Search Results

Search found 120608 results on 4825 pages for 'code access security'.

Page 220/4825 | < Previous Page | 216 217 218 219 220 221 222 223 224 225 226 227  | Next Page >

• How to do a login page for third party service without letting them sign on?

  - by AAA

  We have a unique situation (at least for me, first time seeing this). We have a web form where accountants can fill in requests and that part is taken care of. But after their login we redirect them to a third-party website where we need more information from them. The process is crazy right now since we have to give our account login info to all people filing with us. So is there a way in PHP or any other solution where we can after that form on our website auto login with our information to that third party website in a way that our credentials are not visible to the users using the service?

  Read the article

• Some hint to program a webservice "by subscription"

  - by Eagle

  I have some web sites programmed, I know to do it with python and PHP basically. Normally they are simple web sites, but now I want to provide REST web services but only for allowed users (allowed by me). I saw that a lot of services uses the "KEY" and "SECRET_KEY" concepts, which seems to be what I need (if I understand it right). My suppositions are: If I only do a GET service to retrieve, e.g., all my clients, without anymore, anyone can retrieve my clients without limitations. I will need some KEY generator to provide keys for my allowed users, so they can use my webservices. Only with a KEY is not enough: someone can steal a KEY and supplant my user (and this is the reason because exists a SECRET_KEY, right?). If all this is right, how can I make/use a system like that in my web services? Some open source example? Or maybe there are another easy solutions I'm not considering? My objective is to allow some users to use my web services.

  Read the article

• How to set Ubuntu as wireless accespoint in the GUI way?

  - by Agmenor

  My aim is to make my Ubuntu machine be a wireless accesspoint using wifi. Of course I found two AskUbuntu questions already treating that; this one and that one. Nevertheless, as far as I am concerned I would like to set up such a network in the Graphical User Interface (GUI) way. Please avoid solutions with the command line. So a solution suggesting to use Network Manager would be really welcomed. Please name and describe very precisely each step, so I can easily find the equivalent in my own language. Thank you for your answers!

  Read the article

• No GUI, No internet connection, please help 12.04

  - by KB_

  I am new to Ubuntu and I tried to install ubuntu server 12.04 on my laptop. now my problem is - I am unable to connect to the internet (I have wifi ONLY connection). ubuntu didn't recognize my built-in wifi on my Toshiba Satellite L505. There is no GUI. I have Terminal only, I tried Sudo apt-get update but i am getting errer msg because of no connection. 1. I need to know if there is any possible way that i can download and install driver for my wifi. 2. what other option do i have to be able to update ubuntu. Thanks KB

  Read the article

• Disadvantages of a fake phpMyAdmin honeypot that causes ip blacklisting and robots.txt disallow/exclusion of the honeypot?

  - by Tchalvak

  I'm trying to figure out whether I should set up a honeypot system with a fake phpMyAdmin (site gets hits all the time with people spidering for insecurities with that app). My thought was to create a honeypot php script that would mimic a phpMyAdmin login, and then blacklist ips that hit that url (and aren't already whitelisted). I would then add the appropriate urls to the robots.txt so that spiders that actually respect my robots.txt wouldn't be caught by the blacklist. Are there disadvantages to this approach, do legit robots sometimes not respect robots.txt in certain circumstances, are there any problems with this that I should consider in advance?

  Read the article

• How to Configure Windows Defender

  The existence of spyware and other unwanted irritations on the Web is so widespread that keeping your PC protected is an absolute must. Microsoft responded to this need with the inclusion of its Windows Defender program with Windows 7. Windows Defender does exactly what its name suggests, which is to defend your PC from spyware and other malicious programs. It does this first with real-time protection that notifies you if any spyware tries to run on your computer or if a program tries to change any vital settings in Windows. Windows Defender also helps to keep your computer protected thro...

  Read the article

• Identify "non-secure" content IE warns about [on hold]

  - by Doug Harris

  As many know, if you serve a page over https and the content loads resources (images, stylesheets, js, SWF objects, etc) over http, older versions of Internet Explorer will show the user a warning saying "This page contains both secure and non-secure items". This is discomforting to many non-technical users. Usually, I can look at the HTML source and identify which item(s) are triggering this error. Sometimes a Flash object will load something else or some embedded javascript will put a new object in the DOM and trigger this. What tools are good for quickly tracking down the source of the warning?

