Search Results

Search found 13853 results on 555 pages for 'soa security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 340/555 | < Previous Page | 336 337 338 339 340 341 342 343 344 345 346 347  | Next Page >

  • Best strategy for supporting multiple server communication from iPhone/android app?

    - by tipycalFlow
    I'm making an app that will be used in multiple hospitals in the US. As per HIPAA compliance requirement, every hospital will have its own server that complies with these requirements of ensuring patient data security, etc. Now the task is that the app should communicate with a particular server based on the login info. An additional requirement is that new hospitals(servers) are likely to be added along the way, even after the app is available on the market. So basically, according to some login credentials, the app should communicate with the server of the hospital assigned to that person. One pretty crude way is to set up our own server which links the hospitals with the login info and accordingly, provides a base-url for data exchange. Is there a more efficient way to handle this?

    Read the article

  • Multiple vulnerabilities in Firefox web browser

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-3062 Numeric Errors vulnerability 6.8 Firefox web browser Solaris 11 11/11 SRU 9.5 Solaris 10 SPARC: 145080-11 X86: 145081-10 CVE-2012-0467 Denial of service (DoS) vulnerability 10.0 CVE-2012-0468 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0 CVE-2012-0469 Resource Management Errors vulnerability 10.0 CVE-2012-0470 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0 CVE-2012-0471 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2012-0473 Numeric Errors vulnerability 5.0 CVE-2012-0474 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2012-0477 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2012-0478 Permissions, Privileges, and Access Controls vulnerability 9.3 CVE-2012-0479 Identity spoofing vulnerability 4.3 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Speaking in Omaha: December 7, 2011

    - by Bill Graziano
    I’m presenting in Omaha on Writing Faster SQL at 6PM on December 7th.  You can find meeting details on the Omaha SQL Server User Group page. The meeting location requires an RSVP so building security has a list of attendees. The presentation is a series of suggestions on improving performance.  It ranges from simple things like comparing indexed columns to scalar values up to tips for reducing query compiles and asynchronous processing patterns.  Nearly all of these come from specific issues I’ve encountered working on poorly performing SQL Servers.

    Read the article

  • How to make safe and secure forms in asp.net MVC 3

    - by anirudha
    the asp.net application need all kind of security. unsecure forms may be influence by XSS [cross site scripting] there is some way to solve these type of problem in MVC. first sollution is that use <%= Html.AntiForgeryToken() %> for make secure from cross site scripting. it’s work by machine key in MVC. well you can valid them whenever you got respond from client. you can apply by this attribute on action you give the response behalf of form submission [ValidateAntiForgeryToken] you can secondly use authorize attribute where you can make own definition of authorize attribute in asp.net mvc for more info read david’s post well I am use my own custom attribute who use a different type of authorization :- the who controller use a attribute I put their and the attribute I put their have a logic and logic check the cookie in request who make sure that request they got from user.

    Read the article

  • Regulating outgoing traffic on ubuntu VM

    - by DazSlayer
    I am making a virtual network setup for my high school cybersecurity team to practice. I am connecting all the VMs together through a VPN and then people who are practicing will VPN in and ssh/remote desktop into the different VMs. The problem is that for practicing, they will need root access into the VMs and because the VMs are connecting to my personal network, the VMs pose a security risk to my personal network. Is there any way in either VMWare or VirtualBox or even making an unchangeable iptable (I can make all the windows VMs go thru a linux VM) to prevent people from connecting to my local network via the VM?

    Read the article

  • Un million d'identifiants uniques d'appareils Apple dans la nature, piratés d'un laptop du FBI par un groupe de hackers

    Un million d'identifiants uniques d'appareils Apple dans la nature Piratés d'un laptop du FBI par un groupe de hackers La rumeur circulait déjà, mais des données postées sur le service Pastebin viennent la confirmer. Un million d'identifiants uniques (UDIDs) d'appareils iOS (iPhone, iPad, iPod) sont dans la nature. [IMG]http://idelways.developpez.com/news/images/FBI-Apple-security-breach.jpg[/IMG] L'acte a été prémédité par un groupe de hackers nommé Antisec. Le fichier de la liste en question comporte plus de 12 millions d'enregistrements de dispositifs, incluant des UDIDs Apple, des noms d'utilisateurs, des jetons de notifications push, et dans certains...

    Read the article

  • How to get KeePass to properly work with Chromium?

