Search Results

Search found 13599 results on 544 pages for 'patch management'.

Page 94/544 | < Previous Page | 90 91 92 93 94 95 96 97 98 99 100 101  | Next Page >

  • How to search for packages that provides a virtual package?

    - by netvope
    How to search for packages that provides a virtual package? For example, I want to search for packages that provides "x-terminal-emulator" in the "main" repository of Ubuntu 12.04. One way to do this is to parse the package index: curl http://archive.ubuntu.com/ubuntu/dists/precise/main/binary-amd64/Packages.gz | zcat | grep -B12 '^Provides: x-terminal-emulator' | grep ^Package: which gives me the following results: Package: gnome-terminal Package: konsole Package: xterm Is that a better way to do this? Can it be done with any of the official tools (apt-get/apt-cache/etc)?

    Read the article

  • Do we need to adopt a black-box asset our project is inheriting from its predecessor?

    - by Tom Anderson
    Our client has an eCommerce site which was developed by an in-house team, and is now showing its age. I work for a firm brought in as external contractors to build a replacement. Part of the current site is a Flash viewer applet which displays media about the product - zoom-able images, 360-degree views, movies, and so on. We need to show the same media the current site does, so we are simply reusing the viewer. The viewer is embedded on a page in the usual way, and told what media to show by means of an XML file it loads from our server, which is pretty simple for us to generate. We've got this working; it was pretty straightforward. But what else do we need to do? The thing is, as far as we're concerned, the viewer is a binary blob which is served from the client's content-distribution network. We embed it, feed it some XML, and it does its job, but we have no power over its internals. It's completely opaque to us - a black box. We can use it to do what it does, but we can't change it, so if we ever need to do something different, we're stuffed. We're building this site for the client, and when we're done, we'll hand it over for them to maintain. We won't be doing the maintenance ourselves. There's a small team within the client who are working as part of our team, and who will be the ones doing the maintenance. That team only includes one person from the team that built the old site, and it's not someone who knows the image viewer. The people who do know the image viewer are not slated to join our team when our system replaces theirs - they'll be moved to other projects. The documentation on the viewer is extremely thin, and as far as i know doesn't cover the internals at all. My worry is that if someone doesn't take some positive action, all knowledge of the internal workings of the viewer - even down to where the source code for it is - will be lost. It's possible it already has been. Is this something to worry about? If so, whose job is it to worry about it? What should they do about it once they've got worried?

    Read the article

  • Software development process for a part time University project for 1 developer?

    - by Pricey
    I will be doing a part time University project soon and the time frame for it is around 8 months with approximately 10-15 hours a week spent working on it, with a review by a tutor each quarter. My question is what software development process would you recommend using when the course requires you to work on your own in order to manage yourself as well as the project? I wanted to use a weekly or bi-weekly iterative approach to my work but a lot of the processes seem tailored to teams of people. I am looking at XP (Extreme Programming) OR Scrum as something that is less than the norm for University work but again Scrum I don't know a lot about yet, and a question I have is; can you say you are doing XP without pair-programming? because my tutor seems to think that I have to stick to all the practices otherwise I can't do it (nevermind if I am working alone). We can have external user input as well but due to the small timescales with part time work it may be more beneficial for myself to be the user as well, which is not what I prefer considering how I can get lost in the design.

    Read the article

  • What is your strategy for converting RC builds into retail?

    - by Matthew PK
    We're trying to implement a strategy for how we transition our builds from RC to released retail code. When we label a build as a release candidate, we send it to QA for regression. If they approve it, that RC then becomes our released retail code. I liked the idea of "obvious" labeling of versions so that a user knows whether they have a beta or an RC or retail code... where you would have some obvious watermark in non-retail code (think Windows 7 where the RC or non-genuine builds watermark in the bottom right). ... but it seemed strange to us to manipulate the project (to remove the watermark) once it passed regression. If QA certified version a.b.c.d then our retail code should be that same version, not a.b.c.d+1 what strategies have you employed to clearly label non-release software versions without incrementing your build to disable the watermarks in your retail code? One idea I've considered is writing your build to look for a signed file in the installer archive... non-release code wouldn't include this file and so the app would know to display a watermark. But even this seems like QA is then working with non-release code. Ideas?

