Search Results

Search found 6520 results on 261 pages for 'sent'.

Page 216/261 | < Previous Page | 212 213 214 215 216 217 218 219 220 221 222 223 | Next Page >

Storing Credit Card Numbers in SESSION - ways around it?

- by JM4

I am well aware of PCI Compliance so don't need an earful about storing CC numbers (and especially CVV nums) within our company database during checkout process. However, I want to be safe as possible when handling sensitive consumer information and am curious how to get around passing CC numbers from page to page WITHOUT using SESSION variables if at all possible. My site is built in this way: Step 1) collect Credit Card information from customer - when customer hits submit, the information is first run through JS validation, then run through PHP validation, if all passes he moves to step 2. Step 2) Information is displayed on a review page for customer to make sure the details of their upcoming transaction are shown. Only the first 6 and last 4 of the CC are shown on this page but card type, and exp date are shwon fully. If he clicks proceed, Step 3) The information is sent to another php page which runs one last validation, sends information through secure payment gateway, and string is returned with details. Step 4) If all is good and well, the consumer information (personal, not CC) is stored in DB and redirected to a completion page. If anything is bad, he is informed and told to revisit the CC processing page to try again (max of 3 times). Any suggestions?

Read the article
How do I find the .max of an attribute value among a group of different Models?

- by Angela

Hi, everyone: I am also open to just straight-up refactoring what I'm finding to be pretty repetitive, but to give a baseline of how it's working.... I have for every contact a Campaign, which has_many of three types of Models: Email, Call, and Letter. When an Email (Call or Letter) has been executed for a specific contact, I have a Contact_Email(_or_Call_or_Letter) which belongs to both the Contact and the Model (Email_or_Call_or_Letter). Each Contact_Email for example pairing has a :date_sent attribute. So does each Contact_Call and Contact_Letter. How do I find the latest of all of them? Here is the code I wrote that can find the latest Email and my finding retyping similar code for Call and Letter, but then stuck on how to do a .max on all of them: def last_email(contact) #get campaign the contact belongs to @campaign = Campaign.find_by_id(contact.campaign_id) @last_email = ContactEmail.find(:last, :conditions => "contact_id = #{contact.id}", :order => "date_sent DESC") @last_call = ContactCall.find(:last, :conditions => "contact_id = #{contact.id}", :order => "date_sent DESC") @last_letter = ContactLetter.find(:last, :conditions => "contact_id = #{contact.id}", :order => "date_sent DESC") # how do I get the latest of all of these to display? if @last_sent_email.nil? return "no email sent" else return @last_sent_email.date_sent end end Question 1: With what I have, how can I find effectively @last_event given I can find the last Email, last Call, and last Letter for every contact? Question 2: How can I remove the repetitive code that I have to write for each Model?

Read the article
How to Treat Race Condition of Session in Web Application?

- by Morgan Cheng

I was in a ASP.NET application has heavy traffic of AJAX requests. Once a user login our web application, a session is created to store information of this user's state. Currently, our solution to keep session data consistent is quite simple and brutal: each request needs to acquire a exclusive lock before being processed. This works fine for tradition web application. But, when the web application turns to support AJAX, it turns to not efficient. It is quite possible that multiple AJAX requests are sent to server at the same time without reloading the web page. If all AJAX requests are serialized by the exclusive lock, the response is not so quick. Anyway, many AJAX requests that doesn't access same session variables are blocked as well. If we don't have a exclusive lock for each requests, then we need to treat all race condition carefully to avoid dead lock. I'm afraid that would make the code complex and buggy. So, is there any best practice to keep session data consistent and keep code simple and clean?