  Read the article

• What Language is unity written in?

  - by John

  What Language is Unity written in? Also, where can i get its source code? I have an idea for a windowing enviroment or shell (dont know what to call it). What i want to do is teach myself to create it. i like some of several ideas i have seen, but i want to redo all of them, also the concept of how a desktop works. I figured learning the language Unity is written in, and studying Unity and Gnomes code would be a good start. i am on Ubuntu 12.04 acer aspire 5920 3 gb ram 160 gb hard drive

  Read the article

• How to protect own software from copying [closed]

  - by Zzz

  Possible Duplicate: How do you prevent the piracy of your software? Is possible to protect some file from copying if you are administrator of machine? I heard some story about some behavior: one software developer sells his software in some way. He is installing it on every client's computer and this software does not work on other computers or cannot be copied physically. How to implement the first and second protection. Is it effectively protection if software costs about $100 for all copies across client's company?

  Read the article

• How to print over ssh?

  - by mit

  I have the following configuration: P == U ---------------- W P is a HP Laserjet, connected to U, which is an Ubuntu 10.04 desktop machine with a standard gnome setup from the live cd. I just selected the HP Laserjet in the gnome printer admin and it works, I can print locally. W is a remote windows machine, server 2003, and --- is an untrusted connection. I wonder if I can create an ssh tunnel between U and W, so W can print using U's printer service. Which ports will I need to forward and what kind of printer must I add then on the windows machine?

  Read the article

• Is there such a thing as having too many private functions/methods?

  - by shovonr

  I understand the importance of well documented code. But I also understand the importance of self-documenting code. The easier it is to visually read a particular function, the faster we can move on during software maintenance. With that said, I like to separate big functions into other smaller ones. But I do so to a point where a class can have upwards of five of them just to serve one public method. Now multiply five private methods by five public ones, and you get around twenty-five hidden methods that are probably going to be called only once by those public ones. Sure, it's now easier to read those public methods, but I can't help but think that having too many functions is bad practice.

  Read the article

• Code snippets in interview

  - by Maddy

  Hi All, Recently I went to an interview for a C development position. Instead of asking me questions, they just gave me 20 code snippets to find out two logical errors on each one. I just couldn't complete all of the 20 since it took me time to go through each of these code snippets. My question is: Is this the right way to judge a candidate? If yes, how can I improve over my error detection skills so that I don't need to waste a lot of time in the next interview? If possible, please, suggest me some links where I could find lots of samples of such questions (mainly in C). Thanks and regards, Maddy

  Read the article

• Is file permission secured when it transferred from Ubuntu to Windows?

  - by Gaurav_Java

  I am having 9GB text file which is encrypted . This file contains some confidential data . Which is on my system(Ubuntu) and my external HDD (ntfs) . This file get daily updated and then encrypted . But it has to be shared among 2-3 (Windows) person. I defined permission so that no other person can even read this file(chmod 660). It is too large file, so I can't upload it anywhere and it get updated daily basis. But this file travel on Windows OS and Ubuntu also. Even I am having copy of this on my personal computer. Recently it was deleted by some other user over Windows . I just want to know how can I set permission over that file so that it cannot be deleted from any other operating system. If someone delete this file, then I am having data old for couple of days, which is only on my system. I gone through this question it says there is nothing. And from this question I am not able to understand how can I protect it. Can I do anything for preventing this file from being deleted. Then how can I secure this files from getting deleted any suggestion or software or ideas. Maybe I sound silly or this is stupid question. Please don't close it, thanks for any suggestion or solution.