    - by Tom
    The two-channel auto-type obfuscation feature of KeePass doesn't work for me with Chromium (on Ubuntu 12.04 64 bits). However, it works just fine with Firefox. Dows anyone know how to fix this? Textboxes in web forms in Chromium seems to have something special that causes this feature to fail. Only some of the username/password characters are being auto-typed. This might be related to this: if I select an entry in KeePass and click "Copy User Name", I can paste it fine with Ctrl+V in any textbox in Firefox, but I can't on Chromium. However, text copied using Ctrl+C from a regular text file (say, from gedit), can be pasted fine on both browsers. What may be wrong? I wouldn't like to deactive this feature for all the entries in my keepass files as I use them on Windows too and they work just fine there (even on Google Chrome for Windows). This feature gives an appreciated extra security measure against spyware/keyloggers.

    Read the article

  • Mozilla Firefox 23 Will Block Mixed SSL Content

    - by Anirudha
    Originally posted on: http://geekswithblogs.net/anirugu/archive/2013/07/03/mozilla-firefox-23-will-block-mixed-ssl-content.aspxIf you have a site which is running on SSL and used content that make non-https request then you need to a bit worried. The default setting of Firefox 23 will block the content that called on non-https address and page is based on SSL. for example script using https://code.jquery.com/jquery-1.10.2.min.js will not work because code.jquery.com can not be reach on https. the cdn ajax.googleapis.com support SSL so you can try it. if you want to disable this settings you can modify it on about:config security.mixed_content.block_active_content change the value true to false and it will be disable (it’s just for example)

    Read the article

  • Climbing the hacker ladder

    - by cobie
    This is not a question in which I am asking for opinions rather I am asking for first hand experience. I have been programming in python for quite a while and I feel solid enough in python programming. I can come up with algorithms for problems and implement them but I somehow feel I am stuck with remaining an apprentice. What are some first hand experiences on how to climb up the ladder and become better at programming as in learning about browsers security, compilers etc. Personal experiences would be valued in responses.

    Read the article

  • My Oracle Support Accreditation for Database and Enterprise Manager

    - by A. G.
    Have you actively used My Oracle Support for 6-9 months? Take your expertise to the next level—become accredited! By completing the accreditation learning series, you can increase your proficiency with My Oracle Support’s core functions and build skills to help you leverage Oracle solutions, tools, and knowledge that enable productivity. Accreditation learning paths are available for Oracle Database and Enterprise Manager, which focus on product-specific best practices, recommendations, and tool enablement—up leveling your capabilities with these Oracle products. Course topics include:   Oracle Database Staying informed  Install Patching Upgrade Performance Security Scalability Enterprise Manager Staying informed  Supportability Certification Patching Upgrade Performance Diagnostic Tools Troubleshooting Visit the My Oracle Support Accreditation Index and get started with the Level 1 My Oracle Support Accreditation path and product-specific Level 2 learning paths for Oracle Database and Enterprise Manager.

    Read the article

  • deny-uncovered-http-methods in Servlet 3.1

    - by reza_rahman
    Servlet 3.1 is a relatively minor release included in Java EE 7. However, the Java EE foundational API still contains some very important changes. One such set of features are the security enhancements done in Servlet 3.1 such as the new deny-uncovered-http-methods option. Servlet 3.1 co-spec lead Shing Wai Chan outlines the use case for the feature and shows you how to use it in a recent code example driven post. You can also check out the official specification yourself or try things out with the newly released Java EE 7 SDK.

    Read the article

  • Hands-on GlassFish FREE Course covering Deployment, Class Loading, Clustering, etc.

    - by arungupta
    René van Wijk, an Oracle ACE Director and a prolific blogger at middlewaremagic.com has shared contents of a FREE hands-on course on GlassFish. The course provides an introduction to GlassFish internals, JVM tuning, Deployment, Class Loading, Security, Resource Configuration, and Clustering. The self-paced hands-on instructions guide through the process of installing, configuring, deploying, tuning and other aspects of application development and deployment on GlassFish. The complete course material is available here. This course can also be taken as a paid instructor-led course. The attendees will get their own VM and will have plenty of time for Q&A and discussions. Register for this paid course. Oracle Education also offers a similar paid course on Oracle GlassFish Server 3.1: Administration and Deployment.

    Read the article

  • Package version updates policy

    - by Sandman4
    Not sure if here it's the right place to ask, if not - please point me to the right direction. Let's say there's a package, for the sake of real-world example - bind9. In Precise and in Quantal it's version 9.8.1. The original developer (ISC) currently provide versions 9.8.4 which is a bugfix release in the 9.8 line, and 9.9.2 which is a "new features" branch. It looks like when a security issue is encountered, the specific bugfix is backported into 9.8.1. Now the question: Why maintainers don't just update to the latest bugfix release ? Why to backport only certain patches ? Is it intentionally or just there's no maintaner who would take the effort to update to the latest bugfix release ?

