Search Results

Search found 4187 results on 168 pages for 'secure erase'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 124/168 | < Previous Page | 120 121 122 123 124 125 126 127 128 129 130 131  | Next Page >

  • PHP Captcha without session

    - by Anton N
    Ok, here is an issue: in the project i'm working on, we can't rely on server-side sessions for any functionality. The problem is that common captcha solutions from preventing robotic submits require session to store the string to match captcha against. The question is - is there any way to solve the problem without using sessions? What comes to my mind - is serving hidden form field, containing some hash, along with captcha input field, so that server then can match these two values together. But how can we make this method secure, so that it couldn't be used to break captcha easily.

    Read the article

  • Securing files on IPhone

    - by clearbrian
    Hi Is there a way to decompile the binary from an IPhone app. I jailbroke my IPhone and was surprised to find other app's dbs wide open to be copied. So I exported my most important table and hardcoded it into code. Instead of loading table into array from a db I just generated code to fill the array and kept only the most basic DB info so relationships still work. Took a while but now works fine. I was just wondering am I safe, could someone decompile the binary for the app easily and extract the data. In Java its easy to decompile *.class files though thats bytecode where I presume iphone apps are more low level. I know IPhone sdk 4 can mark files as secure. Anyone know can this be overridden by jailbreaks or is this an unix lock?

    Read the article

  • What should I do to practice?

    - by simion
    I start a year long industrial placement in September where i will be coding in Java predominantly. I am going to use the summer to brush up on my Java as in year one of the degree Java was the main language taught for OOP modules. However this year i have had no Java exposure except for an algorithms module, which was one of eight, so as you can see i am probably getting really rusty!. What i wanted to know is, how does the "real world" java programming differ from university coding and what do you suggest i brush up on that would be different to my normal workings. As a start I definitely need to get familiar with a professional IDE like NetBeans, opposed to having used BlueJ throughout but more specifically what coding practices should I get more familiar with. I appreciate they wont expect me to be a qualified full developer and will give me time, but I would like to hit the ground running as it were, with me having full hopes to secure a permanent position after I finish my degree.

    Read the article

  • How are CD Keys generated?

    - by The Rook
    CD Keys are the defacto-standard as an anti-piracy measure. To be honest this strikes me as Security Though Obscurity, although I really have no idea how CD Keys are generated. What is a good (secure) example of CD Key generation? What cryptographic primitive (if any) are they using? Is it a message digest? If so what data would they be hashing? What methods do developers employ to make it difficult for crackers to build their own key generators?

    Read the article

  • protect (encrypt) password in the web.config file (asp.net)

    - by Hazro City
    <system.net> <mailSettings> <smtp from="[email protected]" deliveryMethod="Network"> <network clientDomain="www.domain.com" host="smtp.live.com" defaultCredentials="false" port="25" userName=" [email protected] " password="password" enableSsl="true" /> </smtp> </mailSettings> </system.net> This is the case where I need encryption for my password. I searched and googled much on the web but I can’t be able to encrypt anymore. Can anyone help me do this in a simple but secure way.

    Read the article

  • Is it possible to shrink rt.jar with ProGuard?

    - by PatlaDJ
    Is there a procedure by which you can optimize/shrink/select/obfuscate only 'used by your app' classes/methods/fields from rt.jar provided by Sun by using some optimization software like ProGuard (or maybe other?). Then you would actually be able to minimize the download size of your application considerably and make it much more secure ? Right? Related questions: Do you know if Sun's "jigsaw project" which is waited to come out, is intended to automatically handle this particular issue? Did somebody manage yet to form an opinion about Avian java alternative? Please share it here. Thank you.

    Read the article

  • SSL: can the secret key be sniffed before the actual encryption begins?

    - by Jorre
    I was looking into SSL and some of the steps that are involved to set up an encrypted connection between a server and a client computer. I understand that a server key and certificate is sent to the browser, and that a secret code is being calculated, like they say in the following video: http://www.youtube.com/watch?v=iQsKdtjwtYI around 5:22, they talk about a master secret code that is being calculated to start talking in an encrypted way. My question now is: before the connection is actually encrypted (the handshake phase), all communication between the server and the client can be sniffed by a packet sniffer. Isn't it then possible to sniff the encryption key or other data that is used to set up a secure connection?

    Read the article

  • Encoding license file for privacy

    - by Swingline Rage
    Hi, We're using XML Digital Signatures for signing and verifying our license keys. The signing works fine and has been running smoothly. The XML license file contains a few (plaintext) details about the license, along with a binary signature. We'd like to encode (I don't say encrypt) those plaintext details (license duration, user name, etc, etc.) so they're not immediately visible to prying eyes. Is there a standard (eg, base 64 or something else) that people use in this situation? It doesn't need to be secure or particularly clever, just enough to conceal the information in Notepad. Thanks : )

    Read the article

  • Why wouldn't I be able to establish a trust relationship for a SSL/TLS channel?

