Search Results

Search found 120608 results on 4825 pages for 'code access security'.

Page 219/4825 | < Previous Page | 215 216 217 218 219 220 221 222 223 224 225 226 | Next Page >

Using source code with no license

- by nathansizemore

I've recently come across a publicly viewable project on Github that has no license associated with it. In this repo, there is a file with the logic and most of the code needed to work as a piece of a project I am working on. Not verbatim, but about 60% of it I'd like to use with various modifications. Once my code base is a little bit more stable, I plan to release what I've done under the WTFPL License. I've emailed the repo owner, and so far have not gotten a reply. I know I have the rights to fork the repo, but if I release a stripped down and modified version of the other project's file with mine, under the WTFPL, am I infringing on copyrights? Per Github's Terms of Service, by submitted a project on Github and making it viewable to the public, you are allowing other users to see and fork your project. Doesn't say anything about modifying, distributing, or using the fork. And at what point of modification to the original does it become owned by me?

Read the article
Motivating yourself to actually write the code after you've designed something

- by dpb

Does it happen only to me or is this familiar to you too? It's like this: You have to create something; a module, a feature, an entire application... whatever. It is something interesting that you have never done before, it is challenging. So you start to think how you are going to do it. You draw some sketches. You write some prototypes to test your ideas. You are putting different pieces together to get the complete view. You finally end up with a design that you like, something that is simple, clear to everybody, easy maintainable... you name it. You covered every base, you thought of everything. You know that you are going to have this class and that file and that database schema. Configure this here, adapt this other thingy there etc. But now, after everything is settled, you have to sit down and actually write the code for it. And is not challenging anymore.... Been there, done that! Writing the code now is just "formalities" and makes it look like re-iterating what you've just finished. At my previous job I sometimes got away with it because someone else did the coding based on my specifications, but at my new gig I'm in charge of the entire process so I have to do this too ('cause I get payed to do it). But I have a pet project I'm working on at home, after work and there is just me and no one is paying me to do it. I do the creative work and then when time comes to write it down I just don't feel like it (lets browse the web a little, see what's new on P.SE, on SO etc). I just want to move to the next challenging thing, and then to the next, and the next... Does this happen to you too? How do you deal with it? How do you convince yourself to go in and write the freaking code? I'll take any answer.

Read the article
Solera Networks Threat Predictions for 2012, Solutions

Legitimate sites are often trusted by their visitors, which makes them a perfect target for cybercriminals. Solera lists attacks on legitimate, yet compromised sites as a growing trend for 2012 due to the increased amount of such sites containing unpatched vulnerabilities. Once compromised, hackers can use the legitimate sites to redirect unsuspecting visitors and put them in harm's way. According to Solera, malicious spam is another undesirable item that should increase in 2012. Various methods, such as email, instant messaging, attachments, malicious links, and social networks will cont...

Read the article
methods DSA_do_verify and SHA1 (OpenSSL library for Windows)

