Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 184/3920 | < Previous Page | 180 181 182 183 184 185 186 187 188 189 190 191  | Next Page >

  • Is it secure to store the cert/key on a private AMI?

    - by Phillip Oldham
    Are there any major security implications to bundling a private AMI which contains the private key/certificate & environment variables? For resiliency I'm creating an EC2 image which should be able to boot and configure itself without any intervention. After boot it will attempt to: Attach & mount specific EBS volume(s) Associate a specific Elastic IP Start issuing backups of the EBS volume(s) to S3 However, to do this it will need the private key/pem files and will need certain environment variables to be available on start-up. Since this is a private AMI I'm wondering if it will be "safe" to store these variables/files directly in the image so that I don't need to specify any user-data information and can therefore start a new instance remotely (from my iPhone, if needed) should the instance be terminated for any reason.

    Read the article

  • What do you think about RefactoringManifesto.org?

    - by Gan
    Quite some time ago, on December 19 2010, a site called RefactoringManifesto.org was launched. The site is to voice concerns about refactoring. It lists ten main points as shown below (head over the website to see more details): Make your products live longer! Design should be simple so that it is easy to refactor. Refactoring is not rewriting. What doesn't kill it makes it stronger. Refactoring is a creative challenge. Refactoring survives fashion. To refactor is to discover. Refactoring is about independence. You can refactor anything, even total crap. Refactor – even in bad times! What do you think about this? Would you sign the manifesto? If not, why?

    Read the article

  • Why would Remote Assistance work but not Remote Desktop?

    - by Craig Johnston
    I have managed to get Remote Assistance working between two XP-Pro machines, but as soon as I try Remote Desktop I can't even get to the login screen without an error which gives a list of possibilities and concludes with "See your network administrator", which isn't very helpful. I have ramped up the security level on Remote Desktop including turning on encryption etc. Could this be the problem? I will only get a few hours on the machine at a time so I need to be well-prepared before I attack this problem again. Any ideas?

    Read the article

  • How to get full write permission on my second drive after dual boot?

    - by Shaul
    I had a WinXP installation on my hard drive. Then I bought a 2nd drive and installed Win7. Dual boot working fine. But when I'm in the Win7 environment, it appears that I don't have full admin permission on the "D" drive (that's the drive with WinXP). Even though the user I'm logged in as has admin permissions, I have to run my apps with administrator privileges in order to get write access to the D drive. This is not the case when I do stuff on the C drive. I could just get into running those apps that access the D drive in admin mode, but that seems like overkill. Is there some secret switch I can flip so that my D drive acts like my C drive, security-wise?

    Read the article

  • Enabling the Power State Change Beep

    - by digitxp
    I have a Thinkpad T430s. I found on other Thinkpads there's a beep when you plug or unplug the AC cord. While I hear a lot of people say it's annoying it seems like a very useful security feature. However, when I go into the Power Manager the option to beep on plugging/unplugging ("Power State Change Beep") isn't there, even though it's in the help file already. I know it would be easy to rig a software solution to this event, but it would kind of defeat the purpose if it doesn't beep when it's in sleep. Is there a way to get this beep on my laptop?

    Read the article

  • Is there a correlation between complexity and reachability?

    - by Saladin Akara
    I've been studying cyclomatic complexity (McCabe) and reachability of software at uni recently. Today my lecturer said that there's no correlation between the two metrics, but is this really the case? I'd think there would definitely be some correlation, as less complex programs (from the scant few we've looked at) seem to have 'better' results in terms of reachability. Does anyone know of any attempt to look at the two metrics together, and if not, what would be a good place to find data on both complexity and reachability for a large(ish) number of programs? (As clarification, this isn't a homework question. Also, if I've put this in the wrong place, let me know.)

