Search Results

Search found 662 results on 27 pages for 'joel avery'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 4/27 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Converting paragraph tags with RegEx

    - by Joel
    I need to replace all <p> tags with <br /> tags within a string. The problem is that the <p> tag can have attributes in it , such as <p align="center"> so I want to delete all occurrences of an opening tag of a paragraph, no matter what attributes are in it, and replace them with <br />. I am using PHP and had no success getting to the right expression with the preg_replace function. Any help would be appreciated! Joel

    Read the article

  • Recognizing the source of Facebook application user

    - by Joel
    Hello, When serving an iframe application in Facebook, is there anyway I can know when a user visits my site through Facebook as an application or if he reached the site directly (typed my domain URL in the browser)? I know I can check if the user has a cookie (named "u") which tells me that the user used facebook to get an access_token. However, if the user visited the application one minute ago and got the access_token cookie, but then typed the URL in the browser, checking for the existence of the cookie will return TRUE, although the visitor arrived to the site directly. Thanks, Joel

    Read the article

  • Why does cpuinfo report that my frequency is slower?

    - by Avery Chan
    My machine is running off of a AMD Sempron(tm) X2 190 Processor. According the marketing copy, it should be running at around 2.5 Ghz. Why is the cpu speed being reported as something lower? Spec description (in Chinese) $ cat /proc/cpuinfo processor : 0 vendor_id : AuthenticAMD cpu family : 16 model : 6 model name : AMD Sempron(tm) X2 190 Processor stepping : 3 microcode : 0x10000c8 cpu MHz : 800.000 cache size : 512 KB physical id : 0 siblings : 2 core id : 0 cpu cores : 2 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 5 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm 3dnowext 3dnow constant_tsc rep_good nopl nonstop_tsc extd_apicid pni monitor cx16 popcnt lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt npt lbrv svm_lock nrip_save bogomips : 5022.89 TLB size : 1024 4K pages clflush size : 64 cache_alignment : 64 address sizes : 48 bits physical, 48 bits virtual power management: ts ttp tm stc 100mhzsteps hwpstate processor : 1 vendor_id : AuthenticAMD cpu family : 16 model : 6 model name : AMD Sempron(tm) X2 190 Processor stepping : 3 microcode : 0x10000c8 cpu MHz : 800.000 cache size : 512 KB physical id : 0 siblings : 2 core id : 1 cpu cores : 2 apicid : 1 initial apicid : 1 fpu : yes fpu_exception : yes cpuid level : 5 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm 3dnowext 3dnow constant_tsc rep_good nopl nonstop_tsc extd_apicid pni monitor cx16 popcnt lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt npt lbrv svm_lock nrip_save bogomips : 5022.82 TLB size : 1024 4K pages clflush size : 64 cache_alignment : 64 address sizes : 48 bits physical, 48 bits virtual power management: ts ttp tm stc 100mhzsteps hwpstate

    Read the article

  • Name one good reason for immediately failing on a SMTP 4xx code

    - by Avery Payne
    I'm really curious about this. The question (highlighed in bold): Can someone name ONE GOOD REASON to have their email server permanently set up to auto-fail/immediate-fail on 4xx codes? Because frankly, it sounds like "their" setups are broken out-of-the-box. SMTP is not Instant Messaging. Stop treating it like IRC or Jabber or MSN or insert-IM-technology-here. I don't know what possesses people to have the "IMMEDIATE DELIVERY OR FAIL" mentality with SMTP setups, but they need to stop doing that. It just plain breaks things. Every two or three years, I stumble into this. Someone, somewhere, has decided in their infinite wisdom that 4xx codes are immediate failures, and suddenly its OMGWTFBBQ THE INTARNETZ ARE BORKEN, HALP SKY IS FALLING instead of "oh, it'll re-attempt delivery in about 30 minutes". It amazes me how it suddenly becomes "my" problem that a message won't go through, because someone else misconfigured "their" SMTP service. IF there is a legitimate reason for having your server permanently set up in this manner, then the first good answer will get the check. IF there is no good reason (and I suspect there isn't), then the first good-sounding-if-still-logically-flawed answer will get the check.