    Read the article

  • Problem with APTonCD application

    - by Harikrishnan
    I created a iso image using aptoncd & burned it to a dvd. Now when i tried to restore, the program does not detect the dvd in the drive. It shows "Please insert a disc in the drive." and if we click "ok" it shows E: Failed to mount the cdrom. The dvd is in the drive itself. I tried sudo lshw -C disk and the output is: *-cdrom description: DVD-RAM writer product: DVDRAM GH22NS50 vendor: HL-DT-ST physical id: 1 bus info: scsi@1:0.0.0 logical name: /dev/cdrom logical name: /dev/cdrw logical name: /dev/dvd logical name: /dev/dvdrw logical name: /dev/scd0 logical name: /dev/sr0 logical name: /media/APTonCD logical name: /media/apt version: TN02 capabilities: removable audio cd-r cd-rw dvd dvd-r dvd-ram configuration: ansiversion=5 mount.fstype=iso9660 mount.options=ro,relatime,uid=1000,gid=1000,iocharset=utf8,mode=0400,dmode=0500 state=mounted status=ready *-medium physical id: 0 logical name: /dev/cdrom logical name: /media/APTonCD logical name: /media/apt configuration: mount.fstype=iso9660 mount.options=ro,relatime,uid=1000,gid=1000,iocharset=utf8,mode=0400,dmode=0500 state=mounted Then i checked in disk utility application. in that dvd rom is shown as /dvd/sr0 My ubuntu version is 10.10. Please help me to solve the problem.

    Read the article

  • Install a different version of a package

    - by Michael Wiles
    I'm running lucid server and have installed tomcat. The version it installed is 6.0.24-2ubuntu1.6. Is this the version I'm tied to? Is it possible to install a more recent version? The one available from maverick is 6.0.28. Maybe I can add a source to provide my lucid install with this version? In the package manager user interface I can "force version". Is it possible to force version from command line alternative as well?

    Read the article

  • Advice: How to convince my newly annointed team lead against writing the code base from scratch

    - by shan23
    I work in a pretty reknowned MNC, and the module that I work in has been assigned to a new "lead". The code base is pretty huge (~130K or more, with inter dependencies on other modules) , but stable - some parts have grown ugly over the years, but its provably in working state. (Our products are running for years on them, even new ones). The problem is, our lead wants to rewrite the code from scratch, to encompass "finer granularity and a proactive design". I know in my guts thats not a very good idea, but how do I convince him/the rest of the team(who are pretty much more senior than me in terms of years of exp), without sounding too pedantic myself (Thou shalt not rewrite , as Joel et al have clear articles prohibiting it)? I have a good working relation with the person concerned, and don't want to ruin it, but neither do I want to be party to a decision which would surely plague us for years to come !! Any suggestions for a milder,yet effective approach ? Even accounts of how you have tackled such a situation to your liking would help me a lot! EDIT: The code base I'm talking about is not a product/GUI, but at kernel level with all the critical functionalities for our product. I hope now you know why i sound so apprehensive !!

    Read the article

  • Storing deb packages on local media

    - by Saeid87
    Is there a way to store deb packages (all or a specific version of package) on a local media (dvd, usb etc...) so later I would be able to install those packages on a PC which does not have Internet connection? For example, these are the packages that I want to install on a PC which doesn't have Internet connection: # TinyOS MSP430 GCC Compiler Repository # Version 4.6.3 deb http://tinyprod.net/repos/debian squeeze main deb http://tinyprod.net/repos/debian msp430-46 main # TinyOS version 2.1.2 deb http://tinyos.stanford.edu/tinyos/dists/ubuntu lucid main