Read the article
Performing selectors on main thread with NSInvocation

- by kpower

I want to perform animation on main thread (cause UIKit objects are not thread-safe), but prepare it in some separate thread. I have (baAnimation - is CABasicAnimation allocated & inited before): SEL animationSelector = @selector(addAnimation:forKey:); NSString *keyString = @"someViewAnimation"; NSInvocation *inv = [NSInvocation invocationWithMethodSignature:[workView.layer methodSignatureForSelector:animationSelector]]; [inv setTarget:workView.layer]; [inv setSelector:animationSelector]; [inv setArgument:baAnimation atIndex:2]; [inv setArgument:keyString atIndex:3]; [inv performSelectorOnMainThread:@selector(invoke) withObject:nil waitUntilDone:NO]; I get: *** +[NSCFString length]: unrecognized selector sent to class 0x1fb36a0 Calls: > #0 0x020984e6 in objc_exception_throw > #1 0x01f7e8fb in +[NSObject doesNotRecognizeSelector:] > #2 0x01f15676 in ___forwarding___ > #3 0x01ef16c2 in __forwarding_prep_0___ > #4 0x01bb3c21 in -[CALayer addAnimation:forKey:] > #5 0x01ef172d in __invoking___ > #6 0x01ef1618 in -[NSInvocation invoke] But [workView.layer addAnimation:baAnimation forKey:@"someViewAnimation"]; works fine. What am I doing wrong?

Read the article
Can an application affect TCP retransmits

- by sipwiz

I'm troubleshooting some communications issues and in the network traces I am occasionally coming across TCP sequence errors. One example I've got is: Server to Client: Seq=3174, Len=50 Client to Server: Ack=3224 Server to Client: Seq=3224, Len=50 Client to Server: Ack=3224 Server to Client: Seq=3274, Len=10 Client to Server: Ack=3224, SLE=3274, SRE=3284 Packets 4 & 5 are recorded in the trace (which is from a router in between the client and server) at almost exactly the same time so they most likely crossed in transit. The TCP session has got out of sync with the client missing the last two transmissions from the server. Those two packets should have been retransmitted but they weren't, the next log in the trace is a RST packet from the Client 24 seconds after packet 6. My question is related to what could be responsible for the failure to retransmit the server data from packets 3 & 5? I would assume that the retransmit would be at the operating system level but is there anyway the application could influence it and stop it being sent? A thread blocking or put to sleep or something like that?

Read the article
Silverlight, Flash, or JavaScript for web app that runs client-side, or just stick with C#?

- by Sootah

Silverlight, Flash, and JavaScript, oh my.. I have a couple of applications that I need to develop for one of my business partners that will be distributed to dozens of people. These applications will need to be able to query information from the internet (query via Google, grab feeds from our other sites, just general web access) and save files to their computer. The reason I want to host the application is so that it all can be centrally managed, and any updates would be instantly deployed to everyone that uses the service. There always seems to be headaches with developing a pure desktop app in a language like C# with regards to making sure people use the latest version, don't have some odd problem with the installer, etc. Since we don't want to tie up our server's CPU I want effectively all of the processing done client-side. Meaning that they would log into their account, access the app, and then all the work done within the app is all handled by their machine. Only specific data would be sent back to the server. So - which language is best for this? Microsoft's Silverlight, Adobe's Flash, or Sun's JavaScript? I've heard a lot of good things about Silverlight and have wanted to try it for some time. I've only done extremely limited JavaScript programming, and absolutely none with Flash. Or, with my main requirement being that the client does all of its own processing should I just stick with C#? Also, is there any way to integrate a C# app into a webpage? I've never even considered it (or have any idea if it's even possible) until just now. Thanks in advance! -Sootah

Read the article
Resolving the WMI DNS Host Name

- by Stephen Murby

I am trying to make a comparison between a machine name i have retrieved from AD, and the DNS Host Name i want to get using WMI from the machine. I currently have: foreach (SearchResult oneMachine in allMachinesCollected) { pcName = oneMachine.Properties["name"][0].ToString(); ConnectionOptions setupConnection = new ConnectionOptions(); setupConnection.Username = USERNAME; setupConnection.Password = PASSWORD; setupConnection.Authority = "ntlmdomain:DOMAIN"; ManagementScope setupScope = new ManagementScope("\\\\" + pcName + "\\root\\cimv2", setupConnection); setupScope.Connect(); ObjectQuery dnsNameQuery = new ObjectQuery("SELECT * FROM Win32_ComputerSystem"); ManagementObjectSearcher dnsNameSearch = new ManagementObjectSearcher(setupScope, dnsNameQuery); ManagementObjectCollection allDNSNames = dnsNameSearch.Get(); string dnsHostName; foreach (ManagementObject oneName in allDNSNames) { dnsHostName = oneName.Properties["DNSHostName"].ToString(); if (dnsHostName == pcName) { shutdownMethods.ShutdownMachine(pcName, USERNAME, PASSWORD); MessageBox.Show(pcName + " has been sent the reboot command"); } } } } But i get a ManagementException dnsHostName = oneName.Properties["DNSHostName"].ToString(); << here saying not found. Any ideas?