    Read the article

  • Looking for a SECURE Audio Player for Windows

    - by Avery Payne
    I know there are dozens of audio players for windows, but which one has: the best security record (least reported vulnerabilities) the least number of security exploits the best security implementation, along with the reasoning behind the implementaiton (i.e. how it is handled). As Windows users start to see more and more reports of media-based attacks against Windows Media Player (& co.) it would be useful to have a player that has some proactive security approaches to handling exploits.

    Read the article

  • The Server Fault Wiki of recommended practices [migrated]

    - by Avery Payne
    So I've noticed that there are several recommendations on basic practices on Server Fault, but there doesn't seem to be a cohesive view as to how those recommendations would all fit together. So I thought I would lump these together as a kind of mental exercise to see what the "ServerFault Community IT Department" would look like if it were implemented. This would give a few things: it would make a reasonable wiki (in the true wiki spirit of many contributions), it would provide several links to well-vetted practices, and it would be kind of fun to see what the amalgamation would look like. And who knows, it may even point out some interesting issues between different forms of "best practices", although I would be stunned if there was a conflict hidden in there someplace... Add your favorites from Server Fault as answers, and I'll re-edit this section with the results. Here's a few catagories to collect different ideas together. Hardware Configuration(s) Server room configuration. Server room temperature Firmware Updates and Scheduling Storage Configuration(s) Selecting a NAS box Linux: Dealing with /tmp Linux: Install apps in /var or /opt? Network Configuration(s) checking DNS health and compliance Security Practice(s) Password (General) Best Practices Password sharing methods Windows Update Updating Windows Servers that are hosts for VMs Network Service(s) User Service(s) User Naming & Deletion Upgrade Process(es) Disaster Recovery Checking Backups Documenting an outage for a post-mortem review Last Edit: 2010-02-17

    Read the article

  • Why is my vhosts file interfering with my apache deployment?

    - by Avery Chan
    When I enable my vhosts file (i.e. uncomment this line: Include /private/etc/apache2/extra/httpd-vhosts.conf) I am unable to reach localhost. I /am/ able to reach the last virtual host listed in my vhosts file: <VirtualHost *:80> DocumentRoot "/Users/achan/Sites/epwbst" ServerName epwbst </VirtualHost> <VirtualHost *:80> DocumentRoot "/Users/achan/Sites/pxproj" ServerName pxproj </VirtualHost> Typing pxproj in my browser brings up the expected web content. But I am unable to reach epwbst or localhost. If I re-comment the vhost line in my httpd.conf, I am able to reach local host (i.e. "It works!") but obviously am unable to reach my virtual hosts. I don't know how to continue troubleshooting this. Why can't I reach localhost when I've got my vhosts turned on? OS: Mac OS X 10.7 Server version: Apache/2.2.21 (Unix)

    Read the article

  • Vim: How to create autocomplete/chooser from entries in buffer?

    - by Doug Avery
    Found out today that if you press Ctrl-Opt-Cmd-V in Textmate, it produces a cute little "chooser" dialogue in-place that allows you to page through your recent clipboard entries. It looks very similar to how CTRL-P and -N work in VIM, except it shows whole lines instead of simple word objects. It seems like this would be doable in VIM — it already has a buffer full of entries (the YankRing buffer, for example), and it already has a chooser, but I can't think of where I'd look to start putting these two together. Any ideas? (I know that YankRing already does this by opening a new window full of buffer content, but I wonder if there's a way to do it without all the window switching/closing/etc)

    Read the article

  • Can't find synergy config file on Windows

    - by Joel Avery
    New to synergy I connected everything just fine. Both my Windows 7 64bit (server) and 7 32 bit (client) are connected perfectly. However, I can't tell synergy which screen is where because I can't find this config file everyone is talking about. I looked in the root folder of the application, there is no ext/synergy.conf so I went and made one but that isn't working either. Kind of frustrating cause I think its the last step. Anyway any help is much appreciated. I have the newest version from the site but it says version unknown in the application. On Windows it has that cool drag and drop UI to place your screens where you want them but nothing is working for my mouse or keyboard.

    Read the article

  • How do I configure pfsense as an outbound VPN client?

    - by Avery Chan
    We use pfsense as a router/firewall. Because we're based in China, it is useful for us to have VPN access for all our internal clients. Instead of each individual client connecting to a VPN server stateside, I'd like to configure pfsense as a VPN client and have all the network traffic be routed through it. Most of the posts I've seen regarding pfsense and VPN are concerning connecting to the LAN from outside; this is not what I want to do. Another option would be for an SSH tunnel to be initiated on the pfsense box with the LAN traffic routed through it. How do I configure pfsense to be able to do either of these? One huge caveat is that OpenVPN cannot be used. The solution I am looking for needs to use one of the other VPN protocols.