    Read the article

  • Access Control Service v2: Registering Web Identities in your Applications [code]

    - by Your DisplayName here!
    You can download the full solution here. The relevant parts in the sample are: Configuration I use the standard WIF configuration with passive redirect. This kicks automatically in, whenever authorization fails in the application (e.g. when the user tries to get to an area the requires authentication or needs registration). Checking and transforming incoming claims In the claims authentication manager we have to deal with two situations. Users that are authenticated but not registered, and registered (and authenticated) users. Registered users will have claims that come from the application domain, the claims of unregistered users come directly from ACS and get passed through. In both case a claim for the unique user identifier will be generated. The high level logic is as follows: public override IClaimsPrincipal Authenticate( string resourceName, IClaimsPrincipal incomingPrincipal) {     // do nothing if anonymous request     if (!incomingPrincipal.Identity.IsAuthenticated)     {         return base.Authenticate(resourceName, incomingPrincipal);     } string uniqueId = GetUniqueId(incomingPrincipal);     // check if user is registered     RegisterModel data;     if (Repository.TryGetRegisteredUser(uniqueId, out data))     {         return CreateRegisteredUserPrincipal(uniqueId, data);     }     // authenticated by ACS, but not registered     // create unique id claim     incomingPrincipal.Identities[0].Claims.Add( new Claim(Constants.ClaimTypes.Id, uniqueId));     return incomingPrincipal; } User Registration The registration page is handled by a controller with the [Authorize] attribute. That means you need to authenticate before you can register (crazy eh? ;). The controller then fetches some claims from the identity provider (if available) to pre-fill form fields. After successful registration, the user is stored in the local data store and a new session token gets issued. This effectively replaces the ACS claims with application defined claims without requiring the user to re-signin. Authorization All pages that should be only reachable by registered users check for a special application defined claim that only registered users have. You can nicely wrap that in a custom attribute in MVC: [RegisteredUsersOnly] public ActionResult Registered() {     return View(); } HTH

    Read the article

  • String Formatting with concatenation or substitution

    - by Davio
    This is a question about preferences. Assume a programming language offers these two options to make a string with some variables: "Hello, my name is ". name ." and I'm ". age ." years old." StringFormat("Hello, my name is $0 and I'm $1 years old.", name, age) Which do you prefer and why? I have found myself using both without any clear reason to pick either. Considering micro-optimizations is not within the scope of this question. Localization has been mentioned as a reason to go with option #2 and I think it's a very valid reason and deserves to be mentioned here. However, would opinions differ based on aesthetic viewpoints?

    Read the article

  • jQuery 1.8 b1 est disponible, le code du framework est maintenant réparti dans différents modules

    jQuery 1.8 b1 est disponible jQuery est utilisé par 50 % des grands sites du web, mais les navigateurs et les appareils sur lesquels il fonctionne ont beaucoup changé depuis 6 ans. De même, la manière et les outils pour concevoir un site web se modifient rapidement. jQuery doit s'adapter en permanence à son environnement. Comme il en a été décidé lors de la sortie de la version 1.7, l'équipe de développement se pose maintenant en permanence les questions : « Cet ajout est-il indispensable ? Que peut-on supprimer ? » De nouvelles obsolescences ont été ajoutées à la liste des obsolescences annoncées à l'époque. Ces questions sont cruciales dans le domaine des appareils mobiles, jQuery doit mettre à la disposition du dé...

    Read the article

  • Testing HTML5 and javascript code for iPhone and Android devices

    - by Pankaj Upadhyay
    I have developed a simple HTML5 webpage that uses a javascript file. This is a fun learning page so I wanted to know as to how will they show up on mobile devices like iPhone and Android smartphones. The pages are hosted on a server and i have tested the thing on my desktop. But, how can i test the same for these mobile devices. i.e. how the page will look on mobile and stuff. I don't have an iPhone or Android. There is no serious development going in here so i was thinking if there is some free website or tool that acts as a iPhone or android browser. The main aim is just to see how the webpage will show up on an android phone.

    Read the article

  • Best client and server antivirus for 5 user office?

    - by drpcken
    I'm setting up an Active Directory environment for 5 users (very small) and I'm wondering what is the best antivirus for clients (Windows 7) and servers (Server 2008 R2 x64)? I use Symantec Corp at my organization (50+ users) but I think that is overkill for this company. I wanted to use Microsoft Security Essentials for the clients (I use it for home machines and it's the best free AV in my opinion) but I don't think it will work on the Servers (3 servers, PDC, TS, and File). They are behind a Sonicwall TZ 200. What would be the best. Free would be even better. Thank you!