    Read the article

  • Free Virtual Developer Day - Oracle Fusion Middleware Development

    - by B Shashikumar
    Oracle Application Development Framework (ADF) is the standards based, strategic framework for Oracle Fusion Applications and Oracle Fusion Middleware. Oracle ADF’s integration with the Oracle SOA Suite, Oracle WebCenter and Oracle BI creates a complete productive development platform for your custom applications. Join a free online developer day where you can learn about the various components that make up the Oracle Fusion Middleware development platform including Oracle WebCenter, Business Intelligence, BPM and more! Online seminars, hands-on lab and live chats with our technical staff is available directly from your computer.  Register now and join us on July 10th. https://oracle.6connex.com/portal/fusiondev/login?langR=en_US

    Read the article

  • Leverage technology to support your Global Talent Strategy

    - by Nancy Estell Zoder
    Do you want to hear the latest on global organizations and how they are adapting their talent and technology strategies to align with market trends? Watch Deloitte in partnership with Oracle present these trends. Learn how organizations are leveraging technology to support the changes that are being made in Human Resources to adapt in this integrated environment. For the latest on PeopleSoft, check out the video demonstrations on YouTube.

    Read the article

  • Installing latest Firefox beta, am I doing it wrong?

    - by xiaohouzi79
    I followed the instructions in this question to install the latest Firefox beta: sudo add-apt-repository ppa:mozillateam/firefox-next sudo apt-get update && sudo apt-get install firefox-4.0 This is the error I'm getting when running the second set of commands: Err http://ppa.launchpad.net maverick/main Sources 404 Not Found Err http://ppa.launchpad.net maverick/main i386 Packages 404 Not Found Fetched 24.8kB in 4s (5,279B/s) W: Failed to fetch http://ppa.launchpad.net/mozillateam/firefoxt-next/ubuntu/dists/maverick/main/source/Sources.gz 404 Not Found W: Failed to fetch http://ppa.launchpad.net/mozillateam/firefoxt-next/ubuntu/dists/maverick/main/binary-i386/Packages.gz 404 Not Found E: Some index files failed to download, they have been ignored, or old ones used instead.

    Read the article

  • Branching and CI Builds with Agile

    - by Bob Horn
    We follow many agile processes, including automated tests, continuous integration, sprint reviews, etc... We're currently having a debate about how often we should branch release builds. We've been doing two-week sprints and trying to deploy to production at the end of each sprint. Some of us think we should be branching every sprint. Some of us think that's overkill. If a project encompasses three Visual Studio solutions, and we branch every sprint, then that's three branches, and three CI builds to create every two weeks. If we do this for six months, we'll end up with 36 branches and 36 CI builds. There is overhead involved in that. For those of us that think that branching every sprint is overkill, we don't have a very good alternative. On my last project, we deployed some solutions from the Main trunk. Yeah, that's not good, but it saved on some of the overhead. What's the right way to manage branching/releasing and CI builds, using agile, when we have such short (two-week) sprint cycles?

    Read the article

  • Hired developer insists on doing things the wrong way

    - by Tariq- iPHONE Programmer
    Hello, i am working with Social Networking iphone app which require remote data connection. So i hired a php developer in order to provide me RESTful services. But when i start working with him, he arguing me that he will not make stored procedures and web services. Instead of he suggested me to pass query as a parameter. Suppose If I have to call Search service, he told me to send POST request with 3 parameters: Query="select * from users", username=abd and password = 123 And i thing there is no such architecture in order to use remote data. Then he is saying it is possible through socket programming. And I am 100% sure this is not an appropriate way to access remote data. This is simply illogical. Thousands of iphone application using REST/SOAP services to make remote data connection He just declined me to provide RESTful services. Please its my heartily advice to all developers that post your own views over here. So that I can show to that developers that these are the views from all developers worldwide.

    Read the article

  • LTS vs normal release software versions synced from Debian

    - by Jasper Loy
    I read that LTS releases are based on Debian testing while normal releases are based on Debian unstable. Given the long release cycle of Debian, is it possible for some software to be of a more recent version in a normal release X than in LTS release X+1? If the answer is yes, would there be a difference between an upgrade and a fresh install (perhaps upgrade holds back more recent version automatically)?

    Read the article

  • How does a game developer get feedback from gamers (not developers) or start a forum community without paying for advertising or hiring Q&A teams?