- by Rei

i am working on a program to authenticate an ENC signature file by using OpenSSL for windows, and specifically methods DSA_do_verify(...) and SHA1(...) hash algorithm, but is having problems as the result from DSA_do_verify is always 0 (invalid). I am using the signature file of test set 4B from the IHO S-63 Data Protection Scheme, and also the SA public key (downloadable from IHO) for verification. Below is my program, can anyone help to see where i have gone wrong as i have tried many ways but failed to get the verification to be valid, thanks.. The signature file from test set 4B // Signature part R: 3F14 52CD AEC5 05B6 241A 02C7 614A D149 E7D6 C408. // Signature part S: 44BB A3DB 8C46 8D11 B6DB 23BE 1A79 55E6 B083 7429. // Signature part R: 93F5 EF86 1FF6 BA6F 1C2B B9BB 7F36 0C80 2F9B 2414. // Signature part S: 4877 8130 12B4 50D8 3688 B52C 7A84 8E26 D442 8B6E. // BIG p C16C BAD3 4D47 5EC5 3966 95D6 94BC 8BC4 7E59 8E23 B5A9 D7C5 CEC8 2D65 B682 7D44 E953 7848 4730 C0BF F1F4 CB56 F47C 6E51 054B E892 00F3 0D43 DC4F EF96 24D4 665B. // BIG q B7B8 10B5 8C09 34F6 4287 8F36 0B96 D7CC 26B5 3E4D. // BIG g 4C53 C726 BDBF BBA6 549D 7E73 1939 C6C9 3A86 9A27 C5DB 17BA 3CAC 589D 7B3E 003F A735 F290 CFD0 7A3E F10F 3515 5F1A 2EF7 0335 AF7B 6A52 11A1 1035 18FB A44E 9718. // BIG y 15F8 A502 11C2 34BB DF19 B3CD 25D1 4413 F03D CF38 6FFC 7357 BCEE 59E4 EBFD B641 6726 5E5F 0682 47D4 B50B 3B86 7A85 FB4D 6E01 8329 A993 C36C FD9A BFB6 ED6D 29E0. dataServer_pkeyfile.txt (extracted from above) // BIG p C16C BAD3 4D47 5EC5 3966 95D6 94BC 8BC4 7E59 8E23 B5A9 D7C5 CEC8 2D65 B682 7D44 E953 7848 4730 C0BF F1F4 CB56 F47C 6E51 054B E892 00F3 0D43 DC4F EF96 24D4 665B. // BIG q B7B8 10B5 8C09 34F6 4287 8F36 0B96 D7CC 26B5 3E4D. // BIG g 4C53 C726 BDBF BBA6 549D 7E73 1939 C6C9 3A86 9A27 C5DB 17BA 3CAC 589D 7B3E 003F A735 F290 CFD0 7A3E F10F 3515 5F1A 2EF7 0335 AF7B 6A52 11A1 1035 18FB A44E 9718. // BIG y 15F8 A502 11C2 34BB DF19 B3CD 25D1 4413 F03D CF38 6FFC 7357 BCEE 59E4 EBFD B641 6726 5E5F 0682 47D4 B50B 3B86 7A85 FB4D 6E01 8329 A993 C36C FD9A BFB6 ED6D 29E0. Program abstract: QbyteArray pk_data; QFile pk_file("./dataServer_pkeyfile.txt"); if (pk_file.open(QIODevice::Text | QIODevice::ReadOnly)) { pk_data.append(pk_file.readAll()); } pk_file.close(); unsigned char ptr_sha_hashed[20]; unsigned char *ptr_pk_data = (unsigned char *)pk_data.data(); // openssl SHA1 hashing algorithm SHA1(ptr_pk_data, pk_data.length(), ptr_sha_hashed); DSA_SIG *dsasig = DSA_SIG_new(); char ptr_r[] = "93F5EF861FF6BA6F1C2BB9BB7F360C802F9B2414"; //from tset 4B char ptr_s[] = "4877813012B450D83688B52C7A848E26D4428B6E"; //from tset 4B if (BN_hex2bn(&dsasig->r, ptr_r) == 0) return 0; if (BN_hex2bn(&dsasig->s, ptr_s) == 0) return 0; DSA *dsakeys = DSA_new(); //the following values are from the SA public key char ptr_p[] = "FCA682CE8E12CABA26EFCCF7110E526DB078B05EDECBCD1EB4A208F3AE1617AE01F35B91A47E6DF63413C5E12ED0899BCD132ACD50D99151BDC43EE737592E17"; char ptr_q[] = "962EDDCC369CBA8EBB260EE6B6A126D9346E38C5"; char ptr_g[] = "678471B27A9CF44EE91A49C5147DB1A9AAF244F05A434D6486931D2D14271B9E35030B71FD73DA179069B32E2935630E1C2062354D0DA20A6C416E50BE794CA4"; char ptr_y[] = "963F14E32BA5372928F24F15B0730C49D31B28E5C7641002564DB95995B15CF8800ED54E354867B82BB9597B158269E079F0C4F4926B17761CC89EB77C9B7EF8"; if (BN_hex2bn(&dsakeys->p, ptr_p) == 0) return 0; if (BN_hex2bn(&dsakeys->q, ptr_q) == 0) return 0; if (BN_hex2bn(&dsakeys->g, ptr_g) == 0) return 0; if (BN_hex2bn(&dsakeys->pub_key, ptr_y) == 0) return 0; int result; //valid = 1, invalid = 0, error = -1 result = DSA_do_verify(ptr_sha_hashed, 20, dsasig, dsakeys); //result is 0 (invalid)

