Search Results

Search found 1884 results on 76 pages for 'privacy protection'.

Page 34/76 | < Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41 | Next Page >

The legal aspect of website design/application [closed]

- by tunmise fasipe

I have got a site to develop for a medium-sized company and I want to make sure it's being done professionally. I understand the following: Terms of Use: tells the users how the content on the website should and should not be used Privacy Policy: assuring the users that their information is safe on the site and will not be exposed without their permission. Also telling the which could be viewed by others Disclaimer (the client asked for this): tells the users the wrong/right use of the contents in the site is not the responsibility of the company My Questions are: How does copyright comes in? More light on the Disclaimer? - the client specifically asked for this What other legal actions one needs to take? Do you need to see a lawyer? How can you prevent others from having a counterfeit of your site - the client specifically asked for this too Thanks

Read the article
How can I set up private, per-user sections on Joomla?

- by Michael Paulukonis

For this weekend's GiveCamp project, my team has been tasked with adding some functionality to an existing Joomla-powered website for a non-profit. A certain type of user will login, and have access to a personal area where they can upload files, check for messages, see tasks that have been assigned, etc. Each user would have their own area. They would not be creating pages, and their information would only be visible to themselves (or a site-administrator, of course. No sort of weird HIPAA privacy involved). None of us have worked with Joomla before, but we'd like to help this non-profit. We're not sure if we're searching using the wrong terms, or if we're just not finding it. Is such a solution possible in Joomla? And/or are we better off building some standalone solution that interfaces with the same mySQL database as Joomla?

Read the article
https (SSL) instead of http

- by user1332729

I am building myself a new website, out of privacy and security concerns I am contemplating trying to make it https only. It will be mobile-friendly using media queries but I am concerned--especially for mobile users--about the increased bandwidth. How much will doing so increase my bandwidth or slow load times? For pages where I'm not transferring sensitive information, should I leave external links (to a jQuery library, or a web font for instance) in http? Simply put, I have read articles saying the entire web would be more secure if everything was SSL but my actual knowledge of implementation is limited to payment gateways and log-in pages and such. I apologize for the open-ended nature of the question but anything, even just simple answers to the specific questions is welcomed.

Read the article
Generating SQL Server Test Data with Visual Studio 2010

As a database developer or tester sometimes you need to have production like data in your environment for your development or testing, but you cannot have the production data because of security and privacy issues. So how you can generate test data or replicate similar data as in production for your development or test environment? Join SQL Backup’s 35,000+ customers to compress and strengthen your backups "SQL Backup will be a REAL boost to any DBA lucky enough to use it." Jonathan Allen. Download a free trial now.

Read the article
Lumia 920 or iPhone5, which is it gonna be?

- by Sahil Malik

SharePoint 2010 Training: more information Deciding on a new phone is so difficult. I currently use an iPhone4, and I am itching to upgrade to either iPhone5 or Lumia 920. The decision is difficult because a lot of my work depends on my communication device, and whatever I pick, I will be stuck with for 2 years. Here is how I see the two stacking up. iPhone 5 of course based on rumors so far. I didn’t even consider Android here because I don’t like Android as an OS. It’s too insecure, privacy intrusive, and frankly unreliable. I cannot bet my work on Android, sorry not gonna happen. Read full article ....

Read the article
Meet and Greet with IDM Executives at Oracle OpenWorld

- by Tanu Sood

Oracle’s Identity Management Team Invites You to Learn How to Secure The New Digital Experience Come see how the Oracle Identity Management platform can position your company to take advantage of the emerging business opportunities. Leverage Social Identities for web authentication Enable customers and employees to interact through their mobile devices Deploy Self Service User Provisioning for quick role changes based on business needs We look forward to seeing you there! Wednesday, October 3rd 3:30-4:30 PM Meeting 4:30-5:30 PM Cocktail Reception Four Seasons Hotel Yerba Buena Room 757 Market Street San Francisco, CA 94103 415.633.3000 http://www.fourseasons.com/sanfrancisco/ RSVP Now Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Contact Us | Legal Notices and Terms of Use | Privacy Statement

Read the article
Proxy Client for Ubuntu

- by WindowsEscapist

I want to use a proxy for web browsing similar to Ultrasurf for Windows. I've tried to use TOR, but it isn't working! The problem is whenever I search something along the lines of "ubuntu + linux proxy", sites assume that I want to set up a proxy server rather than use one. I just want something with little to no configuration needed (i.e. I don't have my own proxy server). UltraSurf is a free software which enables users inside countries with heavy Internet censorship to visit any public web sites in the world safely and freely. Users in countries without internet censorship also use it to protect their internet privacy and security.