    - by Carter81
    I am familiar with a lot of game developer forums, but I'd assume this is much less likely to attract more casual commentators. I also fear that feedback from a gamer's perspective would often be tainted by their game dev perspective. For example, if I were making a RTS game and wanted to get feedback from "The RTS gamers" where would I go? Is there a general idea of what type of website or forum to go to? Do you go to specific game websites, to try to "steal" attention? Would this not equate to spam or inappropriate posting? What is considered appropriate and inappropriate? I am not asking for specifics. I am asking how one "starts a community", or how one "gets feedback from gamers" without resorting to spamming forums or 'advertising' just to see what sticks. What TYPE OF PLACE does one go? Are there already sites designed for this purpose? I tried going to what was once a very popular forum for feedback from what I believed was a niche hardcore group of gamers in the genre, but its popularity seemed to have died significantly; Leaving only trolls and very young teenagers. The resulting feedback was quite disappointing, mainly for how little feedback it resulted. Many years ago, feedback would flood in by the hundreds so quickly. Without this website, I am at a loss as to where to go to see what people think of ideas, gather feedback from a gamer's perspective (not a developer's perspective), or where to pull from to start my own site's forum. I am out of ideas of what to do, short of going to various game forums to post in the off-topic sections there.

    Read the article

  • How do you manage feature requests and software changes?

    - by 0A0D
    I am a Software Engineer and over the past few years I have become the de-facto software project manager simply because there isn't one. So to keep our sanity in the R&D/Engineering department, customers have become accustomed to coming to me with their requests. I have no experience in this realm so it is my first time acting as a project manager for software projects. I have managed other things but not software. So, how do you manage software projects and mark priorities? Requests come in at infrequent intervals so we very well could be working on something for someone else and then another person comes in with a "rush" job that needs working on. Is it easier to just say First Come, First Serve or is it the person with the most money?

    Read the article

  • Ubuntu software centre, update manager fail to open

    - by Pradeep
    On my Ubuntu 12.04 LTS system the Software Centre and Update Manager do not open. I am unable to install any updates. And the message given below pops up. I am looking for a step-by-step process to fix this, and as a newbie, I don't know how to use the command line. Could not initialize the package information An unresolvable problem occurred while initializing the package information. Please report this bug against the 'update-manager' package and include the following error message: 'E:Encountered a section with no Package: header, E:Problem with MergeList /var/lib/apt/lists/extras.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages, E:The package lists or status file could not be parsed or opened

    Read the article

  • What are the roles of a Software Delivery Manager

    - by Rich
    I have been told about a position that may be open to me - the role of a Software Delivery Manager. From what I understand this role does not already exist within my organisation. To be perfectly honest I'm not quite sure what a Software Delivery Manager's roles are. I have a few ideas and would appreciate some input around whether they are correct or not, or if there is anything missing: ensure the quality of the software being delivered document the relationships between the components being delivered ensure that the delivery of these components does not break other components ensure that the components being developed make the best use of the environments they are being deployed in being on-hand during software deliveries (though not actually performing the delivery of software, rather giving the Go) I have also been told that the role would include some software development work (which is important to me being a developer at heart!) - is there software development specifically associated with the role of Software Delivery Manager or is this more likely to just be a case of helping the team out when time is short?

    Read the article

  • Laptop Charger Not Recognised Properly on Samsung NP900X3F

    - by user193732
    Firstly thanks for your time. Secondly, having an issue with my power charger on my Samsung Series 9 NP900X3F. When I boot into Ubuntu with the charger plugged in it recognises it as charging. When I unplug the charger after this it is still says it is charging. If I suspend in Ubuntu then plug/unplug during this suspended state it recognises it, but not during normal running. If I knew a little more I'm sure I could grab logs and find out what the difference between wake on suspend and normal running is, but alas I need help! I also am having issues with my keyboard backlight via the fn keys, but that I care about far less. Thank you very much. Linux mikey-900X3F 3.12.0-031200rc1-generic #201309161735 SMP Mon Sep 16 21:38:21 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux (I upgraded my kernel version to remove heinous horizontal artefacts I was getting) Happy to list more info about my system, ima bit of a noob. I did try searching however I can't find any questions at all about my system or related models with the same issue.