    Read the article

  • Getting an boot error when starting computer

    - by Rob Avery IV
    I was in the middle of watching a movie on Netflix, then suddenly everything started crashing. First, explorer.exe closed down, then Google chrome. I had multiple things running in the background (Steam, Raptr, etc.). Individuality, each of those apps closed down also. When they did, a small dialog box popped up for each of them, one at a time, saying that it was missing a file, it couldn't run anymore, or something similar to that. It also had some jumbled up "code" with numbers and letters that I couldn't read. Ever since then, everytime I turn my computer on, it will run for a few seconds and give this error "Reboot and select proper boot device or insert boot media in selected boot device and press a key_". No matter how many times I try to reboot it, it always gives me the same error. A day later after this happened I was able to start the computer, but before it booted, it told me that I didn't shut down the computer properly and asked how I wanted to run the OS (Run Windows in Safety Mode, Run Windows Normally, etc.). Once I logged, everything went SUPER slow and everything crashed almost instantly. The only thing I opened was Microsoft Security Essentials and only got in about two clicks before it was "Not Responding". Then, after that the whole computer froze and I had to restart it. Now, it's back to saying what it originally said, "Reboot and select proper boot device or insert boot media in selected boot device and press a key_". I built this PC back in February 2012. Here are the specs: OS: Windows 7 Ultimate CPU: AMD 8-core GPU: Nvidia GTX Force 560 Ti RAM: 16GB Hard Drive: Hitachi Deskstar 750GB I'm usually very good taking care of my PC. I don't download anything that's not from a trusted site or source. I don't open up any spam email or such or go to any harmful websites like porn or stream movies. I am very clean with the things I do with my PC and don't do many DIFFERENT things with it. I use it pretty often especially for video games and doing homework in Eclipse. Also, good to note that I don't have any Norton or antisoftware installed. I have Microsoft Security Essentials installed but never did a scan. Thanks!

    Read the article

  • Home Server Restore

    - by Bryan Avery
    I have had to reinstall Home Server on my server and I would now like to restore it back to the state it was the last moment it stopped. I have the hard drive in a state it was last in, which is a small 250 gb hard disk. I have now installed 1.5tb hard disks, and installed a full licenced copy, as the original copy was a trial version. So I'm in a state where I have a new install, I have one of the old drives plugged in, but I can't transfer the old backups across, how do I do this?

    Read the article

  • Home Server Restore

    - by Bryan Avery
    I have had to reinstall Home Server on my server and I would now like to restore it back to the state it was the last moment it stopped. I have the hard drive in a state it was last in, which is a small 250 gb hard disk. I have now installed 1.5tb hard disks, and installed a full licenced copy, as the original copy was a trial version. So I'm in a state where I have a new install, I have one of the old drives plugged in, but I can't transfer the old backups across, how do I do this?

    Read the article

  • What is the largest flatscreen monitor available for PC use?

    - by Avery Payne
    I'll qualify this specifically (by order of preference): must have the highest diagonal measurement, widescreen or "normal" aspect ratio doesn't matter here, just the diagonal. must have the highest resolution available, which means 72 inches of 1280x1024 won't cut it. must not have a TV tuner built into it, I'm not looking for a TV set, this is a monitor! must be available at a retail outlet that caters to the general public, i.e. Best Buy, Sears, Costco (all of these examples are in the U.S., although you can suggest something from whatever chain is in your area/nation/geography). Non-retail or non-physical venues like eBay, or businesses that only cater to other businesses, do not qualify under this requirement. I should be able to walk into this place and purchase it, not just whip up an order online. If you are unsure about this requirement, just ask yourself: can I physically see it before I open my wallet and purchase it?

    Read the article

  • How do I turn of "auto-echo" in bash when I 'cd'?

    - by Avery Chan
    I don't know when this started happening but now, every time I cd to a directory it echoes the path right before it changes directories. This happens when I log into a server but doesn't happen on my local machine. The server is running Linux. My local machine is running Mac OS X. I searched the Google as well as looked at the bash man page but I couldn't find anything. My .bashrc/.bash_profile doesn't have anything related to 'cd' (that I know of). How do I modify this "feature"?

