Search Results

Search found 120608 results on 4825 pages for 'code access security'.

Page 220/4825 | < Previous Page | 216 217 218 219 220 221 222 223 224 225 226 227 | Next Page >

How to do a login page for third party service without letting them sign on?

- by AAA

We have a unique situation (at least for me, first time seeing this). We have a web form where accountants can fill in requests and that part is taken care of. But after their login we redirect them to a third-party website where we need more information from them. The process is crazy right now since we have to give our account login info to all people filing with us. So is there a way in PHP or any other solution where we can after that form on our website auto login with our information to that third party website in a way that our credentials are not visible to the users using the service?

Read the article
How to protect own software from copying [closed]

- by Zzz

Possible Duplicate: How do you prevent the piracy of your software? Is possible to protect some file from copying if you are administrator of machine? I heard some story about some behavior: one software developer sells his software in some way. He is installing it on every client's computer and this software does not work on other computers or cannot be copied physically. How to implement the first and second protection. Is it effectively protection if software costs about $100 for all copies across client's company?

Read the article
Some hint to program a webservice "by subscription"

- by Eagle

I have some web sites programmed, I know to do it with python and PHP basically. Normally they are simple web sites, but now I want to provide REST web services but only for allowed users (allowed by me). I saw that a lot of services uses the "KEY" and "SECRET_KEY" concepts, which seems to be what I need (if I understand it right). My suppositions are: If I only do a GET service to retrieve, e.g., all my clients, without anymore, anyone can retrieve my clients without limitations. I will need some KEY generator to provide keys for my allowed users, so they can use my webservices. Only with a KEY is not enough: someone can steal a KEY and supplant my user (and this is the reason because exists a SECRET_KEY, right?). If all this is right, how can I make/use a system like that in my web services? Some open source example? Or maybe there are another easy solutions I'm not considering? My objective is to allow some users to use my web services.

Read the article
Is there such a thing as having too many private functions/methods?

- by shovonr

I understand the importance of well documented code. But I also understand the importance of self-documenting code. The easier it is to visually read a particular function, the faster we can move on during software maintenance. With that said, I like to separate big functions into other smaller ones. But I do so to a point where a class can have upwards of five of them just to serve one public method. Now multiply five private methods by five public ones, and you get around twenty-five hidden methods that are probably going to be called only once by those public ones. Sure, it's now easier to read those public methods, but I can't help but think that having too many functions is bad practice.

Read the article
Identify "non-secure" content IE warns about [on hold]

- by Doug Harris

As many know, if you serve a page over https and the content loads resources (images, stylesheets, js, SWF objects, etc) over http, older versions of Internet Explorer will show the user a warning saying "This page contains both secure and non-secure items". This is discomforting to many non-technical users. Usually, I can look at the HTML source and identify which item(s) are triggering this error. Sometimes a Flash object will load something else or some embedded javascript will put a new object in the DOM and trigger this. What tools are good for quickly tracking down the source of the warning?

Read the article
How to Configure Windows Defender

The existence of spyware and other unwanted irritations on the Web is so widespread that keeping your PC protected is an absolute must. Microsoft responded to this need with the inclusion of its Windows Defender program with Windows 7. Windows Defender does exactly what its name suggests, which is to defend your PC from spyware and other malicious programs. It does this first with real-time protection that notifies you if any spyware tries to run on your computer or if a program tries to change any vital settings in Windows. Windows Defender also helps to keep your computer protected thro...

Read the article
What Language is unity written in?

- by John

What Language is Unity written in? Also, where can i get its source code? I have an idea for a windowing enviroment or shell (dont know what to call it). What i want to do is teach myself to create it. i like some of several ideas i have seen, but i want to redo all of them, also the concept of how a desktop works. I figured learning the language Unity is written in, and studying Unity and Gnomes code would be a good start. i am on Ubuntu 12.04 acer aspire 5920 3 gb ram 160 gb hard drive

Read the article
How to print over ssh?