Read the article
Where to find current information on quality of released games as software products?

- by Tom

As a gamer, one thing I have learned I need to be savvy about is knowing whether SomeBigGame is actually unstable or otherwise problematic as a piece of software (riddled with invasive DRM products, only runs well on a particular video driver version, crashes on non-English-language systems, etc.). I know that game news media can sometimes be relied upon to report on some problems, but I doubt they bother to cover smaller or indie titles. An example: I've started playing Transformice on Kongregate, and I'm considering installing the downloadable client (it is an online multiplayer game). The part of me that cares about data privacy and maintaining a clean-and-healthy PC wants to know whether there is a place I can check to find out more about a title-as-software than "it is not a literal virus." Put another way: where would you not want to see your game receive lots of attention?

Read the article
Boilerplate Terms & Conditions for web app? [closed]

- by Louis Bataillard

Possible Duplicate: What are some good resources for generating privacy policies and terms of use? I am just about done creating my first web application. Since the application stores some user data, I want to make sure that I can not be held liable should something bad happen to the site. I googled around but I could only find boilerplate T&Cs for websites, not for web apps. Does anybody know where I can find such a boilerplate agreement that I can use? I realize that this won't be 100% security, but it's better than nothing I suppose.

Read the article
iOS Book App with Custom Book Repositories. Will Apple block this? [closed]

- by BrianHanifin

I am working with a kindergarten teacher to create an iPad/iPhone app which plays audio of her narrating each page of the "book". She wishes to only share some of the books with students in her class. Can I create a mechanism for downloading books from a custom repository link? I would send the URL home with the kids and have the parents type it into the app. I would include a couple of books preloaded with the app. I could even provide a sample repository with a sample book if you think it would make any difference. I am trying to come up with a creative solution that gives her the app she wants for her students while protecting the privacy she wishes for some of her content. What are your thoughts?

Read the article
How to offer a cookie opt in/out to users?

- by Darkcat Studios

I intend to use google analyticts, and as I understand it I will need to offer users the option to opt out of cookies. The question is this: I HATE these constant cookie option boxes, everyone I ask it getting annoyed by them too. Its nice to have the option, but we all know they have been in use for well over a decade. So - how big of a deal do I have to make about the fact that I'm using GoogleAn? can I pop a small link at the bottom of the page, maybe integrate it into "Privacy policies" page, and give people the option to opt out there? This would be very much the "Assume the majority of users don't mind, but at least make the option available" stance. Ironically setting a cookie seems to be the only way I can see to enforce the opt-out! as IP's change.

Read the article
how can i track visits to ALL of the subpages of my website COMBINED TOGETHER?

- by realcheesypizza

Right now im using statcounter and google analytics. They are great. But my counts are currently separated. Ex: website.com = 1000 visits a day, website.com/about = 50 visits a day, website.com/privacy = 10 visits a day, etc.. How can have a combined count of all of my sub-pages? (mainpage + about page + about 100 other sub-pages ) I can of course manually add them all together, but that's time consuming because there are many pages. I tried placing a separate tracking code in a php include that sits in each of the sub-pages, but it doesnt seem to be working. It seems to require a single URL to create it, which it then only counts the visits from the one url, rather than ALL of them. Ex: website.com) Any help would be appreciated. Hopefully im just missing something very obvious. Thank you!

Read the article
Google Personalized Search Results Makes Life Easy For Searchers

Recently Google introduced new feature for search engine users. Google now providing personalized search results for everyone who uses Google search engine, without considering they have opted for it or not in the previously available personalized feature. Searchers now have now the options to select or completely opt-out to get personalized search results. Google designed various protections to safeguard searchers privacy. It will raise some concerns when users opt-in instead of opt-out this feature. Below is the deeper look on the new feature.

Read the article
People not respecting good practices at workplace

- by VexXtreme

Hi There are some major issues in my company regarding practices, procedures and methodologies. First of all, we're a small firm and there are only 3-4 developers, one of which is our boss who isn't really a programmer, he just chimes in now and then and tries to do code some simple things. The biggest problems are: Major cowboy coding and lack of methodologies. I've tried explaining to everyone the benefits of TDD and unit testing, but I only got weird looks as if I'm talking nonsense. Even the boss gave me the reaction along the lines of "why do we need that? it's just unnecessary overhead and a waste of time". Nobody uses design patterns. I have to tell people not to write business logic in code behind, I have to remind them not to hardcode concrete implementations and dependencies into classes and cetera. I often feel like a nazi because of this and people think I'm enforcing unnecessary policies and use of design patterns. The biggest problem of all is that people don't even respect common sense security policies. I've noticed that college students who work on tech support use our continuous integration and source control server as a dump to store their music, videos, series they download from torrents and so on. You can imagine the horror when I realized that most of the partition reserved for source control backups was used by entire seasons of TV series and movies. Our development server isn't even connected to an UPS and surge protection. It's just plugged straight into the wall outlet. I asked the boss to buy surge protection, but he said it's unnecessary. All in all, I like working here because the atmosphere is very relaxed, money is good and we're all like a family (so don't advise me to quit), but I simply don't know how to explain to people that they need to stick to some standards and good practices in IT industry and that they can't behave so irresponsibly. Thanks for the advice

Read the article
How to disable mod_security2 rule (false positive) for one domain on centos 5

- by nicholas.alipaz

Hi I have mod_security enabled on a centos5 server and one of the rules is keeping a user from posting some text on a form. The text is legitimate but it has the words 'create' and an html <table> tag later in it so it is causing a false positive. The error I am receiving is below: [Sun Apr 25 20:36:53 2010] [error] [client 76.171.171.xxx] ModSecurity: Access denied with code 500 (phase 2). Pattern match "((alter|create|drop)[[:space:]]+(column|database|procedure|table)|delete[[:space:]]+from|update.+set.+=)" at ARGS:body. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "352"] [id "300015"] [rev "1"] [msg "Generic SQL injection protection"] [severity "CRITICAL"] [hostname "www.mysite.com"] [uri "/node/181/edit"] [unique_id "@TaVDEWnlusAABQv9@oAAAAD"] and here is /usr/local/apache/conf/modsec2.user.conf (line 352) #Generic SQL sigs SecRule ARGS "((alter|create|drop)[[:space:]]+(column|database|procedure|table)|delete[[:space:]]+from|update.+set.+=)" "id:1,rev:1,severity:2,msg:'Generic SQL injection protection'" The questions I have are: What should I do to "whitelist" or allow this rule to get through? What file do I create and where? How should I alter this rule? Can I set it to only be allowed for the one domain, since it is the only one having the issue on this dedicated server or is there a better way to exclude table tags perhaps? Thanks guys

Read the article
Using shared_ptr to implement RCU (read-copy-update)?

- by yongsun

I'm very interested in the user-space RCU (read-copy-update), and trying to simulate one via tr1::shared_ptr, here is the code, while I'm really a newbie in concurrent programming, would some experts help me to review? The basic idea is, reader calls get_reading_copy() to gain the pointer of current protected data (let's say it's generation one, or G1). writer calls get_updating_copy() to gain a copy of the G1 (let's say it's G2), and only one writer is allowed to enter the critical section. After the updating is done, writer calls update() to do a swap, and make the m_data_ptr pointing to data G2. The ongoing readers and the writer now hold the shared_ptr of G1, and either a reader or a writer will eventually deallocate the G1 data. Any new readers would get the pointer to G2, and a new writer would get the copy of G2 (let's say G3). It's possible the G1 is not released yet, so multiple generations of data my co-exists. template <typename T> class rcu_protected { public: typedef T type; typedef std::tr1::shared_ptr<type> rcu_pointer; rcu_protected() : m_data_ptr (new type()) {} rcu_pointer get_reading_copy () { spin_until_eq (m_is_swapping, 0); return m_data_ptr; } rcu_pointer get_updating_copy () { spin_until_eq (m_is_swapping, 0); while (!CAS (m_is_writing, 0, 1)) {/* do sleep for back-off when exceeding maximum retry times */} rcu_pointer new_data_ptr(new type(*m_data_ptr)); // as spin_until_eq does not have memory barrier protection, // we need to place a read barrier to protect the loading of // new_data_ptr not to be re-ordered before its construction _ReadBarrier(); return new_data_ptr; } void update (rcu_pointer new_data_ptr) { while (!CAS (m_is_swapping, 0, 1)) {} m_data_ptr.swap (new_data_ptr); // as spin_until_eq does not have memory barrier protection, // we need to place a write barrier to protect the assignments of // m_is_writing/m_is_swapping be re-ordered bofore the swapping _WriteBarrier(); m_is_writing = 0; m_is_swapping = 0; } private: volatile long m_is_writing; volatile long m_is_swapping; rcu_pointer m_data_ptr; };