    Read the article

  • How to handle updated configuration when it's already been cloned for editing

    - by alexrussell
    Really sorry about the title that probably doesn't make much sense. Hopefully I can explain myself better here as it's something that's kinda bugged me for ages, and is now becoming a pressing concern as I write a bit of software with configuration. Most software comes with default configuration options stored in the app itself, and then there's a configuration file (let's say) that a user can edit. Once created/edited for the first time, subsequent updates to the application can not (easily) modify this configuration file for fear of clobbering the user's own changes to the default configuration. So my question is, if my application adds a new configurable parameter, what's the best way to aid discoverability of the setting and allow the user (developer) to override it as nicely as possible given the following constraints: I actually don't have a canonical default config in the application per se, it's more of a 'cascading filesystem'-like affair - the config template is stored in default/config.json and when the user wishes to edit the configuration, it's copied to user/config.json. If a user config is found it is used - there is no automatic overriding of a subset of keys, the whole new file is used and that's that. If there's no user config the default config is used. When a user wishes to edit the config they run a command to 'generate' it for them (which simply copies the config.json file from the default to the user directory). There is no UI for the configuration options as it's not appropriate to the userbase (think of my software as a library or something, the users are developers, the config is done in the user/config.json file). Due to my software being library-like there's no simple way to, on updating of the software, run some tasks automatically (so any ideas of look at the current config, compare to template config, add ing missing keys) aren't appropriate. The only solution I can think of right now is to say "there's a new config setting X" in release notes, but this doesn't seem ideal to me. If you want any more information let me know. The above specifics are not actually 100% true to my situation, but they represent the problem equally well with lower complexity. If you do want specifics, however, I can explain the exact setup. Further clarification of the type of configuration I mean: think of the Atom code editor. There appears to be a default 'template' config file somewhere, but as soon as a configuration option is edited ~/.atom/config.cson is generated and the setting goes in there. From now on is Atom is updated and gets a new configuration key, this file cannot be overwritten by Atom without a lot of effort to ensure that the addition/modification of the key does not clobber. In Atom's case, because there is a GUI for editing settings, they can get away with just adding the UI for the new setting into the UI to aid 'discoverability' of the new setting. I don't have that luxury. Clarification of my constraints and what I'm actually looking for: The software I'm writing is actually a package for a larger system. This larger system is what provides the configuration, and the way it works is kinda fixed - I just do a config('some.key') kinda call and it knows to look to see if the user has a config clone and if so use it, otherwise use the default config which is part of my package. Now, while I could make my application edit the user's configuration files (there is a convention about where they're stored), it's generally not done, so I'd like to live with the constraints of the system I'm using if possible. And it's not just about discoverability either, one large concern is that the addition of a configuration key won't actually work as soon as the user has their own copy of the original template. Adding the key to the template won't make a difference as that file is never read. As such, I think this is actually quite a big flaw in the design of the configuration cascading system and thus needs to be taken up with my upstream. So, thinking about it, based on my constraints, I don't think there's going to be a good solution save for either editing the user's configuration or using a new config file every time there are updates to the default configuration. Even the release notes idea from above isn't doable as, if the user does not follow the advice, suddenly I have a config key with no value (user-defined or default). So the new question is this: what is the general way to solve the problem of having a default configuration in template config files and allowing a user to make user-specific version of these in order to override the defaults? A per-key cascade (rather than per-file cascade) where the user only specifies their overrides? In this case, what happens if a configuration value is an array - do we replace or append to the default (or, more realistically, how does the user specify whether they wish to replace or append to)? It seems like configuration is kinda hard, so how is it solved in the wild?