    - by Abe Miessler
    I have a piece of .NET code that is erroring out when it makes a call to HTTPWebRequest.GetRequestStream. Here is the error message: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. I've read a few things that suggest that I might need a certificate on the machine running the code, but i'm not sure if that's true or how to do it. If I need to get a certificate, how do I do it? Code: var request = (HttpWebRequest)HttpWebRequest.Create(requestUrl); //my url request.Method = StringUtilities.ConvertToString(httpMethod); // Set the http method GET, POST, etc. if (postData != null) { request.ContentLength = postData.Length; request.ContentType = contentType; using (var dataStream = request.GetRequestStream()) { dataStream.Write(postData, 0, postData.Length); } }

    Read the article

  • What the difference between zend framework and Wordpress as framework ?

    - by justjoe
    i only know wordpress and start to seek another alternative framework, zend. i heard hearsay that zend's better from others framework. if you're "a serous coder", or try to act like one, you need to use it on building your web app. some said zend is better. But it's subjective. It's fast ans secure. But nobody tell me the reason or at leas compare it with with wordpress. ultimate question : Do zend have theme or plugin just like wordpress ? any hint will be helpful

    Read the article

  • Rainbow Tables: How to improve upon them??

    - by CVS-2600Hertz-wordpress-com
    I recently obtained the l0pht-CD for windows and tried it out on my PC and It WORKS!! http://2600hertz.wordpress.com/2009/12/22/100-windows-xp-vista-7-password-recovery/ I have also read http://kestas.kuliukas.com/RainbowTables/ I'm designing a "Login-Simulator" that stores pwd-s in a similar manner. The current implementation will be vulnerable to the above attack. Plz could anyone illustrate (in as simple terms as possible), how to strengthen the rainbow tables against such an attack. MY GOAL : Build "Login-Simulator" to be as secure as possible. (Read Hacking Competition ;-) ) Thank You.

    Read the article

  • RequireHttpsAttribute and Encrypted Request Data

    - by goatshepard
    I have a controller action that is accepting sensitive data. public ActionResult TakeSensitiveData(SensitiveData data){ data.SaveSomewhere(); } To ensure the data is secure I want to be certain requests are made using HTTPS (SSLv3, TLS 1). One of the approaches I've considered using was the RequireHttpsAttribute on my action: [RequireHttps] public ActionResult TakeSensitiveData(SensitiveData data){ data.SaveSomewhere(); } However, upon testing this I fiddler revealed that an HTTP request made to the action is 302 redirected to HTTPS. My question is this: If I've made a request that is 302 redirected to HTTPS haven't I already sent the sensitive data over HTTP before the redirect?

    Read the article

  • How to transfer large files from desktop to server ( .NET)

    - by rahulchandran
    I am writing a .NET 2.0 based desktop client that will send large files ( well largish under 2GB) to a server. Need to develop the server as well. Server can be on any technology It should be secure so an underlying SSL stream is needed What are my options. Any obvious caveats etc I should be aware of To my mind the simplest solution is to open a tcp\ip connection over SSL to the server and send n packets each of size M bytes and then have the server append the chunks to the file and finally send an EOF packet as well IS this horrible. Will the perf suck on the server with all these disk writes What are any other clever options. I am limited to .NET 2.0 on the client if I did move to a WCF client will it buy be something magical and cool for this scenario Thanks

    Read the article

  • I'm trying to implement 2 factor authentication on the cheap. How would I do that?

    - by Biff MaGriff
    Ok so I need 2 of the 3. Something the user knows. Something the user has. Something the user is. I have a system that is exposed to the internet and we need clients to connect in a secure manner to satisfy our security standards. I'm thinking when a user registers to use our system we send them an application that they install on their home system. The application generates a key based on a timed randomness algorithm. Our application server has the same algorithm so when the user submits their credentials with the key we know that they are a legitimate user. Is this a valid method of 2 factor authentication? What is another way of doing this? Are there any pitfalls that I should be aware of? Thanks for your help!

    Read the article

  • How can I know if a file has been changed in .NET C#?

    - by Anthony D
    I have an application that requires a secure way to store its configuration. There are users that can change the configuration. I need some sort of signature scheme where I can verify that the config file has not changed with out a valid user. I had thought about using RSA, where the private key is encrypted with the users password, and the public key is used to sign the config. However there is nothing to prevent someone from changing the user file and adding their own public key, thus circumventing my security. Any ideas?

    Read the article

  • Connecting PHP Server and Android?

    - by user3439988
    I am trying to create a simple test application to transfer data back and forth between my server and Android device. The following are the things I aim for: Ability to upload data and files to the server. To be able to view my files on the server. To be able to download the files from the server to my android device. Ability of the server to send me updates on the files or notifications to my phone. I need a safe and secure way to do these things. I have tried these: HTTPPost requests onto the server and echoing the output accordingly and capturing the HTTPresponse and parsing it. For files I have tried using MultipartEntity, but I think that has been deprecated.