Read the article
How do I patch a Windows API at runtime so that it to returns 0 in x64?

- by Jorge Vasquez

In x86, I get the function address using GetProcAddress() and write a simple XOR EAX,EAX; RET; in it. Simple and effective. How do I do the same in x64? bool DisableSetUnhandledExceptionFilter() { const BYTE PatchBytes[5] = { 0x33, 0xC0, 0xC2, 0x04, 0x00 }; // XOR EAX,EAX; RET; // Obtain the address of SetUnhandledExceptionFilter HMODULE hLib = GetModuleHandle( _T("kernel32.dll") ); if( hLib == NULL ) return false; BYTE* pTarget = (BYTE*)GetProcAddress( hLib, "SetUnhandledExceptionFilter" ); if( pTarget == 0 ) return false; // Patch SetUnhandledExceptionFilter if( !WriteMemory( pTarget, PatchBytes, sizeof(PatchBytes) ) ) return false; // Ensures out of cache FlushInstructionCache(GetCurrentProcess(), pTarget, sizeof(PatchBytes)); // Success return true; } static bool WriteMemory( BYTE* pTarget, const BYTE* pSource, DWORD Size ) { // Check parameters if( pTarget == 0 ) return false; if( pSource == 0 ) return false; if( Size == 0 ) return false; if( IsBadReadPtr( pSource, Size ) ) return false; // Modify protection attributes of the target memory page DWORD OldProtect = 0; if( !VirtualProtect( pTarget, Size, PAGE_EXECUTE_READWRITE, &OldProtect ) ) return false; // Write memory memcpy( pTarget, pSource, Size ); // Restore memory protection attributes of the target memory page DWORD Temp = 0; if( !VirtualProtect( pTarget, Size, OldProtect, &Temp ) ) return false; // Success return true; } This example is adapted from code found here: http://www.debuginfo.com/articles/debugfilters.html#overwrite .

Read the article
How do I secure a .NET Web Service for use by an iPhone application?

- by David A Gibson

Hello, The title says it all, I have a Web Service written in .NET that provides data for an iPhone application. It will also allow the application make a "reservation." Currently it's all internal to the corporate network but obviously when the iPhone application is published I will need ensure the Web Service is available externally. How would I go about securing the Web Service? There are two aspects I'm looking into: Authentication for accessing the web service Protection for the data being transferred I'm no so bothered about the data being passed back and forth as it will be viewable in the application anyway (which will be free). The key issue for me is preventing users from accessing the Web Service and making reservations themselves. At the moment I am considering encrypting any strings in the XML data passed back and forth so only the client can effectively use the web service sidestepping the need for authentication and providing protection for the data. This is the only model I have seen but I think the overheads on the iPhone and even for the web service make for a poor user experience. Any solutions at all would be most welcome? Thanks

Read the article
RPC command to initiate a software install

- by ericmayo

I was recently working with a product from Symantech called Norton EndPoint protection. It consists of a server console application and a deployment application and I would like to incorporate their deployment method into a future version of one of my products. The deployment application allows you to select computer workstations running Win2K, WinXP, or Win7. The selection of workstations is provided from either AD (Active Directory) or NT Domain (WINs/DNS NetBIOS lookup). From the list, one can click and choose which workstations to deploy the end point software which is Symantech's virus & spyware protection suite. Then, after selecting which workstations should receive the package, the software copies the setup.exe program to each workstation (presumable over the administrative share \pcname\c$) and then commands the workstation to execute setup.exe resulting in the workstation installing the software. I really like how their product works but not sure what they are doing to accomplish all the steps. I've not done any deep investigations into this such as sniffing the network, etc... and wanted to check here to see if anyone is familiar with what I'm talking about and if you know how it's accomplished or have ideas how it could be accomplished. My thinking is that they are using the admin share to copy the software to the selected workstations and then issuing an RPC call to command the workstation to do the install. What's interesting is that the workstations do this without any of the logged in users knowing what's going on until the very end where a reboot is necessary. At which point, the user gets a pop-up asking to reboot now or later, etc... My hunch is that the setup.exe program is popping this message. To the point: I'm looking to find out the mechanism by which one Windows based machine can tell another to do some action or run some program. My programming language is C/C++ Any thoughts/suggestions appreciated.

Read the article
SQL Server High Availability - Mirroring with MSCS?

- by David

I'm looking at options for high-availability for my SQL Server-powered application. The requirements are: HA protection from storage failure. Data accessibility when one of the DB servers is undergoing software updates (e.g. planned outage for Windows Update / SQL Server service-packs). Must not involve much in the way of hardware procurement. The application is an ASP.NET web application. The web application's users have their own database instances. I've seen two main options: SQL Server failover clustering, and SQL Server mirroring. I understand that SQL Server Failover Clustering requires the purchasing of a shared disk array and doesn't offer any protection if the shared storage goes down (so the documentation recommends to set up a Mirroring between two clusters). Database Mirroring seems the cheaper option (as it only requires two database servers and a simple witness box) - but I've heard it doesn't work well when you have a large number of databases. The application I'm developing involves giving each client their own database for their application - there could be hundreds of databases. Setting up the mirroring is no problem thanks to the automation systems we have in place. My final point concerns how failover works with respect to client connections - SQL Server Failover Clustering uses MSCS which means that the cluster is invisible to clients - a connection attempt might fail during the failover, but a simple reconnect will have it working again. However mirroring, as far as I know, requires that the client be aware of the mirrored partners: if the client cannot connect to the primary server then it tries the secondary server. I'm wondering how this work with respect to Connection Pooling in ASP.NET applications - does the client connection failovering mean that there's a potential 2-second (assuming 2000ms TCP timeout policy) pause when the connection pool tries the primary server on every connection attempt? I read somewhere that Mirroring can be used on top of MSCS which means that the client does not need to be aware of mirroring (so there wouldn't be any potential delays during connection, and also that no changes would need to be made to the client, not even the connection string) - however I'm finding it hard to get documentation or white papers on this approach. But if true, then it means the best method is then Mirroring (for HA) with MSCS (for client ignorance and connection performance). ...but how does this scale to a server instance that might contain hundreds of mirrored databases?

Read the article
Hosts file resetting on Windows 7

- by Simon

Recently I've noticed my hosts file resetting itself. D:\Windows\System32\drivers\etc (OS installed on D drive) First time it reset it to the default, and now for the first time its completely disappeared after installing a whole bunch of updates. I don't have any virus protection other than Microsoft's Security Essentials. What's going on???

Read the article
Windows SteadyState - system's security log is full

- by Matt

Quick version: New computer, attached to Windows domain, with SteadyState w/ Disk Protection turned on, cannot log on as domain user because Windows states 'system security log is full' Troubleshooting performed: disabled all 'restrictions' listed in SteadyState, cleared system security log, changed security log settings to overwrite entries when it becomes full, restarted computer to commit changes, verified changes were commited - still cannot log on as domain user, changed Documents and Settings folder to another partition, still cannot log on as domain user Let me know if you need a more detailed description of any steps performed. I appreciate any help you can give me.

Read the article
Microsoft Security Essentials for a business

- by Systech

This is 2 questions really - Am I allowed to install Microsoft Security Essentials 1.0 in a business of 200 - 300 users? Is Microsoft Security Essentials 1.0 adequate protection (real-time scanning, updates etc)?

Read the article
How useful is hard drive encryption?

- by D Connors

So, let's say you have a notebook, and you encrypt the entire hard drive. Whenever you boot it's gonna ask for a password, meaning nobody can access your data without the password. On the other hand, what if your notebook got stolen whilst it was in sleep mode? Is there any protection that the encryption can offer? Thanks

Read the article
How to detect form spamming on your web servers?

- by splattne

If you run hundred of web sites on your servers, what it is the most efficient, automated way to detect if bots are using your HTML forms to send spam email, even if your forms have some kind of protection?

Read the article

< Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41 | Next Page >