Read the article
Mail function wont send eMail. ERROR

- by Peter

I think i tried to fix this issue fr 3 days now and cant seem to find the problem. I use XAMPP and use this code: <?php $to = "[email protected]"; $subject = "Test mail"; $message = "Hello! This is a simple email message."; $from = "[email protected]"; $headers = "From: $from"; $res= mail($to,$subject,$message,$headers); echo " $res Mail Sent."; ?> when i enter that page i get an error that says: Warning: mail() [function.mail]: Failed to connect to mailserver at "localhost" port 25, verify your "SMTP" and "smtp_port" setting in php.ini or use ini_set( My php.init file in xampp are as follow: [mail function] ; For Win32 only. ; http://php.net/smtp SMTP = smpt.gmail.com ; http://php.net/smtp-port smtp_port = 25 That is all my codes.

Read the article
WCF cross-domain policy security error

- by George2

Hello everyone, I am using VSTS 2008 + C# + WCF + .Net 3.5 + Silverlight 3.0. I host Silverlight control in an html page and debug it from VSTS 2008 (press F5, then run in VSTS 2008 built-in ASP.Net development web server), then call another WCF service (hosted in another machine running IIS 7.0 + Vista). The WCF service is very simple, just return a constant string to client. When invoking the WCF service from Silverlight, I got the following error message, An error occurred while trying to make a request to URI 'https://LabTest/Test.svc'. This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for SOAP services. You may need to contact the owner of the service to publish a cross-domain policy file and to ensure it allows SOAP-related HTTP headers to be sent. This error may also be caused by using internal types in the web service proxy without using the InternalsVisibleToAttribute attribute. Please see the inner exception for more details. Here is the clientaccesspolicy.xml file, anything wrong? <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*"> </domain> </allow-from> <grant-to> <resource path="/" include-subpaths="true"></resource> </grant-to> </policy> </cross-domain-access> </access-policy> thanks in advance, George

Read the article
Google App Engine - How to implement the activity stream in a social network

- by spidee

I want some ideas on the best practice to implement an activity stream for a social network im building in app engine (PYTHON) I first want to keep a log for all activities of each user - so that we have a history. i.e. someone became a friend, added a picture, changed their address etc. This way we have a users history available should we need it. Also mean we can remove friendship joins, change user data but have a historical log. I also want to stream a users activity to their friends. for this only the last X activities need to be kept - that is in the scenario that messages are sent to friends when an activity occurs. Its pretty straight forward designing a history log - ie: when, what, where. The complication comes as to how we notify friends of a user as to their activity. In our app friendships are not mutual - ie they are based on the twitter following model. Some accounts could have thousands of followers. What is the best approach to model this. using a many to many join table and doing a costly query - using a feed class that fired a copy of the activity to all the subscribers - maybe into mcache? As their maybe a need to fire thousands of messages i would imagine a cron job would need to be used. Any help ideas thoughts on this Thx

Read the article
Empty Postbacks on ASP.NET pages

- by AaronLS

We are having a problem that seems to only be a problem when accessing our websites from internal intranet machines. When logged into the domain, and accessing our websites, postbacks are not working. Basically the page behaves as if it were refreshed and nothing was changed. When logging the GETs and POSTs with an HTTP analyzer, the post is complete empty and the ContentLength is 0. It is also very sporadic, but seems to be happening fairly often. In the case where it failed, we could see that there was an extra item in the Header for the POST, it was "Authorization" and the value was the word "Negotiate " followed by a space and then a bunch of characters and two equal symbols at the end, which looked like some kind of base64 encoded value. In a case where it succeeded, this Authorization item was no in the header, but I have logged more than one successful cases to know if that is consistent. We have seen this occur only with IE8 so far, and when it occurs it is sometimes sporadic. I can close and open the browser and it will begin working sometimes, and other times it is still broken. What might be causing the postback to be empty? This means the viewstate is not sent to the server which makes the page basically broken. It seems to certainly be a client side issue, but not sure if it's not aggravated by some server settings. Thanks in advance.