Read the article
How to reduce errors in dynamic language such as python, and improve my code quality

- by Martin Luo

I post the origin question in stackoverflow, some people suggest me to post here I've always have trouble with dynamic language like Python. Several problems: Typo error, I can use pylint to reduce some of these errors. But there's still some errors that pylint can not figure out. Object type error, I often forgot what type of the parameter is, int? str? some object? Also, forgot the type of some object in my code. Unit test might help me sometimes, but I'm not always have enough time to do UT. When I need a script to do a small job, the line of code are 100 - 200 lines, not big, but I don't have time to do the unit test, because I need to use the script as soon as possible. So, many errors appear. So, any idea on how to reduce the number of these problems?

Read the article
Placing of copyright notice in source code

- by Diana Dcn

I'm about to release a project of mine that I'm really proud of under the GNU GPL and I have some questions: Should one attach a copyright notice on each and every source code file from their project? I think it's a bit ridiculous to claim copyright on a 3 line abstract class. Should I attach a copyright notice only to really important source code files? Can I not attach the whole standard thingy? Because it's big and bulky and gets in the way... If so, is the variant below ok/enough? Copyright year firstname lastname. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation.

Read the article
Microsoft Unveils New Logo

Indeed, with those four familiar colored squares - set in a bigger square rather than standing on a point in a diamond - Microsoft's new corporate logo seems almost inevitable. As you'd expect, the company's name makes up part of the logo, but instead of the thick italic letters it has used for the past two and a half decades, it's in a more standard, lighter font. Jeff Hansen, Microsoft's general manager of brand strategy, notes that the point of the new logo is to signal the heritage but also signal the future - a newness and a freshness. It's very fitting when you consider just how many...

Read the article
Situations that require protecting files against tampering when stored on a users computer

- by Joel

I'm making a 'Pokémon Storage System' with a Client/Server model and as part of that I was thinking of storing an inventory file on the users computer which I do not wish to be edited except by my program. An alternative to this would be to instead to store the inventory file on the server and control it's editing by sending commands to the server but I was wondering if there are any situations which require files to be stored on a users computer where editing would be undesirable and if so how do you protect the files? I was thinking AES with some sort of checksum?

Read the article
How do you determine whether a website is a scam [closed]

- by Tom

What's the best way to determine if a website is a scam. For example, at first sight (no pun intended) the following website seems to be legitimate. But the price of the product is suspiciously low (all the reviews point to an RRP of approximately £1000). http://www.maxiargos.com/index.php/asus-zenbook-ux31e-dh72-13-3-inch-thin-and-light-ultrabook-silver-aluminum.html Another indication is the lack of SSL for the checkout page, and lack of useful information in the WHOIS record. Registration Service Provided By: TMDHOSTING Contact: +1.8665325635 Domain Name: MAXIARGOS.COM Registrant: PrivacyProtect.org Domain Admin ([email protected]) ID#10760, PO Box 16 Note - All Postal Mails Rejected, visit Privacyprotect.org Nobby Beach null,QLD 4218 AU Tel. +45.36946676 Creation Date: 09-Nov-2011 Expiration Date: 09-Nov-2012 Domain servers in listed order: ns1.tmdhosting410.com ns2.tmdhosting410.com Administrative Contact: PrivacyProtect.org Domain Admin ([email protected]) ID#10760, PO Box 16 Note - All Postal Mails Rejected, visit Privacyprotect.org Nobby Beach null,QLD 4218 AU Tel. +45.36946676 Technical Contact: PrivacyProtect.org Domain Admin ([email protected]) ID#10760, PO Box 16 Note - All Postal Mails Rejected, visit Privacyprotect.org Nobby Beach null,QLD 4218 AU Tel. +45.36946676 Billing Contact: PrivacyProtect.org Domain Admin ([email protected]) ID#10760, PO Box 16 Note - All Postal Mails Rejected, visit Privacyprotect.org Nobby Beach null,QLD 4218 AU Tel. +45.36946676

Read the article
Can I use Ubuntu as a wireless media server which performs all decoding/processing server-side?

- by AthloX

I want to setup UBUNTU 12.04 desktop as Home media server. I have window 7 netbook and UBUNTU 12.04lts laptop even a samsun galaxy note tablet (android). Two desktop in other room with dualboot win7 and ubuntu. SHARP AQUOS Plasma Tv with Wi-Fi connected. I want to install ubuntu as media server to stream audio/video files over wi-fi. Not only this i want this media server to use its own processing power to decode ans stream so that on remote end only file can play without using their own resource. Is it possible to use ubuntu as media server to stream files without making the remote end to use there own resource. I want only bandwidth of Wi-Fi to be use in this and media center hardware resource.Remote end gadget should use only speaker and screen and not processing power of their own. Please any suggestion is it possible to do so ?

Read the article
How do I safely use a virus infected USB drive in Ubuntu?

- by suhridk

I have an USB drive which I know is virus infected (an anti-virus on my friend's machine detected it). Unfortunately neither of us know the virus name and I don't want to take the risk of plugging it to my Windows box again. Of course, in all probability the virus affects only Windows. (But I'm not sure) I want to know if I can safely plug the USB into my Ubuntu Lucid laptop and copy the stuff I need from the drive. If there are some precautions I need to follow what would they be?

Read the article
Handling & processing credit card payments

- by Bob Jansen

I'm working on program that charges customers on a pay as you go per month modal. This means that instead of the customers paying their invoices at the start of the month, they will have to pay at the end of the month. In order to secure the payments I want my customers credit card information stored so that they can be charged automatically at the end of the month. I do not have the resources, time, or risk to handle and store my customers credit card information on my servers and am looking for a third party solution. I'm a tad overwhelmed by all the different options and services that are out there and was wondering if anyone with experience have any recommendations and tips. I'm having difficulty finding services that allow me to to store my customers credit card information and charge them automatically. Most of them seem to offer an invoice styled approach.

Read the article
Roanoke Code Camp 2014

- by Brian Lanham

Originally posted on: http://geekswithblogs.net/codesailor/archive/2014/05/18/156407.aspxI had a great time yesterday at Roanoke Code Camp! Many thanks to American National University for the venue, the code camp staff and volunteers, the other speakers, and of course the attendees who made my sessions interactive. I learned a lot yesterday and it was a good time all around. I attended sessions on Apache Cassandra by Dr. Dave King (@tildedave), Angular JS by Kevin Israel (@kevadev), and JavaScript for Object-Oriented Programmers by Joel Cochran (@joelcochran). I regret I was unable to attend all the sessions. I also had the opportunity to present. I spoke on Redis and got some people excited about graph databases by talking about Neo4j. You can find my slides and other materials at the following links: My Presentation Materials Folder Redis Materials – Slides - Snippets Neo4j Materials – Slides - Snippets If you have any trouble getting any of the materials just respond to this post or tweet me @codesailor and I will make sure you get the information you need.

Read the article
How to protect own software from copying [closed]

- by Zzz

Possible Duplicate: How do you prevent the piracy of your software? Is possible to protect some file from copying if you are administrator of machine? I heard some story about some behavior: one software developer sells his software in some way. He is installing it on every client's computer and this software does not work on other computers or cannot be copied physically. How to implement the first and second protection. Is it effectively protection if software costs about $100 for all copies across client's company?

Read the article
Where's the source code?

- by Kyle Burns

I've been contacted by several people through this blog asking about the missing source code for the "Beginning Windows 8 Application Development - XAML Edition" book (the book is available at http://www.amazon.com/gp/product/1430245662/http://www.amazon.com/gp/product/1430245662/) and wanted to share this with others who may have come to this blog looking for it but may not have communicated with me. The publisher (Apress) does know that the source code is not posted on the book's product page and will be correcting it. Apress is located in New York City and things were slowed down a little bit last week due to the storm, but I've been assured they will be correcting the product page as soon as they can. Thanks to everyone who has bought the book and I especially appreciate your patience.

Read the article
Did Microsoft Add Wiretapping Capability to Skype?

Ryan Gallagher, writing for Slate, put two and two together from a lot of no comments. He noted that back in 2007, German police forces said that they couldn't tap into Skype calls because of of its strong encryption and complicated peer-to-peer network connections; in fact, Skype bluntly stated at the time that, due to its encryption and architecture techniques, it couldn't conduct wiretaps. But that may have changed. Gallagher cited a Forbes article that claims the hacker community is talking about recent changes to Skype's architecture and whether they will allow users to be wiretapped. ...

Read the article
Managing Spanish Code

- by Sajith S Narayanan

Hi All, We have a new project from a client who is Spanish and has all his Java code and comments, variables, method names in Spanish. We are not permitted to convert it into English and then use them. If any of you have worked in such a condition, can you advice what can be done to mitigate this risk as we have to do new developments and this is a major show stopper.. Their Java project has a mix of EJBs, Struts, Custom Framework and more than 10000 Java Files with atleast total of 200k lines of code (min. estimate) and is deployed using Weblogic Server 10 Regards, Dazzlers

Read the article
25 Passwords to Avoid to Thwart Hackers

SplashData, a vendor of smartphone productivity applications for consumers and businesses, recently released a list of the top 25 most commonly used passwords for 2011. The company compiled the list after analyzing files of stolen passwords that hackers posted online to share with their cybercriminal colleagues. Without further adieu, here is the list of passwords that made SplashData's top 25: password, 123456, 12345678, qwerty, abc123, monkey, 1234567, letmein, trustno1, dragon, baseball, 111111, iloveyou, master, sunshine, ashley, bailey, passw0rd, shadow, 123123, 654321, superman, qazwsx...

Read the article
No GUI, No internet connection, please help 12.04

- by KB_

I am new to Ubuntu and I tried to install ubuntu server 12.04 on my laptop. now my problem is - I am unable to connect to the internet (I have wifi ONLY connection). ubuntu didn't recognize my built-in wifi on my Toshiba Satellite L505. There is no GUI. I have Terminal only, I tried Sudo apt-get update but i am getting errer msg because of no connection. 1. I need to know if there is any possible way that i can download and install driver for my wifi. 2. what other option do i have to be able to update ubuntu. Thanks KB

Read the article
How to backup encrypted home in encrypted form only?

- by Eric

I want to backup the encrypted home of a user who might be logged in at backup time. Which directories should I backup if I want to ensure that absolutely no plaintext data can be leaked? Are the following folders always encrypted? /home/user/.Private /home/user/.ecryptfs Just want to make sure that no data leaks, as the backup destination is untrustworthy. Edit: Yes, as Lord of Time has suggested, I'd like to know which folders and/or files I need to backup if I need to store only encrypted content in a way that allows me to recover it later with the right passphrase.

Read the article
Identity Management: The New Olympic Sport

- by Naresh Persaud

How Virgin Media Lit Up the London Tube for the Olympics with Oracle If you are at Open World and have an interest in Identity Management, this promises to be an exciting session. Wed, October 3rd Session CON3957: Delivering Secure Wi-Fi on the Tube as an Olympics Legacy from London 2012 Session Time: 11:45am-12:45pm Session Location: Moscone West L3, Room 3003 Speakers: Perry Banton - IT Architect, Virgin Media Ben Bulpett - Director, aurionPro SENA In this session, Virgin Media, the U.K.'s first combined provider of broadband, TV, mobile, and home phone services, shares how it is providing free secure Wi-Fi services to the London Underground, using Oracle Virtual Directory and Oracle Entitlements Server, leveraging back-end legacy systems that were never designed to be externalized. As an Olympics 2012 legacy, the Oracle architecture will form a platform to be consumed by other Virgin Media services such as video on demand. Click here for more information.

Read the article
How to solve: "Connect to host some_hostname port 22: Connection timed out"

- by Aufwind

I have two Ubuntu machines. Both have openssh-client and openssh-server installed on them. ssh-ing from machine G (fresh Ubuntu 11.10 installation) to machine K works great. But ssh-ing from machine K to machine G results always in the Error: Connect to host some_hostname port 22: Connection timed out I went through the troubleshooting section of help.ubuntu.com and I got the following results: ps -A | grep sshd # results in 848 ? 00:00:00 sshd - sudo ss -lnp | grep sshd # results in 0 128 :::22 :::* users:(("sshd",848,4)) 0 128 *:22 *:* users:(("sshd",848,3)) - ssh -v localhost # works! - sudo ufw status verbose # yields: "Status: inactive" I haven't change anything in the config file. What can I do to locate the Problem and solve it? Glad about every hint! Edit: ping was succesful in both directions! I did a telnet <machineK> 22 from machin G which resulted in Trying and then in telnet: Unable to connect to remote host: Connection timed out. But telnet the other way around worked just fine! Edit 2: ssh start/running, process 966 # yields: ssh start/running, process 966 /etc/hostname # contains my hostname, let's call it blubb /etc/hosts # contains the following 127.0.0.1 localhost # 127.0.1.1 blubb 129.26.68.74 blubb # I added this! - sudo service ufw status # yields: ufw start/running I installed Gufw and set it to ON. Then I selected from Incoming the option ALLOW. Then I sshed to another machine from where I sshed back to my machine. Still the same error as above: connect to host blubb port 22: Connection timed out Any more hints, what I can check?

Read the article
Display current layout (language code/country flag) in keyboard indicator

- by Jono

Just upgraded from 10.04 to 10.10, and the keyboard indicator applet no longer displays the two-letter country code for the active layout. This is terrible. Is this the default behaviour? Anyone using two layouts can't tell which language they're in. I can't seem to find the setting for this, it used to be in the preferences for keyboard layout. Update 1: In case this wasn't obvious - I have two keyboard layouts - English and Hebrew. I just upgraded form 10.04, where the country code (USA/IL) was displayed, overlaid on the flag. Now all I get is a vague keyboard icon, and can't find the settings for this. Update 2: this seems to be a bug that people have been reporting since Lucid, and is now back in Maverick

Read the article
How to print over ssh?

- by mit

I have the following configuration: P == U ---------------- W P is a HP Laserjet, connected to U, which is an Ubuntu 10.04 desktop machine with a standard gnome setup from the live cd. I just selected the HP Laserjet in the gnome printer admin and it works, I can print locally. W is a remote windows machine, server 2003, and --- is an untrusted connection. I wonder if I can create an ssh tunnel between U and W, so W can print using U's printer service. Which ports will I need to forward and what kind of printer must I add then on the windows machine?

Read the article
Is it important to obfuscate C++ application code?

- by user827992

In the Java world, it seems to sometimes be a problem, but, what about C++? Are there different solutions? I was thinking about the fact that someone can replace the C++ library of a specific OS with a different version of the same library, but full of debug symbols to understand what my code does. IS tt a good thing to use standard or popular libraries? This can also happen with some dll library under Windows replaced with the "debug version" of that library. Is it better to prefer static compilation? In commercial applications, I see that for the core of their app they compile everything statically and for the most part the dlls (dynamic libraries in general) are used to offer some third party technologies like anti-piracy solutions (I see this in many games), GUI library (like Qt), OS libraries, etc. Is static compilation the equivalent to obfuscation in the Java world? In better terms, is it the best and most affordable solution to protect your code?

Read the article

< Previous Page | 215 216 217 218 219 220 221 222 223 224 225 226 | Next Page >