    Read the article

  • How to disable Utility Manager (Windows Key + U)

    - by Skizz
    How do I disable the Windows Key+U hotkey in Windows XP? Alternatively, how do I stop the utility manager from being active? The two are related. The utilty manager is currently providing a potential security hole and I need to remove it*. The system I'm developing uses a custom Gina to log in and start a custom shell. This removes most Windows Key hotkeys but the Win+U still pops up the manager app. Update: Things I've tried and don't work: NoWinKeys registry setting - this only affects explorer hotkeys; Renaming utilman.exe - program reappears next login; Third party software - not really an option, these machines are audited by the clients and additional, third party software would be unlikely to be accepted. Also, the proedure needs to be reasonably straightforward - this has to be done by field service engineers to existing machines (machines currently in Russia, Holland, France, Spain, Ireland and USA). * The hole is via the internet options in the help viewer the utility app links to.

    Read the article

  • Toutes les semaines un peu de code pour aller plus loin avec Windows 7, Les Bibliothèques

    En cette fin d'année, la communauté de Developpez.com s'est alliée avec Microsoft France pour relayer une série de questions / réponses sur le développement Windows 7. A partir d'aujourd'hui, nous poserons une question chaque lundi sur une fonctionnalité propre au développement d'applications Windows 7. La bonne réponse de la question de la semaine sera ensuite dévoilée la semaine suivante avec un exemple de mise en pratique. Êtes-vous prêt à relever le défi ? Pensez-vous bien connaître les possibilités que proposent les API Windows 7 ? C'est ce que nous allons voir dès aujourd'hui, nous attendons vos propositions ! La réponse de la semaine : Quelle est la technologie de Wind...

    Read the article

  • What is best practice for search engines when a website is under maintenance?

    - by jamescridland
    I need around a week to transition a heavily data-driven website from one back end to another. During that time I do plan to attempt to keep some pages live, but they won't all work well or look brilliant. Some pages won't work at all. What is the best way to ensure I don't scare Google? Should I hide everything from robots.txt, or mark everything that doesn't work as "503", or are there other things that I should be considering?

    Read the article

  • Preparing yourself for Code challenges

    - by Daniel Fath
    Just a few days ago I discovered Codility, and I tried their challenges. And I must say. I got my behind handed to me on a platter. I'm not sure what the problem was, but I'll lick my wounds and wait for the solution to come out and compare it with my own. In the meantime, I want to get ready for the next challenge so I'm reading their previous blog posts and seeing how to solve their previous problems. There are a lot of new things I haven't heard about like (Cartesian trees, various sort algorithms, etc.) So, how does one prepare for such challenges (especially the O(x) time and space complexity). What should I read to prepare for such a task?

    Read the article

  • What constitutes a programming language and how does one copyright a programming language?

    - by Yannbane
    I've decided to create a programming language of my own, mostly just for fun. However, I got interested in the legal aspect of it all. You can, for example, licence specific programs under specific terms. However, how do you go about licensing a language? Also, by that I don't just mean the implementation of the language (compiler & VM), but the standard itself. Is there something else to a programming language I'm missing? What I would like to achieve by such licensing: Make it completely FOSS (can a language even be FOSS, or is that the implementation that can be FOSS?) Establish myself as the author (can you legally be an author of a language? Or, again, just the implementation?) Make it so that anyone implementing my language would be required to attribute me (MIT-style. Please note that I do not have any hopes for anyone actually ever doing that though, I'm just learning.) I think that the solution would be to separately license the VM and the compiler for my language, as "the official implementation", and then license the design document as the language itself. What exactly am I missing here?

    Read the article

  • Handle all authentication logic in database or code?

    - by Snuffleupagus
    We're starting a new(ish) project at work that has been handed off to me. A lot of the database sided stuff has been fleshed out, including some stored procedures. One of the stored procedures, for example, handles creation of a new user. All of the data is validated in the stored procedure (for example, password must be at least 8 characters long, must contain numbers, etc) and other things, such as hashing the password, is done in the database as well. Is it normal/right for everything to be handled in the stored procedure instead of the application itself? It's nice that any application can use the stored procedure and have the same validation, but the application should have a standard framework/API function that solves the same problem. I also feel like it takes away the data from the application and is going to be harder to maintain/add new features to.