Read the article
FileReference.browse() stops playback on some Flash Players

- by Christophe Herreman

We have an issue were the server session associated with a Flex client times out when the browse file dialog is open for a time longer then the configured session timeout. It seems that on some players, the playback is stopped when browse or download on a FileReference is executing. This also causes remote calls to be blocked and hence our manual keep-alive messages are not sent to the server, resulting in a session timeout. I searched for some info on this in the docs and found a notice of it, but it does not explicitly list the players it does (not) work. Would anyone know were I could find a complete list? PS: here are the links that mention this behavior: http://livedocs.adobe.com/flex/3/html/help.html?content=17_Networking_and_communications_7.html While calls to the FileReference.browse(), FileReferenceList.browse(), or FileReference.download() method are executing, most players will continue SWF file playback. http://livedocs.adobe.com/flex/3/langref/flash/net/FileReference.html While calls to the FileReference.browse(), FileReferenceList.browse(), or FileReference.download() methods are executing, SWF file playback pauses in stand-alone and external versions of Flash Player and in AIR for Linux and Mac OS X 10.1 and earlier Anyone knows what is meant with an "external Flash Player"? PPS: we tested this on Linux (10.0.x and 10.1.x) in Firefox where it seems to stop playback and on Windows (10.0.x) in IE where playback seems to continue.

Read the article
How do people handle foreign keys on clients when synchronizing to master db

- by excsm

Hi, I'm writing an application with offline support. i.e. browser/mobile clients sync commands to the master db every so often. I'm using uuid's on both client and server-side. When synching up to the server, the servre will return a map of local uuids (luid) to server uuids (suid). Upon receiving this map, clients updated their records suid attributes with the appropriate values. However, say a client record, e.g. a todo, has an attribute 'list_id' which holds the foreign key to the todos' list record. I use luids in foreign_keys on clients. However, when that attribute is sent over to the server, it would dirty the server db with luids rather than the suid the server is using. My current solution, is for the master server to keep a record of the mappings of luids to suids (per client id) and for each foreign key in a command, look up the suid for that particular client and use the suid instead. I'm wondering wether others have come across thus problem and if so how they have solved it? Is there a more efficient, simpler way? I took a look at this question "Synchronizing one or more databases with a master database - Foreign keys (5)" and someone seemed to suggest my current solution as one option, composite keys using suids and autoincrementing sequences and another option using -ve ids for client ids and then updating all negative ids with the suids. Both of these other options seem like a lot more work. Thanks, Saimon

Read the article
Use PermGen space or roll-my-own intern method?

- by Adamski

I am writing a Codec to process messages sent over TCP using a bespoke wire protocol. During the decode process I create a number of Strings, BigDecimals and dates. The client-server access patterns mean that it is common for the client to issue a request and then decode thousands of response messages, which results in a large number of duplicate Strings, BigDecimals, etc. Therefore I have created an InternPool<T> class allowing me to intern each class of object. Internally, the pool uses a WeakHashMap<T, WeakReferemce<T>>. For example: InternPool<BigDecimal> pool = new InternPool<BigDecimal>(); ... // Read BigDecimal from in buffer and then intern. BigDecimal quantity = pool.intern(readBigDecimal(in)); My question: I am using InternPool for BigDecimal but should I consider also using it for String instead of String's intern() method, which I believe uses PermGen space? What is the advantage of using PermGen space?

Read the article
HTTP POST with URL query parameters -- good idea or not?