    Read the article

  • Laptop resumes from suspend while lid is closed

    - by Gus
    I have a Dell Studio 15 and I am running Ubuntu 10.10. When I close my lid or select the suspend option, the machine suspends as indicated by the slowly pulsing power indicator. I'll put the machine in my bag and after a while it seems that the machine resumes, at least I think. When ever I go to get it, it's overheated and the system cannot resume. I am guessing that the processor resets in this overheat condition, but heat is still generated. This has happened about three times and I'm getting worried that I'll end up damaging the machine. How can I diagnose why the system is resuming from suspend? Can I force it to never resume from suspend if the lid is down?

    Read the article

  • Battery is drained too quickly

    - by LucaB
    I'm getting really low battery life under ubuntu, not even close to windows. I tried powertop, and I saw that my laptop is consuming in idle nearly 20 watts (a bit more). I tried to install laptop-mode-tools, change "good" into "bad" in powertop, but nothing changes. I see that I have the the HD audio output device which is running at 100% every time. Could this be the problem? This is a report from powertop. The battery reports a discharge rate of 22.8 W The estimated remaining time is 33 minutes Summary: 381.8 wakeups/second, 0.0 GPU ops/second and 0.0 VFS ops/sec Usage Events/s Category Description 3.2 ms/s 182.7 Timer tick_sched_timer 100.0% Device Audio codec hwC0D3: Intel 7.9 ms/s 25.1 Process /usr/bin/X :0 -auth /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch -background no 1.9 ms/s 24.2 Interrupt [6] tasklet(softirq) 2.9 ms/s 23.2 Process /usr/lib/chromium-browser/chromium-browser --type=zygote 8.1 ms/s 20.3 Process /usr/lib/unity/unity-panel-service 0.7 ms/s 17.4 Timer hrtimer_wakeup 4.2 ms/s 12.6 Process unity-2d-panel 604.4 µs/s 9.7 Process syndaemon -i 2.0 -K -R -t 149.7 µs/s 9.7 kWork ieee80211_iface_work 0.8 ms/s 8.7 Process metacity 19.5 ms/s 1.0 Process powertop 3.0 ms/s 6.8 Process //bin/dbus-daemon --fork --print-pid 5 --print-address 7 --session 699.0 µs/s 6.8 Process /usr/lib/thunderbird/thunderbird 4.3 ms/s 4.8 Process gnome-terminal 658.9 µs/s 2.9 Interrupt [1] timer(softirq) 75.1 µs/s 2.9 kWork iwl_bg_run_time_calib_work 163.8 µs/s 1.9 Process /usr/lib/accountsservice/accounts-daemon 70.6 µs/s 1.9 Process [ksoftirqd/2] 25.8 µs/s 1.9 Process [ksoftirqd/0] 1.0 ms/s 1.0 Process /usr/bin/python /usr/sbin/powernapd 408.2 µs/s 1.0 Process unity-2d-shell 189.8 µs/s 1.0 Process /usr/lib/chromium-browser/chromium-browser 124.4 µs/s 1.0 Process /usr/lib/unity-lens-applications/unity-applications-daemon 113.3 µs/s 1.0 Process /usr/lib/gnome-settings-daemon/gnome-settings-daemon 112.0 µs/s 1.0 Process nautilus -n 104.9 µs/s 1.0 Process /usr/lib/gvfs/gvfsd-trash --spawner :1.2 /org/gtk/gvfs/exec_spaw/0 77.5 µs/s 1.0 Process /usr/lib/x86_64-linux-gnu/colord/colord 75.6 µs/s 1.0 Process /usr/lib/gvfs/gvfs-gdu-volume-monitor 75.0 µs/s 1.0 Interrupt [53] i915 74.9 µs/s 1.0 Process /usr/lib/gvfs/gvfs-afc-volume-monitor What should I do to make the battery consumption lower?