  Read the article

• Display current layout (language code/country flag) in keyboard indicator

  - by Jono

  Just upgraded from 10.04 to 10.10, and the keyboard indicator applet no longer displays the two-letter country code for the active layout. This is terrible. Is this the default behaviour? Anyone using two layouts can't tell which language they're in. I can't seem to find the setting for this, it used to be in the preferences for keyboard layout. Update 1: In case this wasn't obvious - I have two keyboard layouts - English and Hebrew. I just upgraded form 10.04, where the country code (USA/IL) was displayed, overlaid on the flag. Now all I get is a vague keyboard icon, and can't find the settings for this. Update 2: this seems to be a bug that people have been reporting since Lucid, and is now back in Maverick

  Read the article

• Significant number of non-HTTP requests hitting my site

  - by Mark Westling

  I'm seeing a significant number of non-HTTP requests hitting a site I just launched. They show up in the server (nginx) logs as non-ASCII and get rejected (correctly) with a 400 status. Here are some lines from the log: 95.132.198.189 - - [09/Jan/2011:13:53:30 -0500] "œ$A\x10õœ²É9J" 400 173 "-" "-" 79.100.145.126 - - [09/Jan/2011:13:57:42 -0500] "#§i²¸oYi á¹„\x13VJ—x·—œ\x04N \x1DÔvbÛè½\x10§¬\x1E0œ_^¼+\x09ÜÅ\x08DÌÃiJeT€¿æ]œr\x1EëîyIÐ/ßýúê5Ǹ" 400 173 "-" "-" 79.100.145.126 - - [09/Jan/2011:13:58:33 -0500] "¯Ú%ø=Œ›D@\x12¼\x1C†ÄÀe\x015mˆàd˜Û%pÛÿ" 400 173 "-" "-" What should I make of this? Is this some sort of scripted attack? Or could these be correct requests that have somehow been garbled? They're not affecting the performance of the site and I'm not seeing any other signs of attacks (e.g., no strange POSTs) so at this point I'm more curious than afraid.

  Read the article

• MCrypt Module, Rijndael-256

  - by WernerCD

  An outside company is redoing our company Intranet. During some basic usage I disovered that the "User Edit" screens, with the "Password: *" boxes have the password in plain text, with the text box "type=password" to "hide" the password. The passwords are not store in the database as plain text, they are stored encrypted using "rijndael-256" cypher using the mcrypt module. I know that if I encrypt a password with SHA*, the password is "Unrecoverable" via one-way encryption. Is the same of MCrypt Rijndael-256 encryption? Shouldn't an encrypted password be un-recoverable? Are they blowing smoke up my rear or just using the wrong technology?

  Read the article

• Setting to protect gnome-terminal from key logging

  - by yanychar

  Looks like it is easy to log keystrokes of all processes of the same user. A basic keylogger is 'xinput'. xinput test-xi2 The command generates log of all key-presses. Unfortunately, this includes passwords in gnome-terminal. Googling suggested that grabbing keyboard may prevent other windows from capturing key strokes. Is there a way to prevent XI2 logging in gnome-terminal? Or is there an X terminal that has this feature?

  Read the article

• What are some internet trends that you've noticed over the past ~10 years? [closed]

  - by Michael

  I'll give an example of one that I've noticed: the number of web sites that ask for your email address (GOOG ID, YAHOO! ID, etc.) has skyrocketed. I can come up with no legitimate reason for this other than (1) password reset [other ways to do this], or (2) to remind you that you have an account there, based upon the time of your last visit. Why does a web site need to know your email address (Google ID, etc.) if all you want to do is... download a file (no legit reason whatsoever) play a game (no legit reason whatsoever) take an IQ test or search a database (no legit reason whatsoever) watch a video or view a picture (no legit reason whatsoever) read a forum (no legit reason whatsoever) post on a forum (mildly legit reason: password reset) newsletter (only difference between a newsletter and a blog is that you're more likely to forget about the web site than you are to forget about your email address -- the majority of web sites do not send out newsletters, however, so this can't be the justification) post twitter messages or other instant messaging (mildly legit reason: password reset) buy something (mildly legit reasons: password reset + giving you a copy of a receipt that they can't delete, as receipts stored on their server can be deleted) On the other hand, I can think of plenty of very shady reasons for asking for this information: so the NSA, CIA, FBI, etc. can very easily track what you do by reading your email or asking GOOG, etc. what sites you used your GOOG ID at to use the password that you provide for your account in order to get into your email account (most people use the same password for all of their accounts), find all of your other accounts in your inbox, and then get into all of those accounts sell your email address to spammers These reasons, I believe, are why you are constantly asked to provide your email address. I can come up with no other explanations whatsoever. Question 1: Can anyone think of any legitimate or illegitimate reasons for asking for someone's email address? Question 2: What are some other interesting internet trends of the past ~10 years?