- by Steven Huwig

I'm designing an API to go over HTTP and I am wondering if using the HTTP POST command, but with URL query parameters only and no request body, is a good way to go. Considerations: "Good Web design" requires non-idempotent actions to be sent via POST. This is a non-idempotent action. It is easier to develop and debug this app when the request parameters are present in the URL. The API is not intended for widespread use. It seems like making a POST request with no body will take a bit more work, e.g. a Content-Length: 0 header must be explicitly added. It also seems to me that a POST with no body is a bit counter to most developer's and HTTP frameworks' expectations. Are there any more pitfalls or advantages to sending parameters on a POST request via the URL query rather than the request body? Edit: The reason this is under consideration is that the operations are not idempotent and have side effects other than retrieval. See the HTTP spec: In particular, the convention has been established that the GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. These methods ought to be considered "safe". This allows user agents to represent other methods, such as POST, PUT and DELETE, in a special way, so that the user is made aware of the fact that a possibly unsafe action is being requested. ... Methods can also have the property of "idempotence" in that (aside from error or expiration issues) the side-effects of N 0 identical requests is the same as for a single request. The methods GET, HEAD, PUT and DELETE share this property. Also, the methods OPTIONS and TRACE SHOULD NOT have side effects, and so are inherently idempotent.

Read the article
Servlet doPost() Method setup?

- by Mark R

I am interested in creating a web app that uses JSP, Servlets and XML. At the moment I have the following: JSP - Form input. Servlet - Retrieving Form data and sending that data to a java object. Java object (1) - Converts data into XML file....instantiates java object (2). Java object (2) - Sends that file to a database. On the returning side the database will send back another XML file that I will then process using XSLT to display back to the user. Can I place that XSLT code in the orignial Servlets doPost() method? So my doPost()` method would: Retrieve user inputted data from the form on my JSP page. Instantiate a java object to convert that data to XML, in-turn that object will instantiates another object to send the XML file to a database. Converts the resulting XML file sent from the database and displays it for the user. Can one servlet doPost() method handle all of this? If not, how would I set up my application and classes to handle this work flow? Thank you in advance

Read the article
How do I handle the messages for a simple web-based live chat, on the server side?

- by Carson Myers

I'm building a simple live chat into a web application running on Django, but one thing I'm confused about is how I should store the messages between users. The chat will support multiple users, and a chat "session" is composed of users connected to one user that is the "host." The application is a sort of online document collaboration thing, so user X has a document, and users Y and Z would connect to user X to talk about the document, and that would be one chat session. If user Y disconnected for five minutes, and then signed back in and reconnected to user X, he should not get any of the messages shared between users X and Z while he was away. if users X, Y, and Z can have a chat session about user X's document, then users X and Y can connect to a simultaneous, but separate discussion about user Z's document. How should I handle this? Should I keep each message in the database? Each message would have an owner user and a target user (the host), and a separate table would be used to connect users with messages (which messages are visible to what users). Or should I store each session as an HTML file on the server, which messages get appended to? The problem is, I can't just send messages directly between clients. They have to be sent to the server in a POST request, and then each client has to periodically check for the messages in a GET request. Except I can't just have each message cleared after a client fetches it, because there could be multiple clients. How should I set this up? Any suggestions?

Read the article
IComparer for integers and force empty strings to end

- by paulio

Hi, I've written the following IComparer but I need some help. I'm trying to sort a list of numbers but some of the numbers may not have been filled in. I want these numbers to be sent to the end of the list at all times.. for example... [EMPTY], 1, [EMPTY], 3, 2 would become... 1, 2, 3, [EMPTY], [EMPTY] and reversed this would become... 3, 2, 1, [EMPTY], [EMPTY] Any ideas? public int Compare(ListViewItem x, ListViewItem y) { int comparison = int.MinValue; ListViewItem.ListViewSubItem itemOne = x.SubItems[subItemIndex]; ListViewItem.ListViewSubItem itemTwo = y.SubItems[subItemIndex]; if (!string.IsNullOrEmpty(itemOne.Text) && !string.IsNullOrEmpty(itemTwo.Text)) { uint itemOneComparison = uint.Parse(itemOne.Text); uint itemTwoComparison = uint.Parse(itemTwo.Text); comparison = itemOneComparison.CompareTo(itemTwoComparison); } else { // ALWAYS SEND TO BOTTOM/END OF LIST. } // Calculate correct return value based on object comparison. if (OrderOfSort == SortOrder.Descending) { // Descending sort is selected, return negative result of compare operation. comparison = (-comparison); } else if (OrderOfSort == SortOrder.None) { // Return '0' to indicate they are equal. comparison = 0; } return comparison; } Cheers.