    Read the article

  • Which modules can be disabled in apache2.4 on windows

    - by j0h
    I have an Apache 2.4 webserver running on Windows. I am looking into system hardening and the config file httpd.conf. There are numerous load modules and I am wondering which modules I can safely disable for performance and / or security improvements. Some examples of things I would think I can disable are: LoadModule cgi_module others like LoadModule rewrite_module LoadModule version_module LoadModule proxy_module LoadModule setenvif_module I am not so sure they can be disabled. I am running php5 as a scripting engine, with no databases, and that is it. My loaded modules are: core mod_win32 mpm_winnt http_core mod_so mod_access_compat mod_actions mod_alias mod_allowmethods mod_asis mod_auth_basic mod_authn_core mod_authn_file mod_authz_core mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_dav_lock mod_dir mod_env mod_headers mod_include mod_info mod_isapi mod_log_config mod_cache_disk mod_mime mod_negotiation mod_proxy mod_proxy_ajp mod_rewrite mod_setenvif mod_socache_shmcb mod_ssl mod_status mod_version mod_php5

    Read the article

  • My coworker created a 96 columns SQL table

    - by Eric
    Here we are in 2010, software engineers with 4 or 5 years or experience, still designing tables with 96 fracking columns. I told him it's gonna be a nightmare. I showed him that we have to use ordinals to interface MySQL with C#. I explained that tables with more columns than rows are a huge smell. Still, I get the "It's going to be simpler this way". What should I do? EDIT * This table contains data from sensors. We have sensor 1 with Dynamic_D1X Dynamic_D1Y [...] Dynamic_D6X Dynamic_D6Y [...]

    Read the article

  • openSuse full disk encryption

    - by djechelon
    I'm a proud Suser. I'm about to reinstall 12.2 on my ASUS N76VZ (UEFI x64 laptop). Since I'm very sensitive about laptop security against theft or unwanted inspection, I chose to use BitLocker with USB dongle in Windows 7. When installing Suse the last time I found that only the home partition (separated from root) was capable of being encrypted. Does Suse offer a full disk encryption solution like BitLocker that I haven't discovered yet? Or is encrypting home partition the only way to protect data? Encrypting only home is feasible as one stores personal data in home, but I still would like to encrypt the whole thing! Also, using a hardware token (no TPM available) for unlocking is preferred to password, if possible! Thanks

    Read the article

  • Hopping/Tumbling Windows Could Introduce Latency.

    This is a pre-article to one I am going to be writing on adjusting an event’s time and duration to satisfy business process requirements but it is one that I think is really useful when understanding the way that Hopping/Tumbling windows work within StreamInsight.  A Tumbling window is just a special shortcut version of  a Hopping window where the width of the window is equal to the size of the hop Here is the simplest and often used definition for a Hopping Window.  You can find them all here public static CepWindowStream<CepWindow<TPayload>> HoppingWindow<TPayload>(     this CepStream<TPayload> source,     TimeSpan windowSize,     TimeSpan hopSize,     WindowInputPolicy inputPolicy,     HoppingWindowOutputPolicy outputPolicy )   And here is the definition for a Tumbling Window public static CepWindowStream<CepWindow<TPayload>> TumblingWindow<TPayload>(     this CepStream<TPayload> source,     TimeSpan windowSize,     WindowInputPolicy inputPolicy,     HoppingWindowOutputPolicy outputPolicy )   These methods allow you to group events into windows of a temporal size.  It is a really useful and simple feature in StreamInsight.  One of the downsides though is that the windows cannot be flushed until an event in a following window occurs.  This means that you will potentially never see some events or see them with a delay.  Let me explain. Remember that a stream is a potentially unbounded sequence of events. Events in StreamInsight are given a StartTime.  It is this StartTime that is used to calculate into which temporal window an event falls.  It is best practice to assign a timestamp from the source system and not one from the system clock on the processing server.  StreamInsight cannot know when a window is over.  It cannot tell whether you have received all events in the window or whether some events have been delayed which means that StreamInsight cannot flush the stream for you.   Imagine you have events with the following Timestamps 12:10:10 PM 12:10:20 PM 12:10:35 PM 12:10:45 PM 11:59:59 PM And imagine that you have defined a 1 minute Tumbling Window over this stream using the following syntax var HoppingStream = from shift in inputStream.TumblingWindow(TimeSpan.FromMinutes(1),HoppingWindowOutputPolicy.ClipToWindowEnd) select new WindowCountPayload { CountInWindow = (Int32)shift.Count() };   The events between 12:10:10 PM and 12:10:45 PM will not be seen until the event at 11:59:59 PM arrives.  This could be a real problem if you need to react to windows promptly This can always be worked around by using a different design pattern but a lot of the examples I see assume there is a constant, very frequent stream of events resulting in windows always being flushed. Further examples of using windowing in StreamInsight can be found here