    Read the article

  • Duplicate forwarded messages in Blackberry when using BIS

    - by Avery Payne
    Our Setup External email arrives at a Postfix server, is scanned, and then forwarded via settings in transport (using the RELAY:[{ip-address}] for a given address) to an Exchange 2007 server. Some users are on Exchange, but a few are still on the Postfix server (they will be moved in the near future). IMAPS is provided for external connections via Dovecot; in-house, IMAP is provided for the Gateway and native MAPI is used for Exchange/Outlook. Blackberries are connected via BIS, which uses Dovecot as a reverse-proxy IMAPS service to connect to Exchange (when the mailbox exists on Exchange, otherwise it connects to the mailbox on the gateway). The Issue We have a user that, when they forward an email on their Outlook client, they get a duplicate of the original message on their Blackberry. When I say duplicate, I mean that they have a copy of the forwarded version of the message (i.e. their version of the message that they obtained hitting the forward button), and a copy of the original message that shows up at the same time. The expected behavior is to just see the forwarded message, not the forwarded message and a 2nd copy of the original message. We've only seen this with Outlook users that also have a Blackberry. Other IMAP clients, such as OS X Mail or Thunderbird, do not exhibit this behavior when connecting to the Exchange server; forwarded messages work as expected. The Questions what is causing this to happen? why does it only affect Outlook/Blackberry setups, and not TBird/Blackberry or OSX-Mail/Blackberry? how do we get it to stop, before people go insane and never forward messages again?

    Read the article

  • I don't get object-oriented programming

    - by Joel J. Adamson
    Note: this question is an edited excerpt from a blog posting I wrote a few months ago. After placing a link to the blog in a comment on Programmers.SE someone requested that I post a question here so that they could answer it. This posting is my most popular, as people seem to type "I don't get object-oriented programming" into Google a lot. Feel free to answer here, or in a comment at Wordpress. What is object-oriented programming? No one has given me a satisfactory answer. I feel like you will not get a good definition from someone who goes around saying “object” and “object-oriented” with his nose in the air. Nor will you get a good definition from someone who has done nothing but object-oriented programming. No one who understands both procedural and object-oriented programming has ever given me a consistent idea of what an object-oriented program actually does. Can someone please give me their ideas of the advantages of object-oriented programming?

    Read the article

  • I can't update my system properly, "no package header" error

    - by joel
    Every time I try to run sudo apt-get update or try running updates from the GUI interface I run into the following problem or something similar: Reading package lists... Error! E: Encountered a section with no Package: header E: Problem with MergeList /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_precise_restricted_binary-i386_Packages E: The package lists or status file could not be parsed or opened. I've tried purging using sudo rm -rf <filename> where <filename> is the listed file above, and then running sudo apt-get update to fix it (as listed elsewhere in this forum) and no luck, just keep getting this message. I'm running Ubuntu 12.04 and this is getting really frustrating... I just want a system that runs smoothly and doesn't require it's hand to be held when it comes to updates. Tried the solutions posted below and am still receiving the same errors, sample output: W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise_main_binary-amd64_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise_restricted_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise_universe_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise_multiverse_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_universe_source_Sources Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_restricted_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_universe_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_multiverse_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-backports_universe_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-security_main_source_Sources Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-security_universe_binary-amd64_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-security_main_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-security_universe_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise_main_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_main_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_main_i18n_Translation-en Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_multiverse_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_universe_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-backports_main_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-backports_multiverse_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-backports_universe_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-security_main_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-security_multiverse_i18n_Translation-en%5fCA Encountered a section with no Package: header E: Some index files failed to download. They have been ignored, or old ones used instead.

    Read the article

  • Does a site's bounce rate influence Google rankings?