Read the article
Including/Organzing HTML in large javascript project

- by Bill Zimmerman

Hi, I've a got a fairly large web app, with several mini applets on each page. These applets are almost always identical jquery apps. I am looking for advice on how I should organize/include smaller parts of these jquery apps within my larger project. For example, each app has several independent tabs. If possible, I would like to store each of the tabs as a seperate .html file because this makes development easier. My requirements are: 1) All of the html 'tabs' are loaded on the clients end when the page loads. I would like to avoid any delays by dynamically requesting the tab html. 2) If possible, I would like to minimize the raw data sent. For example, it would be preferable to send each tab 1 time, instead of sending each tab 10 times if there are ten applets on that page. Questions: 1) What are my options for 'including' the HTML files / javascript code 2) Any tips for keeping my development simple in this situation? Surely there has to be a better way than just editing one massive html file when working with large pages.

Read the article
WCF: Exposed Object Model - stuck in a loop

- by Mark

Hi I'm working on a pretty big WSSF project. I have a normal object model in the business layer. Eg a customer has an orders collection property, when this is accessed then it loads from the data layer (lazy loading). An order has a productCollection property etc etc.. Now the bit I'm finding tricky is exposing this via WCF. I want to export a collection of orders. The client app will also need information about the customers. Using the WSSF data contract designer I have set it up so that customers have a property called "order collection". This is fine if you have a customer object and would like to look at the orders but if you have an order object there is no customer property so it doesn't work going up the hierarchy. I've tried adding a customer property to the orders object but then the code gets stuck in a loop when it loads the data contracts up. This is because it doesn't load on demand like in the business layer. I need to load all properties up before the objects can be sent out via WCF. It ends up loading an order, then the customer for that order, then the orders for that customer, then the customer for that order etc etc... I'm sure I've got all this wrong. Help!!

Read the article
python on apache - getting 404

- by Kirby

I edited this question after i found a solution... i need to understand why the solution worked instead of my method? This is likely to be a silly question. I tried searching other questions that are related... but to no avail. i am running Apache/2.2.11 (Ubuntu) DAV/2 SVN/1.5.4 PHP/5.2.6-3ubuntu4.5 with Suhosin-Patch mod_python/3.3.1 Python/2.6.2 i have a script called test.py #! /usr/bin/python print "Content-Type: text/html" # HTML is following print # blank line, end of headers print "hello world" running it as an executable works... /var/www$ ./test.py Content-Type: text/html hello world when i run http://localhost/test.py i get a 404 error. What am i missing? i used this resource to enable python parsing on apache. http://ubuntuforums.org/showthread.php?t=91101 From that same thread... the following code worked.. why? #!/usr/bin/python import sys import time def index(req): # Following line causes error to be sent to browser # rather than to log file (great for debug!) sys.stderr = sys.stdout #print "Content-type: text/html\n" #print """ blah1 = """<html> <head><title>A page from Python</title></head> <body> <h4>This page is generated by a Python script!</h4> The current date and time is """ now = time.gmtime() displaytime = time.strftime("%A %d %B %Y, %X",now) #print displaytime, blah1 += displaytime #print """ blah1 += """ <hr> Well House Consultants demonstration </body> </html> """ return blah1

Read the article
how to bind/connect multiple UDP socket

- by nicboul

My initial UDP socket is binded to 127.0.0.1:9898. The first time that I get notified of incoming data by epoll/kqueue, I do recvfrom() and I fill a struct sockaddr called peer_name that contain the peer informations (ip:port). Then I create a new UPD socket using socket(), then I bind() this newly created socket to the same ip:port (127.0.0.1:9898) than my original socket. then I connect my newly created socket using connect() to the peer who just sent me something. I have the information in the struct sockaddr called peer_name. I then add my newly created socket in my epoll/kqueue vector and wait for notification. I would expect to ONLY receive UDP frame from the peer i'm ""connected to"". 1/ does netstat -a -p udp is suppose to show me the IP:PORT of the peer my newly created socket is ""connected to"" ? 2/ I'm probably doing something wrong since after creating my new socket, this socket receive all incoming UDP packets destinated to the IP:PORT I'm binded to, regardless of the source peer IP:PORT. I would like to see a working example of what I'm trying to do :) or any hint on what I'm doing wrong. thanks!