    Read the article

  • Is this the most effect simple way to display a moving image? SDL2

    - by user36324
    I've looked around for tutorials on SDL2, but there isnt many so I am curious i was messing around and is this an effective way to move an image. One problem is that it drags along the image to where it moves. #include "SDL.h" #include "SDL_image.h" int main(int argc, char* argv[]) { bool exit = false; SDL_Init(SDL_INIT_EVERYTHING); SDL_Window *win = SDL_CreateWindow("Hello World!", 100, 100, 640, 480, SDL_WINDOW_SHOWN); SDL_Renderer *ren = SDL_CreateRenderer(win, -1, SDL_RENDERER_ACCELERATED | SDL_RENDERER_PRESENTVSYNC); SDL_Surface *png = IMG_Load("character.png"); SDL_Rect src; src.x = 0; src.y = 0; src.w = 161; src.h = 159; SDL_Rect dest; dest.x = 50; dest.y = 50; dest.w = 161; dest.h = 159; SDL_Texture *tex = SDL_CreateTextureFromSurface(ren, png); SDL_FreeSurface(png); while(exit==false){ dest.x++; SDL_RenderClear(ren); SDL_RenderCopy(ren, tex, &src, &dest); SDL_RenderPresent(ren); } SDL_Delay(5000); SDL_DestroyTexture(tex); SDL_DestroyRenderer(ren); SDL_DestroyWindow(win); SDL_Quit(); }

    Read the article

  • Needs management tool for .java files

    - by Chris Okyen
    When I open the src file in the project folder in Package Explorer in Eclipse, it says the following: Error retrieving content description for resource '/GuiAdd/src/GuiAdd.Java.' Now, the directories of the source projects shown in Eclipse Package explorer doesn't always have the source file to link to, causing this message. I need a way to sync the folders in the correct directory without overwriting the newest ones. Some source files I project files of the root which the Package explorer links to may be the correct versions but other source files in the root may not have the latest source or any source. I am not using svn/git or other depository programs.

    Read the article

  • Preventing - Large Number of Failed Login Attempts from IP

    - by Silver89
    I'm running a CentOS 6.3 server and currently receive emails entitled "Large Number of Failed Login Attempts from IP" from my server every 15 minutes or so. Surely with the below configured it should mean only the person using the (my static ip) should be able to even try and log in? If that's the case where are these remote unknown users trying to log into which is generating these emails? Current Security Steps: root login is only allowed without-password StrictModes yes SSH password login is disabled - PasswordAuthentication no SSH public keys are used SSH port has been changed to a number greater than 40k cPHulk is configured and running Logins limited to specific ip address cPanel and WHM limited to my static ip only hosts.allow sshd: (my static ip) vsftpd: (my static ip) whostmgrd: (my static ip) hosts.deny ALL : ALL

    Read the article

  • What should NOT be included in comments? (opinion on a dictum by the inventor of Forth)

    - by AKE
    The often provocative Chuck Moore (inventor of the Forth language) gave the following advice (paraphrasing): "Use comments sparingly. Programs are self-documenting, with a modicum of help from mnemonics. Comments should say WHAT the program is doing, not HOW." My question: Should comments say WHY the program is doing what it is doing? Update: In addition to the answers below, these two provide additional insight. 1: Beginner's guide to writing comments? 2: http://programmers.stackexchange.com/a/98609/62203

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 180 181 182 183 184 185 186 187 188 189 190 191  | Next Page >