    Read the article

  • Crisis : le premier malware à cibler les machines virtuelles sous Windows

    Crisis : le premier malware à cibler les machines virtuelles Sous Windows Préalablement connu sous le nom Morcut, "Crisis" est un rootkit malicieux qui infecte les systèmes d'exploitation Windows et Mac OS X. Il y arrive par l'utilisation d'un faux installeur d'Adobe Flash Player dissimulé dans une archive JAR numériquement signé par VeriSign. Cette dernière contient deux exécutables, un pour Mac OS X et un autre pour Windows. Selon le dernier rapport de Symantec Security, le logiciel malveillant se propage dans l'environnement Windows par l'utilisation du mécanisme d'autorun des disques durs amovibles, et les composants d'installation dans les dispositifs Windows Mobile. Entr...

    Read the article

  • Public JCP EC Meeting on 10 June

    - by Heather VanCura
    The next JCP EC Meeting is open to the public!  We hope you will join us on Tuesday, 10 June at 08:00 AM PDT.  Agenda includes a discussion on the latest JCP.Next news--JSR 364, Broadening JCP Membership. We hope you will join us, but if you cannot attend, the recording and materials will also be public on the JCP.org multimedia page. Meeting details below. ------------------------------------------------------- Topic: Public EC Meeting Date: Tuesday, June 10, 2014 Time: 8:00 am, Pacific Daylight Time (San Francisco, GMT-07:00) Meeting Number: 807 111 580 Meeting Password: 6893 ------------------------------------------------------- To start or join the online meeting ------------------------------------------------------- Go to https://jcp.webex.com/ ------------------------------------------------------- Audio conference information ------------------------------------------------------- +1 (866) 682-4770 (US) Conference code: 5731908 Security code: 6893 Global access numbers

    Read the article

  • New Development Snapshot

    A fairly massive set of changes this time, mostly around .NET 4.0 suport and IKVM.Reflection fixes. Targetting .NET 4.0 Please note that the work isn't done yet (in particular, I haven't checked in all the changes required for the .NET 4.0 security model), but it is now possible to build assemblies with ikvmc that target and reference .NET 4.0 while running ikvmc on the .NET 2.0 runtime. C:\jikvmc test.class -nostdlib -lib:\windows\microsoft.net\framework\v4.0.30319 ...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • How can I remove bluetooth-applet in 11.10?

    - by dunderhead
    I tried adding rfkill block bluetooth to /etc/rc.local. This did not work. I tried adding both blacklist bluetooth and blacklist btusb to etc/modprobe.d/blacklist.conf. This did not work. So I went to Synaptic to remove it altogether, but when I marked bluez for removal it said it was going to also remove gnome-shell as well! So naturally I didn't do that. (Is it sane to run a potential security problem like bluetooth by default? And why is something like that so tightly integrated into Gnome shell?) Can anyone tell me how to get rid of this annoying and unnecessary process?

    Read the article

  • Prevent product key from being used on multiple virtual machines

    - by Nahum Litvin
    I have a software product. it will probably run on VMs that have no network connection at all. I want the user to pay for each VM the user runs. I thought to ask the user for some kind of hardware ID and provide him with serial that is unique for his machine. But user can just copy the VM image and than have two machines running? So I thought of having a security dongle. But how can I prevent user from running two VM's on the same machine both connected to the same dongle? This should be only basic defense so that actual hacking will be required to breach the license and not only spinning one more VM.

    Read the article

  • Running an Application on a Different Domain

    - by Mark Flory
    Were I am contracting at right now has a new development domain.  Because of IT security rules it is fairly isolated from the domain my computer normally logs into (for e-mail and such).  I do use a VM to log directly into the domain but one of my co-workers found this command to run things on your box but in the other domain.  Pretty cool. For example this runs SQL Server Management Tool for SQL Server 2008: runas /netonly /user:{domain}\{username} "C:\Program Files\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\ssms.exe" And this runs visual studios: runas /netonly /user:{domain}\{username} "C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\devenv.exe" It does not solve the problem I wanted to solve which would be to be able to assign Users/Groups in Team Explorer.  It instead still uses the domain I am logged into's groups.

    Read the article

  • Programming Windows Identity Foundation - ISBN 978-0-7356-2718-5

    - by TATWORTH
    This book introduces a new technology that promises a considerable improvement on the ASP.NET membership system. If you ever had to write an extranet, system you should be aware of the problems in setting up membership for your site. The Windows Identity Foundation promises to be an excellent replacement. Therefore the book Programming Windows Identity Foundation - ISBN 978-0-7356-2718-5 at  http://oreilly.com/catalog/9780735627185, is breaking new ground. I recommend this book to all ASP.NET development teams. You should reckon on 3 to 5 man-days to study it and try out the sample programs and see if it can replace your bespoke solution. Rember this is version 1 of WIF and give yourself adequete time to read this book and familiarise yourself with the new software. Some URLs for more information: WIF home page at http://msdn.microsoft.com/en-us/security/aa570351.aspx The Identity Training Kit at http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=c3e315fa-94e2-4028-99cb-904369f177c0 The author's blog at http://www.cloudidentity.net/

    Read the article

  • Multiple vulnerabilities in Thunderbird

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-0451 Improper Control of Generation of Code ('Code Injection') vulnerability 4.3 Thunderbird Solaris 11 11/11 SRU 8.5 CVE-2012-0455 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2012-0456 Information Exposure vulnerability 5.0 CVE-2012-0457 Resource Management Errors vulnerability 9.3 CVE-2012-0458 Permissions, Privileges, and Access Controls vulnerability 6.8 CVE-2012-0459 Permissions, Privileges, and Access Controls vulnerability 7.5 CVE-2012-0460 Permissions, Privileges, and Access Controls vulnerability 6.4 CVE-2012-0461 Denial of Service (DoS) vulnerability 7.5 CVE-2012-0462 Denial of Service (DoS) vulnerability 7.5 CVE-2012-0464 Resource Management Errors vulnerability 7.5 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • How to switch from Apache 2.0 Handler to FastCGI on Ubuntu Zend Server?

    - by amoooc
    I can't deploy/manage my Joomla websites On Ubuntu 12.04 Zend Server PHP 5.3.14 due to permissions during Joomla installation/J! extensions installation. All files are unwriteable. Only CHMOD 777 will help but of course it's not resolving the problem due to security issues. I think it's because cgi-fcgi is not shipped with Zend Server (only with Zend Server for Windows) Or maybe there is different solution how to make it work? PHP info on Ubuntu Zend Server Server API: Apache 2.0 Handler PHP Version 5.3.14 Zend Server Community Edition 5.6.0 Server Software Apache/2.2.22 (Ubuntu) Zend Framework 1.12.0 I'm already asked similar question here, but unfortunately without solution yet so Ubuntu Community please advice. I would be grateful for any help. Cheers

    Read the article

  • StreamInsight will not push feature releases through Microsoft Update going forward

    - by Roman Schindlauer
    Until now, we've released StreamInsight through the Microsoft Download Center, and also released it out through Microsoft Update. Going forward, we will only release new StreamInsight versions through the Microsoft Download Center and only use MU to release service packs and security fixes (should any be needed). As a result of this decision, we are pulling off the recent StreamInsight 2.1 release from MU; this release is still available in Download Center. Don’t worry: there’s nothing wrong with the versions we’ve shipped in MU, we’ve just adjusted how we use MU. There is no action necessary from our customers as a result of this change, and we are not rolling back any changes to your current installation, so if you have installed StreamInsight 2.1 recently through the Microsoft Update, they will still work fine. Regards, The StreamInsight Team

    Read the article

  • Are there good replacements for client-side java in web programming? [closed]

    - by varesa
    Now since the latest java exploit, and many others in the past, people are again recommended to get rid of java on their computers for good. I, as a java web applications developer, am think about possible alternatives. Many seem to have gotten rid of java, so I would not like to develop for an environmet, that users do not have on their computers, and that they are not willing to install for security reasons. Are there any other real options that HTML5 + JS? (Don't take me wrong about not wanting HTML5+JS, I just want to know the options)

    Read the article

  • Alternatives to OAuth?

    - by sdolgy
    The Web industry is shifting / has shifted towards using OAuth when extending API services to external consumers & developers. There is some elegance in simple....and well, the 3-step OAuth process isn't too bad ... i just find it is the best of a bad bunch of options. Are there alternatives out there that could be better, and more secure? The security reference is derived from the following URLs: http://www.infoq.com/news/2010/09/oauth2-bad-for-web http://hueniverse.com/2010/09/oauth-2-0-without-signatures-is-bad-for-the-web/

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 336 337 338 339 340 341 342 343 344 345 346 347  | Next Page >