Read the article
Best practices for encrypting continuous/small UDP data

- by temp

Hello everyone, I am having an application where I have to send several small data per second through the network using UDP. The application need to send the data in real-time (no waiting). I want to encrypt these data and insure that what I am doing is as secure as possible. Since I am using UDP, there is no way to use SSL/TLS, so I have to encrypt each packet alone since the protocol is connectionless/unreliable/unregulated. Right now, I am using a 128-bit key derived from a passphrase from the user, and AES in CBC mode (PBE using AES-CBC). I decided to use a random salt with the passphrase to derive the 128-bit key (prevent dictionary attack on the passphrase), and of course use IVs (to prevent statistical analysis for packets). However I am concerned about few things: Each packet contains small amount of data (like a couple of integer values per packet) which will make the encrypted packets vulnerable to known-plaintext attacks (which will result in making it easier to crack the key). Also, since the encryption key is derived from a passphrase, this will make the key space way less (I know the salt will help, but I have to send the salt through the network once and anyone can get it). Given these two things, anyone can sniff and store the sent data, and try to crack the key. Although this process might take some time, once the key is cracked all the stored data will be decrypted, which will be a real problem for my application. So my question is, what is the best practices for sending/encrypting continuous small data using a connectionless protocol (UDP)? Is my way the best way to do it? ...flowed? ...Overkill? ... Please note that I am not asking for a 100% secure solution, as there is no such thing. Cheers

Read the article
Using sigprocmask to implement locks

- by EpsilonVector

I'm implementing user threads in Linux kernel 2.4, and I'm using ualarm to invoke context switches between the threads. We have a requirement that our thread library's functions should be uninterruptable, so I looked into blocking signals and learned that using sigprocmask is the standard way to do this. However, it looks like I need to do quite a lot to implement this: sigset_t new_set, old_set; sigemptyset(&new_set); sigaddset(&new_set, SIGALRM); sigprocmask(SIG_BLOCK, &new_set, &old_set); This blocks SIGALARM but it does this with 3 function invocations! A lot can happen in the time it takes for these functions to run, including the signal being sent. The best idea I had to mitigate this was temporarily disabling ualarm, like this: sigset_t new_set, old_set; time=ualarm(0,0); sigemptyset(&new_set); sigaddset(&new_set, SIGALRM); sigprocmask(SIG_BLOCK, &new_set, &old_set); ualarm(time, 0); Which is fine except that this feels verbose. Isn't there a better way to do this?

Read the article
Outgoing Emails (Git Patches) Blocked by Windows Live

- by SteveStifler

Just recently I dove into the VideoLAN open source project. This was my first time using git, and when sending in my first patch (using git send-email --to [email protected] patches), I was sent the following message from my computer's local mail in the terminal (I'm on OSX 10.6 by the way): Mail rejected by Windows Live Hotmail for policy reasons. We generally do not accept email from dynamic IP's as they are not typically used to deliver unauthenticated SMTP e-mail to an Internet mail server. http:/www.spamhaus.org maintains lists of dynamic and residential IP addresses. If you are not an email/network admin please contact your E-mail/Internet Service Provider for help. Email/network admins, please visit http://postmaster.live.com for email delivery information and support They must think I'm a spammer. I have a dynamic IP and my ISP (Charter) won't let me get a static one, so I tried editing git preferences: git config --global user.email "[email protected]" to my gmail account. However I got the exact same message again. My guess is that it has something to do with the native mail's preferences, but I have no idea how to access them or modify them. Anybody have any ideas for solving this? Thanks!

Read the article

< Previous Page | 212 213 214 215 216 217 218 219 220 221 222 223 | Next Page >