folks doing this stuff on their own, maybe even a rare few who do coding for show, but I wager the majority is for business. I don't see ads for rockstar accountants, or rockstar machinists, or rockstart CFOs. What makes the software programmer and their hiring departments lean towards this kind of job title?

    Read the article

  • Can I distribute a software with the following permission notice

    - by Parham
    I've recently written a piece of software (without any other contributors) for a company which I part own. I was wondering if I could distribute it with the following permission notice, which is a modified version of the MIT License. Are there any obvious risks if I do distribute with this licence and does it give me the right to reuse the code in other projects? Permission is hereby granted, to any person within CompanyName (the "Company") obtaining a copy of this software and associated documentation files, excluding any third party libraries (the "Software"), to deal with the Software, with limitations restricted to use, copy, modify and merge, the Software may not be published, distributed, sublicensed and/or sold without the explicit permission from AuthorName (the "Author"). This notice doesn't apply to sections of the Software where copyright is held by any persons other than the Author. The Author remains the owner of the Software and may deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software. The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

    Read the article

  • Hello PCI Council, are you listening?

    - by David Dorf
    Mention "PCI" to any retailer and you'll instantly see them take a deep breath and start looking for the nearest exit.  Nobody wants to be insecure, but few actually believe that PCI does anything more than focus blame directly on retailers.  I applaud PCI for making retailers more aware of the importance of security, but did you have to make them PAINFULLY aware?  POS vendors aren't immune to this pain either as we have to undergo lengthy third-party audits in addition to the internal secure programming programs.  There's got to be a better way. There's a timely article over at StorefrontBacktalk that discusses the inequity of PCI's rules, and also mentions that the PCI Council is accepting comments until April 15th. As a vendor, my biggest issue with PCI is that they require vendors to disclose the details of any breaches, in effect "ratting out" customers.  I don't think its a vendor's place to do this.  I'd rather have the trust of my customers so we can jointly solve the problem. Mary Ann Davidson, Oracle's Chief Security Officer, has an interesting blog posting on this very topic.  Its a bit of a long read, but I found it very entertaining and thought-provoking.  Here's an excerpt: ...heading up the list of “you must be joking” regulations are recent disturbing developments in the Payment Card Industry (PCI) world. I’d like to give [the] PCI kahunas the benefit of the doubt about their intentions, except that efforts by Oracle among others to make them aware of “unfortunate side effects of your requirements” – which is as tactful I can be for reasons that I believe will become obvious below - have gone, to-date, unanswered and more importantly, unchanged. I encourage you to read the entire posting, Pain Comes Instantly, and then provide feedback to the PCI Council.

    Read the article

  • How to get feedback from the community on large chunks of code?

    - by MainMa
    Code Review.SE is great when you need feedback on a precise, short piece of code. But where to get similar feedback about the code itself when: you have thousands of LOC, don't have colleagues in your workplace ready or willing to review the code¹, don't have thousands of dollars to spend for a professional review by a third party developer?² Places like CodePlex are a good idea to get your project known³, but from what I've seen, the feedback you get on known projects are consumer feedback, i.e. concerns the bugs and feature requests, not the quality of the source code itself. What are the social way to get the community involved in the code review of the codebase of a certain size for an open source project which doesn't have the scale of Firefox or similar products? ¹ Which is the case for most personal and open source projects, or projects done in companies where the practice of regular and complete code review is nonexistent. ² Which is, again, the case for most personal and open source projects. ³ Even if too many projects published on CodePlex never get known, either because nobody cares or because they are presented not very well.

    Read the article

  • TDD with SQL and data manipulation functions

    - by Xophmeister
    While I'm a professional programmer, I've never been formally trained in software engineering. As I'm frequently visiting here and SO, I've noticed a trend for writing unit tests whenever possible and, as my software gets more complex and sophisticated, I see automated testing as a good idea in aiding debugging. However, most of my work involves writing complex SQL and then processing the output in some way. How would you write a test to ensure your SQL was returning the correct data, for example? Then, say if the data wasn't under your control (e.g., that of a 3rd party system), how can you efficiently test your processing routines without having to hand write reams of dummy data? The best solution I can think of is making views of the data that, together, cover most cases. I can then join those views with my SQL to see if it's returning the correct records and manually process the views to see if my functions, etc. are doing what they're supposed to. Still, it seems excessive and flakey; particularly finding data to test against...

