Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 244/3920 | < Previous Page | 240 241 242 243 244 245 246 247 248 249 250 251  | Next Page >

  • Tools to test softwares against any attacks for programmers ?

    - by berkay
    in these days, i'm interested in software security. As i'm reading papers i see that there are many attacks and researchers are trying to invent new methods for softwares to get more secure systems. this question can be a general including all types of attacks.There are many experienced programmers in SO, i just want to learn what are using to check your code against these attacks ? Is there any tools you use or you don't care ? For example i heard about,static,dynamic code analysis, fuzz testing. SQL injection attacks Cross Site Scripting Bufferoverflow attacks Logic errors Any kind of Malwares Covert Channels ... ... thanks

    Read the article

  • Static code analysis for VB6 and classic ASP

    - by Ryan
    I'm looking for a static code analysis tool that will determine if I have orphaned functions in my VB6 code. The problem I'm running into is we make calls to the VB6 code from classic asp. Is there a tool that will look at both the classic asp and VB6 and determine if there are any orphaned functions?

    Read the article

  • Need advice to design 'crack-proof' software

    - by alee
    I am currently working on a project where i need to create some architecture, framework or any standards by which i can "at least" increase the cracking method for a software, i.e, to add to software security. There are already different ways to activate a software which includes online activation, keys etc. I am currently studying few research papers as well. But there are still lot of things that i want to discuss. Could someone guide me to some decent forum, mailing list or something like that? or any other help would be appreciated.

    Read the article

  • Exclude debug javascript code during minification

    - by Tauren
    I looking into different ways to minify my javascript code including the regular JSMin, Packer, and YUI solutions. I'm really interested in the new Google Closure Compiler, as it looks exceptionally powerful. I noticed that Dean Edwards packer has a feature to exclude lines of code that start with three semicolons. This is handy to exclude debug code. For instance: ;;; console.log("Starting process"); I'm spending some time cleaning up my codebase and would like to add hints like this to easily exclude debug code. In preparation for this, I'd like to figure out if this is the best solution, or if there are other techniques. Because I haven't chosen how to minify yet, I'd like to clean the code in a way that is compatible with whatever minifier I end up going with. So my questions are these: Is using the semicolons a standard technique, or are there other ways to do it? Is Packer the only solution that provides this feature? Can the other solutions be adapted to work this way as well, or do they have alternative ways of accomplishing this? I will probably start using Closure Compiler eventually. Is there anything I should do now that would prepare for it?

    Read the article

  • How dangerous can javascript be?

    - by CrazyJugglerDrummer
    I have recently started using noscript (in addition to ABP). It took a little while to get used to it and can occasionally require some clicking when visiting a new site to investigate why the site's not working and where I need to allow javascript from. Is the extra security worth it? Some of the controversy is discussed here. I suppose it boils down to a matter of whether javascript is a genuine threat to your computer or not. Any thoughts on this?

    Read the article

  • Silverlight - GestureService & GestureListner in code-behind

    - by Rajah
    I want to do the following XAML code in code behind and not sure how to add the GestureService and GestureListner onto the Image. Xaml code: <Image Grid.Row="1" x:Name="img" VerticalAlignment="Center" HorizontalAlignment="Center" Width="200"> <toolkit:GestureService.GestureListener> <toolkit:GestureListener/> </toolkit:GestureService.GestureListener> </Image> Code behind equivalent: Image image = new Image(); //how do I add GestureService and GestureListner? ContentPanel.Children.Add(image);

    Read the article

  • xcode/iphone Code templates

    - by vilo
    Is there some tool in xcode that allows me to store snippets of code I often reuse in various applications so I do not have to retype it each time? I am talking about things like all the code that goes into defining Table Delegate Methods and Table Source Methods, UIAlertViews code and such. I just would like to have my own private repository where I can put snippets of code I think I may need in the future in other apps. Is there anything like that? Thanks for any help.

    Read the article

  • Web Services: Secure? Asp.net

    - by Jacques
    Hey there, Something I can't wrap my head around is how secure web services are. For example we're writing a desktop application that will interact with data on one of our websites as well as local data. This data is sensitive though and the last thing we want is anybody calling the web services. I've not yet found anything that says web services has some kind of authentication methods and the only security I've seen people talk about is using certificates to encrypt the message. I'm no guru on this and would appreciate anyone's input and perhaps a link to somewhere that will explain this in simple terms. Thanks Jacques

    Read the article

  • failsafe jQuery code

    - by David
    Can anyone explain what the jquery documentation is exactly referring to with this statement: "the argument to write failsafe jQuery code using the $ alias, without relying on the global alias" when referring to using the following: jQuery(function($) { }); I have been using jquery for a while now so understand what this code is doing to a certain extent but the phrase used in the documentation about writing failsafe jquery code puzzles me and i am unsure whether it is important or not.