    Read the article

  • Java Security filter together with thickbox pop-ups

    - by user197127
    Hi, I have a java application that uses a security filter to protect certain resources. If there is no user logged on, it will keep in session the request path and redirect to a logon page. After a successful logon, user is redirected to the original requested page. I have now added some thickbox (ajax bases pop-up) popups to the application. Unfortunately, when I get now a popup that is "secure" the filter redirects to a logon page (which is not a popup) and makes the whole application messy. Anyone with ideas on how to solve this? Thanks

    Read the article

  • .htaccess redirect https to http not working

    - by Ira Rainey
    I am trying to catch any https traffic to the front of my site so: https://www.domain.com is redirected to: http://www.domain.com However other subdomains need to be redirected elsewhere. For the most part this is all working, apart from the https - http redirection. Here's my .htaccess file at the moment: RewriteEngine On RewriteCond %{HTTPS} on RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} RewriteCond %{HTTP_HOST} ^domain\.com [NC] RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301] RewriteCond "%{HTTP_HOST}" !^www.* [NC] RewriteCond "%{HTTP_HOST}" ^([^\.]+).*$ RewriteRule ^(.*)$ https://secure.domain.com/a/login/%1 [L,R=301] It would seem that this bit: RewriteCond %{HTTPS} on RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} isn't working as I would imagine. In fact it doesn't seem to redirect at all. In another subdirectory I have the opposite in effect which works fine: RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} so my thinking is the opposite should have done the job, but seemingly not. Any thoughts anyone?

    Read the article

  • Android programming: Authentication and data exchange with Java EE

    - by Konsumierer
    I am having a Java application running in a Tomcat server using Spring, Hibernate, etc. and a two web interfaces, one implemented in Tapestry 5 and the other one using Flex with BlazeDS and Spring-BlazeDS. In my first android application I would now like to log in to the server and retrieve some data. I´m wondering how I could achieve this in a secure way. First of all I need to know which technology is the best to retrieve data from the server and how can I restrict the access to users only that have been successfully authenticated. With what I read until now I would try to implement a HTTPServlet on the server and make server calls via HTTP Client. In the servlet I could probably use the HTTPSession to check if the request comes from an authenticated user. And the data I would try to send serialized (JSON). Unfortunately, I´ve never done those things and maybe I´m on the wrong way and there are more comfortable solutions.

    Read the article

  • How to handle User Authentication for program in client’s local machine?

    - by Daniel
    Which user authentication scheme could be used at following scenario? 1.Application A developed by my company is installed at user's local computer. 2.Users login at my company's website. 3.If login is successful, access to the application A in user's local machine is granted. The development environment is .NET. Is there a secure way to authenticate the user to access the application? I've thought about encrypting the login information entered at the website, and then sending that information to the program at user's local machine for authentication. but I think as long as the client program has the decrypting ability, it is vulnerabe to decompiling,etc. Thanks in advance!

    Read the article

  • Should I use "id" or "unique username"?

    - by roa3
    I am using PHP, AS3 and mysql. I have a website. A flash(as3) website. The flash website store the members' information in mysql database through php. In "members" table, i have "id" as the primary key and "username" as a unique field. Now my situation is: When flash want to display a member's profile. My questions: Should Flash pass the member "ID" or "username" to php to process the mysql query? Is there any different passing the "id" or "username"? Which one is more secure? Which one you recommend? I would like to optimize my website in terms of security and performance.

    Read the article

  • .NET Compact Framework Connection String encryption/securing

    - by Crazydog
    I'm writing an application in C# for a smart device running Windows Mobile 6.1. It's pretty basic. Just querying a database and getting results. Nothing too fancy. This program is only going to be deployed internally, but we still want to be secure with our SQL connection info. What's the best way I should go about encrypting/securing my connection string in the program? I've seen examples for .NET programs using AppSettings, but I'm not seeing a Setting stab in my Solution properties. This is my first time developing an application in C#/Visual Studio 2008, so there might be some kind of setting I'm missing. Thanks for the help.

    Read the article

  • Problem with session based login after moving relevent files to site root

    - by YsoL8
    Hello I have a site which I have been testing in a sub-folder of my clients site-root. I had no log in problems during testing, but then I moved the new site files from a sub-directory to the main site root, and now I'm losing my logged in state after almost every page refresh in secure areas. I am running a $_session based login system that refreshes the session id on every page load, with a comparison value stored in the MySQL database. Does anyone have suggestions for what could be causing this problem?

    Read the article

  • Prevent PHP sesison hijack, are these good ideas?

    - by matthew Rhodes
    I'm doing a simple shopping cart for a small site. I plan to store cart items as well as logged in user_id in session variables. to make things a little more secure, I thought I'd do this: sha1() the user_id before storing it in the session. Also sha1() and store the http_user_agent var with some salt, and check this along with the user_id. I know there is more one can do, but I thought this at least helps quite a bit right? and is easy for me to implement.

    Read the article

  • analyzing hashes

    - by calccrypto
    Is anyone willing to devote some time to helping me analyze a (hopefully cryptographically secure) hash? I honestly have no idea what im doing, so i need someone to show me how to, to teach me. almost all of the stuff ive found online have been really long, tedious, and vague the code is in python because for some reason i dont know c/c++. all i know about the hash: 1. there are no collisions (so far) and 2. differences between two similar inputs results in wildly different differences and please dont tell me that if i dont know what im doing, i shouldnt be doing it.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 120 121 122 123 124 125 126 127 128 129 130 131  | Next Page >