- by mit

I have the following configuration: P == U ---------------- W P is a HP Laserjet, connected to U, which is an Ubuntu 10.04 desktop machine with a standard gnome setup from the live cd. I just selected the HP Laserjet in the gnome printer admin and it works, I can print locally. W is a remote windows machine, server 2003, and --- is an untrusted connection. I wonder if I can create an ssh tunnel between U and W, so W can print using U's printer service. Which ports will I need to forward and what kind of printer must I add then on the windows machine?

Read the article
Drop in service for account management, authentication, identity?

- by Mike Repass

I'm building an Android app and associated set of web services for uploading/downloading data. I need a basic (no frills) solution for account management (register, login, logout, verify credentials/token). What open source / third party solutions exist for this scenario? I need: create a new account db based on a salt simple web service to create a new account simple web service to authenticate supplied credentials and return some sort of token That's it, I can get by without 'fancy' email activation or password reset for the time being. Are there off-the-shelf components for this? Should I just use a 'blank' django or rails app to get this done? Seems crazy for everyone to be doing CREATE TABLE user_accounts ... Thoughts? Thank you.

Read the article
Is file permission secured when it transferred from Ubuntu to Windows?

- by Gaurav_Java

I am having 9GB text file which is encrypted . This file contains some confidential data . Which is on my system(Ubuntu) and my external HDD (ntfs) . This file get daily updated and then encrypted . But it has to be shared among 2-3 (Windows) person. I defined permission so that no other person can even read this file(chmod 660). It is too large file, so I can't upload it anywhere and it get updated daily basis. But this file travel on Windows OS and Ubuntu also. Even I am having copy of this on my personal computer. Recently it was deleted by some other user over Windows . I just want to know how can I set permission over that file so that it cannot be deleted from any other operating system. If someone delete this file, then I am having data old for couple of days, which is only on my system. I gone through this question it says there is nothing. And from this question I am not able to understand how can I protect it. Can I do anything for preventing this file from being deleted. Then how can I secure this files from getting deleted any suggestion or software or ideas. Maybe I sound silly or this is stupid question. Please don't close it, thanks for any suggestion or solution.

Read the article
No GUI, No internet connection, please help 12.04

- by KB_

I am new to Ubuntu and I tried to install ubuntu server 12.04 on my laptop. now my problem is - I am unable to connect to the internet (I have wifi ONLY connection). ubuntu didn't recognize my built-in wifi on my Toshiba Satellite L505. There is no GUI. I have Terminal only, I tried Sudo apt-get update but i am getting errer msg because of no connection. 1. I need to know if there is any possible way that i can download and install driver for my wifi. 2. what other option do i have to be able to update ubuntu. Thanks KB

Read the article
How to set Ubuntu as wireless accespoint in the GUI way?

- by Agmenor

My aim is to make my Ubuntu machine be a wireless accesspoint using wifi. Of course I found two AskUbuntu questions already treating that; this one and that one. Nevertheless, as far as I am concerned I would like to set up such a network in the Graphical User Interface (GUI) way. Please avoid solutions with the command line. So a solution suggesting to use Network Manager would be really welcomed. Please name and describe very precisely each step, so I can easily find the equivalent in my own language. Thank you for your answers!

Read the article
Display current layout (language code/country flag) in keyboard indicator

- by Jono

Just upgraded from 10.04 to 10.10, and the keyboard indicator applet no longer displays the two-letter country code for the active layout. This is terrible. Is this the default behaviour? Anyone using two layouts can't tell which language they're in. I can't seem to find the setting for this, it used to be in the preferences for keyboard layout. Update 1: In case this wasn't obvious - I have two keyboard layouts - English and Hebrew. I just upgraded form 10.04, where the country code (USA/IL) was displayed, overlaid on the flag. Now all I get is a vague keyboard icon, and can't find the settings for this. Update 2: this seems to be a bug that people have been reporting since Lucid, and is now back in Maverick

Read the article
Setting to protect gnome-terminal from key logging

- by yanychar

Looks like it is easy to log keystrokes of all processes of the same user. A basic keylogger is 'xinput'. xinput test-xi2 The command generates log of all key-presses. Unfortunately, this includes passwords in gnome-terminal. Googling suggested that grabbing keyboard may prevent other windows from capturing key strokes. Is there a way to prevent XI2 logging in gnome-terminal? Or is there an X terminal that has this feature?