    Read the article

  • What is a real world example of bad code or programming practice

    - by Luke101
    I just want to know some bad programming practice or code I should avoid to make sure it does not exist in my code. I use c# asp.net but the example you give can be in any language since the idea is still the same. I have follow many suggestions on SO that really cleaned my code up. Now I looking to launch my application and want to make sure its ready for prime time.

    Read the article

  • Python Code Introspection and Analysis

    - by oneself
    Hi, I am trying to write a Python code analyzer, and I am trying to avoid having to parse bare Python text files. I was hoping that once the Python compiler/interpreter parses the code there's a way to get to the object code or parse tree from within a running Python program. Is there anyway to do this? Thank you

    Read the article

  • How to create Encryption Key for Encryption Algorithms?

    - by Akash Kava
    I want to use encryption algorithm available in .Net Security namespace, however I am trying to understand how to generate the key, for example AES algorithm needs 256 bits, that 16 bytes key, and some initialization vector, which is also few bytes. Can I use any combination of values in my Key and IV? e.g. all zeros in Key and IV are valid or not? I know the detail of algorithm which does lots of xors, so zero wont serve any good, but are there any restrictions by these algorithms? Or Do I have to generate the key using some program and save it permanently somewhere?

    Read the article

  • Crossdomain file edit

    - by Misiur
    Hi there. I need to know, where from is my script used (it's for sale, and i don't want any thiefs). I want to write on my server in file, IP of user, domain where from script has been runned, date, etc. I've tried fopen, fwrite, but is_file_writable returned that it isn't. File CHmods are 777, it parent catalog has too 777 chmods. Now i'm trying something like that: <?php $file = 'http://www.misiur.com/security/seal.txt'; $data = date("Y-m-d H:i:s"); $ip = $_SERVER['REMOTE_ADDR']; $svr = $_SERVER['SERVER_NAME']; $str = "[$data] Loaded by $ip at $svr\r\n"; $current = file_get_contents($file); $current .= $str; file_put_contents($file, $current); ?> However - nothing happens. What i've got to do?

    Read the article

  • Query MySQL with unicode char code.

    - by Ben
    Hi, I have been having trouble searching through a MySQL table, trying to find entries with the character (UTF-16 code 200E) in a particular column. This particular code doesn't have a glyph, so it doesn't seem to work when I try to paste it into my search term. Is there a way to specify characters as their respective code point instead for a query? Thanks, -Ben

    Read the article

  • How to translate small bash code to csh / tcsh (setting GNOME terminal title)

    - by user1069609
    I need help to translate the following bash code to tcsh : case $TERM in (xterm*) PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME}\007"' ;; esac It is part of my .bashrc on all the machines which have bash as login shell. The code sets the GNOME terminal title to user@somehost (obviously with the real user name and host name). However some hosts have tcsh as login shell, so I need to translate the code into tcsh and add it to the .tcshrc . I considered to somehow source another file with the bash code from inside the .tcshrc file, but I couldn't make it work.

    Read the article

  • How dangerous can javascript be? (is noscript worth the trouble)?

    - by CrazyJugglerDrummer
    I have recently started using noscript (in addition to ABP). It took a little while to get used to it and can occasionally require some clicking when visiting a new site to investigate why the site's not working and where I need to allow javascript from. Is the extra security worth it? Some of the controversy is discussed here. I suppose it boils down to a matter of whether javascript is a genuine threat to your computer or not. Any thoughts on this?

    Read the article

  • changing Python code in the debugger

    - by max
    Is there any debugger that allows Python code to be changed while debugging? In other words: run-time exception occurs, debugger stops, I change the code any way I like, and tell the program to continue. I am aware of the problems with this approach, such that references to functions would still point to the old definitions if I redefine the function on the fly, and so on. I am ok with that, since I just want to be able to make small fixes in very simple circumstances. On the other hand, I'm also interested in whether it's theoretically possible to allow changes to Python code without running into these problems: i.e., somehow update all the references to the objects that changed, etc. I'm nearly sure the answer to the second question is no, but if I'm wrong, I'd like to know. EDIT: If my goal (changing the code interactively when an exception occurred, and then continuing execution), is achievable without a debugger - that would be good as well. I don't need to use the debugger.