    Read the article

  • The Unintended Consequences of Sound Security Policy

    - by Tanu Sood
    v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif"; mso-bidi-font-family:"Times New Roman";} Author: Kevin Moulton, CISSP, CISM Meet the Author: Kevin Moulton, Senior Sales Consulting Manager, Oracle Kevin Moulton, CISSP, CISM, has been in the security space for more than 25 years, and with Oracle for 7 years. He manages the East Enterprise Security Sales Consulting Team. He is also a Distinguished Toastmaster. Follow Kevin on Twitter at twitter.com/kevin_moulton, where he sometimes tweets about security, but might also tweet about running, beer, food, baseball, football, good books, or whatever else grabs his attention. Kevin will be a regular contributor to this blog so stay tuned for more posts from him. When I speak to a room of IT administrators, I like to begin by asking them if they have implemented a complex password policy. Generally, they all nod their heads enthusiastically. I ask them if that password policy requires long passwords. More nodding. I ask if that policy requires upper and lower case letters – faster nodding – numbers – even faster – special characters – enthusiastic nodding all around! I then ask them if their policy also includes a requirement for users to regularly change their passwords. Now we have smiles with the nodding! I ask them if the users have different IDs and passwords on the many systems that they have access to. Of course! I then ask them if, when they walk around the building, they see something like this: Thanks to Jake Ludington for the nice example. Can these administrators be faulted for their policies? Probably not but, in the end, end-users will find a way to get their job done efficiently. Post-It Notes to the rescue! I was visiting a business in New York City one day which was a perfect example of this problem. First I walked up to the security desk and told them where I was headed. They asked me if they should call upstairs to have someone escort me. Is that my call? Is that policy? I said that I knew where I was going, so they let me go. Having the conference room number handy, I wandered around the place in a search of my destination. As I walked around, unescorted, I noticed the post-it note problem in abundance. Had I been so inclined, I could have logged in on almost any machine and into any number of systems. When I reached my intended conference room, I mentioned my post-it note observation to the two gentlemen with whom I was meeting. One of them said, “You mean like this,” and he produced a post it note full of login IDs and passwords from his breast pocket! I gave him kudos for not hanging the list on his monitor. We then talked for the rest of the meeting about the difficulties faced by the employees due to the security policies. These policies, although well-intended, made life very difficult for the end-users. Most users had access to 8 to 12 systems, and the passwords for each expired at a different times. The post-it note solution was understandable. Who could remember even half of them? What could this customer have done differently? I am a fan of using a provisioning system, such as Oracle Identity Manager, to manage all of the target systems. With OIM, and email could be automatically sent to all users when it was time to change their password. The end-users would follow a link to change their password on a web page, and then OIM would propagate that password out to all of the systems that the user had access to, even if the login IDs were different. Another option would be an Enterprise Single-Sign On Solution. With Oracle eSSO, all of a user’s credentials would be stored in a central, encrypted credential store. The end-user would only have to login to their machine each morning and then, as they moved to each new system, Oracle eSSO would supply the credentials. Good-bye post-it notes! 3M may be disappointed, but your end users will thank you. I hear people say that this post-it note problem is not a big deal, because the only people who would see the passwords are fellow employees. Do you really know who is walking around your building? What are the password policies in your business? How do the end-users respond?

    Read the article

  • How to "back track"?

    - by esqew
    I find that I start projects and, due to my lack of experience, find that old database structures and huge blocks of code are inefficient and memory-costly. However, by the time I realize a re-design of the entire project is needed, the project has grown to such a size that it is simply too late to go back and modify the project in its current state and requires a completely new project file and the whole shebang. How should I prevent ruts such as this one, where it is too late to go back and modify the current project to fit specifications modified far down the road from the creation of the project? (Apologies in advance for confusing grammar, it's been a long day here... as you can probably tell.)

    Read the article

  • Safe project development - free repositories

    - by friko
    Some time ago we started a private hobby project. We made a project on javaforge.com, created an svn repository and started developing our app. Right now we are really far with our project, but somehow we never worried if our project is really safe on such free development tool like javaforge ? I mean, what if our project would earn some money and the source code become valuable ? Could it be stolen or could somebody take it over ? We want to be sure that we are not wasting our time and want to be really sure about our project safety. Is it possible to safely develop a project in such free repository ? We would like also to start using redmine, so if you know any safe place for moving our project, please take this under consideration. Thanks a lot.

    Read the article

< Previous Page | 90 91 92 93 94 95 96 97 98 99 100 101  | Next Page >