    Read the article

  • How to keep background requests in sequence

    - by Jason Lewis
    I'm faced with implementing interfaces for some rather archaic systems, for handling online deposits to stored value accounts (think campus card accounts for students). Here's my dilemma: stage 1 of the process involves passing the user off to a thrid-party site for the credit card transaction, like old-school PayPal. Step two involves using a proprietary protocol for communicating with a legacy system for conducting the actual deposit. Step two requires that each transaction have a unique sequence number, and that the requests' seqnums are in order. Since we're logging each transaction in Postgres, my first thought was to take a number from a sequence in the DB, guaranteeing uniqueness. But since we're dealing with web requests that might come in near-simultaneously, and since latency with the return from the off-ste payment processor is beyond our control, there's always the chance for a race condition in the order of requests passed back to the proprietary system, and if the seqnums are out of order, the request fails silently (brilliant, right?). I thought about enqueuing the requests in Redis and using Resque workers to process them (single worker, single process, so they are processed in order), but we need to be able to give the user feedback as to whether the transaction was processed successfully, so this seems less feasible to me. I've tried to make this application handle concurrency well (as much as possible for a Ruby on Rails app), but now we're in a situation where we have to interact with a system that is designed to be single process, single threaded, and sequential. If it at least gave an "out of order" error, I could just increment (or take the next value off the sequence), but it's designed to fail silently in the event of ANY error. We are handling timeouts in a way that blocks on I/O, but since the application uses multiple workers (Unicorn), that's no guarantee. Any ideas/suggestions would be appreciated.

    Read the article

  • Lead Programmer definition clarification

    - by Junaid
    I am working on PHP and MySQL based web application for more than 5 years now. I started my career from Intern - Jr Developer - Software Developer - Sr. Software Engineer [Team Lead] that's what I am nowadays. I was looking at the link at Wikipedia regarding who is a lead programmer. The link states the following: A lead programmer is a software engineer in charge of one or more software projects. Alternative titles include Development Lead, Technical Lead, Senior Software Engineer, Software Design Engineer Lead (SDE Lead), Software Manager, or Senior Applications Developer. When primarily contributing in a high-level enterprise software design role, the title Software Architect (or similar) is often used. All of these titles can have different meanings depending on the context. My current job responsibilities are more or less like a Development Lead and to some extent near Software Architect because I usually design the core structure of new products and managing 2-3 project simultaneously and in the meantime involved in assisting other teams regarding the structural design of their projects, I am usually on call with clients along with project managers, I code most of the time when my team stuck somewhere / workload / integrating some third party API and etc. Primary reason of this writing is to know if I qualify for a Development Lead Title? in accordance with my above mentioned job descriptions?

    Read the article

  • JCP 2012 Award Nominations Announced

    - by heathervc
      The 10th Annual JCP Program Award Nominations have been posted on JCP.org.  The community gets together every year during JavaOne to congratulate the winners and nominees at the JCP Community Party held in San Francisco. This year there are three awards: JCP Member/Participant of the Year, Outstanding Spec Lead, and Most Significant JSR. Member of the Year: Stephen Colebourne Markus Eisele Google JUG Chennai Werner Keil London Java Community and SouJava Antoine Sabot-Durand Outstanding Spec Lead Michael Ernst, JSR 308, Annotations on Java Types Victor Grazi, Credit Suisse, JSR 354, Money and Currency API Nigel Deakin, Oracle, JSR 343, Java Message Service 2.0 Pete Muir, Red Hat, JSR 346, Contexts and Dependency Injection for Java EE 1.1 Most Significant JSR API for JSON Processing, JSR 353 Money and Currency API, JSR  354 Java State Management, JSR 350 Java Message Service 2, JSR 343 JCP.Next, JSR 348, JSR 355, and JSR 358 Congratulations to the nominees; you can read the nomination text and more information about the awards here.  And remember to join us on Tuesday, 2 October at the Infusion Lounge to celebrate with the winners and nominees!

    Read the article

< Previous Page | 89 90 91 92 93 94 95 96 97 98 99 100  | Next Page >