  Read the article

• Making Agile and DevOps methodology compatible with PCI requirements

  - by kenchew

  Would like to hear from those working in a PCI compliance environment and is practicing agile development and devops methodology, how you maintain compliance with PCI requirements. Specifically, what do you do to address: separation of duties between development/test and production alignment of continuous integration / deployment and change control alignment of agile stories to requirement documentation

  Read the article

• Why does Facebook convert PHP code to C++?

  - by user72245

  I read that Facebook started out in PHP, and then to gain speed, they now compile PHP as C++ code. If that's the case why don't they: Just program in c++? Surely there must be SOME errors/bugs when hitting a magic compiler button that ports PHP to c++ code , right? If this impressive converter works so nicely, why stick to PHP at all? Why not use something like Ruby or Python? Note -- I picked these two at random, but mostly because nearly everyone says coding in those languages is a "joy". So why not develop in a super great language and then hit the magic c++ compile button?

  Read the article

• Anyone code at a treadmill desk? [closed]

  - by Sequenzia

  have been thinking about getting a treadmill desk for awhile now but I just don't know if it is possible to code at one. I can see doing a normal computer job while walking very slow but I just don't know if you can write code do it. Like a lot of people I could stand to lose weight and I am just not in shape anymore. I sit at my computer for at least 12 hours a day and then I am on my laptop for a few more hours. I need to do something to help my health. I also have been seeing a lot of reports about the long term health issues related to desk jobs. Like this. Before I drop a few hundred dollars on a new desk I am wondering if anyone has tried a treadmill desk and if so which one?

  Read the article

• Steps after SQL Injection detected

  - by Zukas

  I've come across SQL injection vulnerabilities on my companies ecommerce page. It was fairly poorly put together. I believe I have prevented future attempts however we are getting calls about fraudulent credit card charges on our site and others. This leads me to believe that someone was able to get a list of our credit card numbers. What doesn't make sense is that we don't store that information and we use Authorize.net for the transaction. If someone was able to get the CC#s, what should I do next? Inform ALL of our customers that someone broken into our system and stole their information? I have a feeling that will be bad for business.

  Read the article

• What are the pros and cons of non-unique display names?

  - by Davy8

  I know of at least big title game (Starcraft II) that doesn't require unique display names, so it would seem like it can work in at least some circumstance. Under what situations does allowing non-unique display names work well? When does it not work well? Does it come down to whether or not impersonation of someone else is a problem? The reasons I believe it works for Starcraft II is that there isn't any kind of in-game trading of virtual goods and other than "for kicks" there isn't much incentive to impersonate someone else in the game. There's also ladder rankings so even trying to impersonate a pro is easily detectable unless you're on a similar skill level. What are some other cases where it makes sense to specifically allow or disallow duplicate display names?

  Read the article

• mount remotely mybook live network drive

  - by bob

  I have a mybook live western digital 1TB hard disk connected to fritzbox 7270 router in office. When I am in the office, I can mount this drive to ubuntu since I have added to the etc/fstab file: //192.168.178.30/user /home/user/DISK cifs auto,iocharset=utf8,user=user%password 0 0 Is there a similar, easy & safe way, to do the same when I am out of the office using the static IP of the fritzbox router? I have already added tcp port forwarding in the router for ports 8080 (to 80 of the disk) and 8443 (to 443 of the disk). Thank you in advance

  Read the article

• Code maintenance: To add comments in code or to just leave it to the version control?

  - by Chillax

  We have been asked to add comments with start tags, end tags, description, solution etc for each change that we make to the code as part of fixing a bug / implementing a CR. My concern is, does this provide any added value? As it is, we have all the details in the Version control history, which will help us to track each and every change? But my leads are insisting on having the comments as a "good" programming practice. One of their argument is when a CR has to be de-scoped/changed, it would be cumbersome if comments are not there. Considering that the changes would be largely in between code, would it really help to add comments for each and every change we make? Shouldn't we leave it to the version control?

  Read the article

< Previous Page | 216 217 218 219 220 221 222 223 224 225 226 227  | Next Page >