    - by Joel Spolsky
    Does Google consider bounce rate or something similar in ranking sites? Background: here at Stack Exchange we noticed that the latest Google algorithm changes resulted in about a 20% dip in traffic to Server Fault (and a much smaller dip in traffic to Super User). Stack Overflow traffic was not affected. There was an article on WebProNews which hypothesized that bounce rate might be a ranking signal in Google's latest Panda update. According to Google Analytics, these are our bounce rates over the last month: Site Bounce Rate Avg Time on Site ------------- ----------- ---------------- SuperUser 84.67% 01:16 ServerFault 83.76% 00:53 Stack Overflow 63.63% 04:12 Now, technically, Google has no way to know the bounce rate. If you go to Google, search for something, and click on the first result, Google can't tell the difference between: a user who turns off their computer a user who goes to a completely different web site a user who spends hours clicking around on the website they landed on What Google does know is how long it takes the user to come back to Google and do another search. According to the book In The Plex (page 47), Google distinguishes between what they call "short clicks" and "long clicks": A short click is a search where the user quickly comes back to Google and does another search. Google interprets this as a signal that the first search results were unsatisfactory. A long click is a search where the user doesn't search again for a long time. The book says that Google uses this information internally, to judge the quality of their own algorithms. It also said that short click data in which someone retypes a slight variation of the search is used to fuel the "Did you mean...?" spell checking algorithm. So, my hypothesis is that Google has recently decided to use long click rates as a signal of a high quality site. Does anyone have any evidence of this? Have you seen any high-bounce-rate sites which lost traffic (or vice-versa)?

    Read the article

  • I don't get object-oriented programming

    - by Joel J. Adamson
    Note: this question is an edited excerpt from a blog posting I wrote a few months ago. After placing a link to the blog in a comment on Programmers.SE someone requested that I post a question here so that they could answer it. This posting is my most popular, as people seem to type "I don't get object-oriented programming" into Google a lot. Feel free to answer here, or in a comment at Wordpress. What is object-oriented programming? No one has given me a satisfactory answer. I feel like you will not get a good definition from someone who goes around saying “object” and “object-oriented” with his nose in the air. Nor will you get a good definition from someone who has done nothing but object-oriented programming. No one who understands both procedural and object-oriented programming has ever given me a consistent idea of what an object-oriented program actually does. Can someone please give me their ideas of the advantages of object-oriented programming?

    Read the article

  • Patching and PCI Compliance

    - by Joel Weise
    One of my friends and master of the security universe, Darren Moffat, pointed me to Dan Anderson's blog the other day.  Dan went to Toorcon which is a security conference where he went to a talk on security patching titled, "Stop Patching, for Stronger PCI Compliance".  I realize that often times speakers will use a headline grabbing title to create interest in their talk and this one certainly got my attention.  I did not go to the conference and did not see the presentation, so I can only go by what is in the Toorcon agenda summary and on Dan's blog, but the general statement to stop patching for stronger PCI compliance seems a bit misleading to me.  Clearly patching is important to all systems management and should be a part of any organization's security hygiene.  Further, PCI does require the patching of systems to maintain compliance.  So it's important to mention that organizations should not simply stop patching their systems; and I want to believe that was not the speakers intent. So let's look at PCI requirement 6: "Unscrupulous individuals use security vulnerabilities to gain privileged access to systems. Many of these vulnerabilities are fixed by vendor- provided security patches, which must be installed by the entities that manage the systems. All critical systems must have the most recently released, appropriate software patches to protect against exploitation and compromise of cardholder data by malicious individuals and malicious software." Notice the word "appropriate" in the requirement.  This is stated to give organizations some latitude and apply patches that make sense in their environment and that target the vulnerabilities in question.  Haven't we all seen a vulnerability scanner throw a false positive and flag some module and point to a recommended patch, only to realize that the module doesn't exist on our system?  Applying such a patch would obviously not be appropriate.  This does not mean an organization can ignore the fact they need to apply security patches.  It's pretty clear they must.  Of course, organizations have other options in terms of compliance when it comes to patching.  For example, they could remove a system from scope and make sure that system does not process or contain cardholder data.  [This may or may not be a significant undertaking.  I just wanted to point out that there are always options available.] PCI DSS requirement 6.1 also includes the following note: "Note: An organization may consider applying a risk-based approach to prioritize their patch installations. For example, by prioritizing critical infrastructure (for example, public-facing devices and systems, databases) higher than less-critical internal devices, to ensure high-priority systems and devices are addressed within one month, and addressing less critical devices and systems within three months." Notice there is no mention to stop patching one's systems.  And the note also states organization may apply a risk based approach. [A smart approach but also not mandated].  Such a risk based approach is not intended to remove the requirement to patch one's systems.  It is meant, as stated, to allow one to prioritize their patch installations.   So what does this mean to an organization that must comply with PCI DSS and maintain some sanity around their patch management and overall operational readiness?  I for one like to think that most organizations take a common sense and balanced approach to their business and security posture.  If patching is becoming an unbearable task, review why that is the case and possibly look for means to improve operational efficiencies; but also recognize that security is important to maintaining the availability and integrity of one's systems.  Likewise, whether we like it or not, the cyber-world we live in is getting more complex and threatening - and I dont think it's going to get better any time soon.