Read the article
What are some internet trends that you've noticed over the past ~10 years? [closed]

- by Michael

I'll give an example of one that I've noticed: the number of web sites that ask for your email address (GOOG ID, YAHOO! ID, etc.) has skyrocketed. I can come up with no legitimate reason for this other than (1) password reset [other ways to do this], or (2) to remind you that you have an account there, based upon the time of your last visit. Why does a web site need to know your email address (Google ID, etc.) if all you want to do is... download a file (no legit reason whatsoever) play a game (no legit reason whatsoever) take an IQ test or search a database (no legit reason whatsoever) watch a video or view a picture (no legit reason whatsoever) read a forum (no legit reason whatsoever) post on a forum (mildly legit reason: password reset) newsletter (only difference between a newsletter and a blog is that you're more likely to forget about the web site than you are to forget about your email address -- the majority of web sites do not send out newsletters, however, so this can't be the justification) post twitter messages or other instant messaging (mildly legit reason: password reset) buy something (mildly legit reasons: password reset + giving you a copy of a receipt that they can't delete, as receipts stored on their server can be deleted) On the other hand, I can think of plenty of very shady reasons for asking for this information: so the NSA, CIA, FBI, etc. can very easily track what you do by reading your email or asking GOOG, etc. what sites you used your GOOG ID at to use the password that you provide for your account in order to get into your email account (most people use the same password for all of their accounts), find all of your other accounts in your inbox, and then get into all of those accounts sell your email address to spammers These reasons, I believe, are why you are constantly asked to provide your email address. I can come up with no other explanations whatsoever. Question 1: Can anyone think of any legitimate or illegitimate reasons for asking for someone's email address? Question 2: What are some other interesting internet trends of the past ~10 years?

Read the article
Code snippets in interview

- by Maddy

Hi All, Recently I went to an interview for a C development position. Instead of asking me questions, they just gave me 20 code snippets to find out two logical errors on each one. I just couldn't complete all of the 20 since it took me time to go through each of these code snippets. My question is: Is this the right way to judge a candidate? If yes, how can I improve over my error detection skills so that I don't need to waste a lot of time in the next interview? If possible, please, suggest me some links where I could find lots of samples of such questions (mainly in C). Thanks and regards, Maddy

Read the article
Significant number of non-HTTP requests hitting my site

- by Mark Westling

I'm seeing a significant number of non-HTTP requests hitting a site I just launched. They show up in the server (nginx) logs as non-ASCII and get rejected (correctly) with a 400 status. Here are some lines from the log: 95.132.198.189 - - [09/Jan/2011:13:53:30 -0500] "œ$A\x10õœ²É9J" 400 173 "-" "-" 79.100.145.126 - - [09/Jan/2011:13:57:42 -0500] "#§i²¸oYi á¹„\x13VJ—x·—œ\x04N \x1DÔvbÛè½\x10§¬\x1E0œ_^¼+\x09ÜÅ\x08DÌÃiJeT€¿æ]œr\x1EëîyIÐ/ßýúê5Ç¸" 400 173 "-" "-" 79.100.145.126 - - [09/Jan/2011:13:58:33 -0500] "¯Ú%ø=Œ›D@\x12î½‰¼\x1C†ÄÀe\x015mˆàd˜Û%pÛÿ" 400 173 "-" "-" What should I make of this? Is this some sort of scripted attack? Or could these be correct requests that have somehow been garbled? They're not affecting the performance of the site and I'm not seeing any other signs of attacks (e.g., no strange POSTs) so at this point I'm more curious than afraid.

Read the article
More than one way to skin an Audit

- by BuckWoody

I get asked quite a bit about auditing in SQL Server. By "audit", people mean everything from tracking logins to finding out exactly who ran a particular SELECT statement. In the really early versions of SQL Server, we didn't have a great story for very granular audits, so lots of workarounds were suggested. As time progressed, more and more audit capabilities were added to the product, and in typical database platform fashion, as we added a feature we didn't often take the others away. So now, instead of not having an option to audit actions by users, you might face the opposite problem - too many ways to audit! You can read more about the options you have for tracking users here: http://msdn.microsoft.com/en-us/library/cc280526(v=SQL.100).aspx In SQL Server 2008, we introduced SQL Server Audit, which uses Extended Events to really get a simple way to implement high-level or granular auditing. You can read more about that here: http://msdn.microsoft.com/en-us/library/dd392015.aspx As with any feature, you should understand what your needs are first. Auditing isn't "free" in the performance sense, so you need to make sure you're only auditing what you need to. Share this post: email it! | bookmark it! | digg it! | reddit! | kick it! | live it!

Read the article
Why does Facebook convert PHP code to C++?

- by user72245

I read that Facebook started out in PHP, and then to gain speed, they now compile PHP as C++ code. If that's the case why don't they: Just program in c++? Surely there must be SOME errors/bugs when hitting a magic compiler button that ports PHP to c++ code , right? If this impressive converter works so nicely, why stick to PHP at all? Why not use something like Ruby or Python? Note -- I picked these two at random, but mostly because nearly everyone says coding in those languages is a "joy". So why not develop in a super great language and then hit the magic c++ compile button?

Read the article
Making Agile and DevOps methodology compatible with PCI requirements

- by kenchew

Would like to hear from those working in a PCI compliance environment and is practicing agile development and devops methodology, how you maintain compliance with PCI requirements. Specifically, what do you do to address: separation of duties between development/test and production alignment of continuous integration / deployment and change control alignment of agile stories to requirement documentation

Read the article
Anyone code at a treadmill desk? [closed]

- by Sequenzia

have been thinking about getting a treadmill desk for awhile now but I just don't know if it is possible to code at one. I can see doing a normal computer job while walking very slow but I just don't know if you can write code do it. Like a lot of people I could stand to lose weight and I am just not in shape anymore. I sit at my computer for at least 12 hours a day and then I am on my laptop for a few more hours. I need to do something to help my health. I also have been seeing a lot of reports about the long term health issues related to desk jobs. Like this. Before I drop a few hundred dollars on a new desk I am wondering if anyone has tried a treadmill desk and if so which one?

Read the article
Do logins by the gdm (or lightdm) user in auth.log mean my system is breached?

- by Pramanshu

Please look at this auth.log (from Ubuntu 14.04) I have provided and tell me who this gdm user is and why there are all these unauthenticated logins? I am freaked out; please help! Here's the /var/log/auth.log file: http://paste.ubuntu.com/8120231/ Update: I know now that "gdm" is gnome desktop manager and it's there because of root. But please look at the log there is more and tell me if my system is breached.

Read the article
Steps after SQL Injection detected

- by Zukas

I've come across SQL injection vulnerabilities on my companies ecommerce page. It was fairly poorly put together. I believe I have prevented future attempts however we are getting calls about fraudulent credit card charges on our site and others. This leads me to believe that someone was able to get a list of our credit card numbers. What doesn't make sense is that we don't store that information and we use Authorize.net for the transaction. If someone was able to get the CC#s, what should I do next? Inform ALL of our customers that someone broken into our system and stole their information? I have a feeling that will be bad for business.

Read the article
HackingSilverlight Code Browser

So sometime ago I had been working on a sample browser for all the different samples I had used for hackingsilverlight and for blog posts. After awhile with all the jumping around between projects, and my failing memory I found I needed a quick easy way to remember all the code clips I used often. For me I needed something like a rola-deck for code so after taking my toys and leaving the sandbox as it were regarding the book HackingSilverlight between projects for the 5 minutes here or there I've...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

Read the article
Are code screening services worthwhile?

- by Robert Klubenspies

I've seen websites that screen programmers by their ability to write code. It's a service that you enter a programming question into and then send out a link. Job candidates program their solution to the question as they are timed and recorded. The person who posted the question can then playback a video of their candidate programming the script. This video allows them to see how quickly and neatly their job candidate can code. Are these types of services worth it? What caveats and hangups are there to using such things to screen potential hires?

Read the article

< Previous Page | 216 217 218 219 220 221 222 223 224 225 226 227 | Next Page >