    Read the article

  • Is Rails default CSRF protection insecure

    - by schickb
    By default the form post CSRF protection in Rails creates an authenticity token for a user that only changes when the user's session changes. One of our customers did a security audit of our site and flagged that as an issue. The auditor's statement was that if we also had a XSS vulnerability that an attacker could grab another user's authenticity token and make use of it for CSRF attacks until the user's session expired. But is seems to me that if we had an XSS vulnerability like that an attacker could just as easily grab another user's session cookie and login as that user directly. Or even just make call to our REST Api as the user being attacked. No secondary CSRF attack needed. Have I missed something? Is there a real problem with the default CSRF protection in Rails?

    Read the article

  • Status Code from FTPWebRequest GetResponse method

    - by nick
    This is slightly tricky. I am uploading files to FTP asynchronously. After uploading each file I am checking the status of the upload operation for that file. This can be done with StatusCode property of the FtpWebResponse object for that request. The code snippet is as give below. System.IO.FileStream fs = System.IO.File.Open(fileName, System.IO.FileMode.Open); while ((iWork = fs.Read(buf, 0, buf.Length)) > 0) requestStream.Write(buf, 0, iWork); requestStream.Close(); FtpWebResponse wrRet = ((FtpWebResponse)state.Request.GetResponse()); There are about 37 StatusCode values as per msdn. I am unaware as to which of these status code values will assure that the file is uploaded successfully. Some of them I used in my code to check for success are : wrRet.StatusCode == FtpStatusCode.CommandOK wrRet.StatusCode == FtpStatusCode.ClosingData wrRet.StatusCode == FtpStatusCode.ClosingControl wrRet.StatusCode == FtpStatusCode.ConnectionClosed wrRet.StatusCode == FtpStatusCode.FileActionOK wrRet.StatusCode == FtpStatusCode.FileStatus But I am unaware of the rest. I need to be sure about these codes because based on the failure or success of the upload operation I have other dependant operations to be carried out. A wrong condition can affect the remaining code. Another thought that crossed my mind was to simply put the above code into a try..catch and not depend on these status codes. With this I would not be depending on the status codes and assuming that any failure will always be directed to the catch block. Kindly let me know if this is the right way. Thanks in advance.

    Read the article

  • Dynamic/runtime method creation (code generation) in Python

    - by Eli Bendersky
    Hello, I need to generate code for a method at runtime. It's important to be able to run arbitrary code and have a docstring. I came up with a solution combining exec and setattr, here's a dummy example: class Viking(object): def __init__(self): code = ''' def dynamo(self, arg): """ dynamo's a dynamic method! """ self.weight += 1 return arg * self.weight ''' self.weight = 50 d = {} exec code.strip() in d setattr(self.__class__, 'dynamo', d['dynamo']) if __name__ == "__main__": v = Viking() print v.dynamo(10) print v.dynamo(10) print v.dynamo.__doc__ Is there a better / safer / more idiomatic way of achieving the same result?

    Read the article

  • Servlet 3.0 logout doesn't work

    - by Kevin
    I've got a problem with the authentication features of Servlet 3.0: With this code in a Servlet v3: log.info(""+request.getUserPrincipal()); log.info(""+request.getAuthType()); log.info("===^==="); request.logout() ; log.info(""+request.getUserPrincipal()); log.info(""+request.getAuthType()); request.authenticate(response) ; log.info("===v==="); log.info(""+request.getUserPrincipal()); log.info(""+request.getAuthType()); I would always expect to see the Username/login windows, because of the logout() function. Instead, it seems to be a 'cache' mechanism which repopulate the credential and cancel my logout ... Admin BASIC ===^=== null null ===v=== Admin BASIC Is it a problem with my firefox, or something I'm missing in the Servlet code?

    Read the article

  • LocalUser access for WCF hosted in IIS

    - by Eugarps
    I have tried every combination to allow unauthenticated access to WCF as in "LocalUser" accounts, in IIS without success. Here is what I've most recently tried: wsHttpBinding with Message security and mode set to "None". IIS anonymous access enabled, all others disabled, folder level access at default (but granted read access to "Users" which is all users in our domain). I understand I may not have provided enough information to solve the issue, but perhaps somebody can point me in the right direction - is this likely to be a IIS configuration issue or a WCF configuration issue... if WCF, is it likely to be a client level or server level issue? The error I get when attempting to access here is "User is not authenticated". We have ASMX services in the domain which are behaving properly, I am the first developer using WCF here.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 240 241 242 243 244 245 246 247 248 249 250 251  | Next Page >