    Read the article

  • Git-based storage and publishing, infrastructure advice

    - by Joel Martinez
    I wanted to get some advice on moving a system to "the cloud" ... specifically, I'm looking to move into some of Windows Azure's managed services, as right now I'm managing a VM. Basically, the system operates on some data stored in a github git repository. I'll describe the current architecture: Current system (all hosted on a single server): GitHub - configured with a webhook pointing at ... ASP.NET MVC application - to accept the webhook from git. It pushes a message onto ... Azure service bus Queue - which is drained by ... Windows Service - pulls the message from the queue and ... Fetches the latest data from the git repository (using GitLib2Sharp) onto the local disk and finally ... Operates on the data in git to produce a static HTML website hosted/served by IIS. The system works really well, actually ... but I would like to get out of the business of managing the VM, and move to using some combination of Azure web and worker roles. But because the system relies so heavily on the git repository on the local filesystem, I'm finding it difficult to figure out how to architect in the cloud. I know you can get file system access, so in theory I could just fetch the repository if there's nothing on disk ... but the performance/responsiveness of the system sort of depends on the repository being available and only having to fetch diffs, which is relatively quick. As opposed to periodically having to fetch the entire (somewhat large) git repository if the web or worker role was recycled, or something. So I would love some advice on how you would architect such a system :) Ultimately, the only real requirement is to be able to serve HTML content that's been produced from the contents of a git repository (in a relatively responsive manner, from a publishing perspective) ... please feel free to ask any clarifying questions if there's something I omitted. Thanks!

    Read the article

  • Issues running commands

    - by Joel
    Every time I run a command I get this back. E: Could not open lock file /var/lib/apt/lists/lock - open (13: Permission denied) E: Unable to lock directory /var/lib/apt/lists/ E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied) E: Unable to lock the administration directory (/var/lib/dpkg/), are you root? christopher@christopher:~$ This didn't start happening until I changed my device name.

    Read the article

  • Why do programmers seem to be such bad spellers?

    - by Joel Etherton
    Programming languages are very precise tools based on explicit grammars. They're very picky, and when being used they require an exacting amount of detail. C#, for instance, is case sensitive so even getting the case of an argument wrong will cause an error. Questions asked all over the StackExchange are replete with misspellings, grammatical errors, and other problems that seem to indicate a lack of attention to detail when it comes to the language itself. Now, I understand there are a lot of programmers out there whose native language is not English, and I am not directing this question (rant one might say) at them. I'm referring to the individuals who are clearly from an English speaking background who refuse to pay attention to these simple details. I am not perfect by any means, but I try to use the language correctly so that my meaning will be understood correctly. I find programmers misspelling variable names, classes, and all manner of words in any kind of technical documentation they might write. I have had to withstand code where I am repeatedly referring to the subit[sic] button or HttpWebResponse reponse. The general complaint about bad spelling is one thing, and it will always be there. I accept that. But my question/comment is about the proclivity of bad spelling within the programming community. I would think that people who deal with such exacting tools to be more naturally predisposed towards proper spelling. Yet this doesn't seem to be the case.

    Read the article

  • Buy vs. Build - FTP Service

    - by Joel Martinez
    We have a need to FTP files that are generated by our system, so we're trying to decide whether we should spend the time to build something that meets our criteria (relatively easy, .NET has FTP functionality built in, among other more advanced libs from 3rd parties). Or if we should buy something off the shelf. Our requirements are roughly: Must be able to trigger a file send programmatically Needs to retry N number of times (configurable) Queryable status of FTP requests Callback on completion or fail of an FTP request I don't need to be sold on the relative simplicity of building something like that for myself. However I do want to do the due diligence of seeing what products are available ... because if something does exist that matches the requirements above, I wouldn't mind paying for it :-) Any thoughts or links would be greatly appreciated. Thanks!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >