Search Results

Search found 41499 results on 1660 pages for 'information display'.

Page 138/1660 | < Previous Page | 134 135 136 137 138 139 140 141 142 143 144 145  | Next Page >

• Why is XML Deserilzation not throwing exceptions when it should.

  - by chobo2

  Hi Here is some dummy xml and dummy xml schema I made. schema <?xml version="1.0" encoding="utf-8"?> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.domain.com" xmlns="http://www.domain.com" elementFormDefault="qualified"> <xs:element name="vehicles"> <xs:complexType> <xs:sequence> <xs:element name="owner" minOccurs="1" maxOccurs="1"> <xs:simpleType> <xs:restriction base="xs:string"> <xs:minLength value="2" /> <xs:maxLength value="8" /> </xs:restriction> </xs:simpleType> </xs:element> <xs:element name="Car" minOccurs="1" maxOccurs="1"> <xs:complexType> <xs:sequence> <xs:element name="Information" type="CarInfo" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="Truck"> <xs:complexType> <xs:sequence> <xs:element name="Information" type="CarInfo" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="SUV"> <xs:complexType> <xs:sequence> <xs:element name="Information" type="CarInfo" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:complexType name="CarInfo"> <xs:sequence> <xs:element name="CarName"> <xs:simpleType> <xs:restriction base="xs:string"> <xs:minLength value="1"/> <xs:maxLength value="50"/> </xs:restriction> </xs:simpleType> </xs:element> <xs:element name="CarPassword"> <xs:simpleType> <xs:restriction base="xs:string"> <xs:minLength value="6"/> <xs:maxLength value="50"/> </xs:restriction> </xs:simpleType> </xs:element> <xs:element name="CarEmail"> <xs:simpleType> <xs:restriction base="xs:string"> <xs:pattern value="\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*"/> </xs:restriction> </xs:simpleType> </xs:element> </xs:sequence> </xs:complexType> </xs:schema> xml sample <?xml version="1.0" encoding="utf-8" ?> <vehicles> <owner>Car</owner> <Car> <Information> <CarName>Bob</CarName> <CarPassword>123456</CarPassword> <CarEmail>[email protected]</CarEmail> </Information> <Information> <CarName>Bob2</CarName> <CarPassword>123456</CarPassword> <CarEmail>[email protected]</CarEmail> </Information> </Car> <Truck> <Information> <CarName>Jim</CarName> <CarPassword>123456</CarPassword> <CarEmail>[email protected]</CarEmail> </Information> <Information> <CarName>Jim2</CarName> <CarPassword>123456</CarPassword> <CarEmail>[email protected]</CarEmail> </Information> </Truck> <SUV> <Information> <CarName>Jane</CarName> <CarPassword>123456</CarPassword> <CarEmail>[email protected]</CarEmail> </Information> <Information> <CarName>Jane</CarName> <CarPassword>123456</CarPassword> <CarEmail>[email protected]</CarEmail> </Information> </SUV> </vehicles> Serialization Class using System; using System.Collections.Generic; using System.Xml; using System.Xml.Serialization; [XmlRoot("vehicles")] public class MyClass { public MyClass() { Cars = new List<Information>(); Trucks = new List<Information>(); SUVs = new List<Information>(); } [XmlElement(ElementName = "owner")] public string Owner { get; set; } [XmlElement("Car")] public List<Information> Cars { get; set; } [XmlElement("Truck")] public List<Information> Trucks { get; set; } [XmlElement("SUV")] public List<Information> SUVs { get; set; } } public class CarInfo { public CarInfo() { Info = new List<Information>(); } [XmlElement("Information")] public List<Information> Info { get; set; } } public class Information { [XmlElement(ElementName = "CarName")] public string CarName { get; set; } [XmlElement("CarPassword")] public string CarPassword { get; set; } [XmlElement("CarEmail")] public string CarEmail { get; set; } } Now I think this should all validate. If not assume it is write as my real file does work and this is what this dummy one is based off. Now my problem is this. I want to enforce as much as I can from my schema. Such as the "owner" tag must be the first element and should show up one time and only one time ( minOccurs="1" maxOccurs="1"). Right now I can remove the owner element from my dummy xml file and deseriliaze it and it will go on it's happy way and convert it to object and will just put that property as null. I don't want that I want it to throw an exception or something saying this does match what was expected. I don't want to have to validate things like that once deserialized. Same goes for the <car></car> tag I want that to appear always even if there is no information yet I can remove that too and it will be happy with that. So what tags do I have to add to make my serialization class know that these things are required and if they are not found throw an exception.

  Read the article

• Is there a way to make vim display "virtual characters" before/after regular patterns in the buffer?

  - by Laurence Gonsalves

  Vim has list and listchars options that make vim display "virtual characters" (by which I mean characters that aren't actually in the buffer) in certain situations. For example, you can make trailing spaces look like something else, or add a visible character to represent the newline character. I'd like to be able to enable the display of certain characters either before or after certain regular patterns ((perhaps syntax items). Sort of like syntax highlighting, but instead of just changing the color/styling of characters that are in the buffer, I'd like to display extra characters that aren't in the buffer. For example, I'd like to display a virtual : (colon) after all occurrences of the word "where" that appear at the end of a line. Is this possible, and if so, what is the necessary vimscript to do it?

  Read the article

• How to display default text "--Select Team --" in combo box on pageload in WPF?

  - by Aditya

  Hi, In a WPF app, in MVP app I have a combo box,for which I display the data fetched from Database. Before the items added to the Combo box, I want to display the default text such as " -- Select Team --" , so that on pageload it displays and on selecting it the text should be cleared and the items should be displayed. Selecting data from DB is happening. I need to display the default text until the user selects an item from combo box. Please guide me Thanks Ramm

  Read the article

• Why can't my program display this dialog box, while another program can?

  - by nonoitall

  I'm trying to write a wrapper for Winamp input plugins and have hit a bit of a snag. I'd like my wrapper to be able to display a plugin's configuration dialog, which is (or should be) achieved by calling the plugin's Config(HWND hwndParent) function. For most plugins, this works fine and my program is able to display the plugin's configuration dialog. However, 64th Note (a plugin for playing USF files) is giving me problems. Winamp can display its configuration dialog just fine, but whenever I try to display it from my wrapper, the dialog gets destroyed before it ever shows itself. Thankfully, 64th Note is open source, so I took a look at its innards to try and get an idea of what's going wrong. I've trimmed off the irrelevant bits and am left with this: Config function in the plugin (should show configuration dialog): void Config(HWND hwndParent) { DialogBox(slave, (const char *) IDD_CONFIG_WINDOW, NULL, configDlgProc); } (Slave is the plugin DLL's HINSTANCE handle.) The proc for the dialog is as follows (I have stripped out all the functionality, since it doesn't appear to have an influence on this problem): BOOL CALLBACK configDlgProc(HWND hDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) { return 0; } The template for IDD_CONFIG_WINDOW is as follows: IDD_CONFIG_WINDOW DIALOGEX 0, 0, 269, 149 STYLE DS_SETFONT | DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU CAPTION "64th Note configuration" FONT 8, "MS Sans Serif", 0, 0, 0x0 BEGIN DEFPUSHBUTTON "OK",IDOK,212,38,50,14 CONTROL "Play Forever",IDC_NOLENGTH,"Button",BS_AUTORADIOBUTTON,7,7,55,8 CONTROL "Always Use Default Length",IDC_SETLEN,"Button",BS_AUTORADIOBUTTON,7,17,101,8 CONTROL "Default Length",IDC_DEFLEN,"Button",BS_AUTORADIOBUTTON,7,29,63,8 EDITTEXT IDC_DEFLENVAL,71,28,38,12,ES_AUTOHSCROLL EDITTEXT IDC_DEFFADEVAL,71,42,38,12,ES_AUTOHSCROLL CONTROL "Detect Silence",IDC_DETSIL,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,7,56,63,8 EDITTEXT IDC_DETSILVAL,71,56,38,12,ES_AUTOHSCROLL CONTROL "Slider2",IDC_PRISLIDER,"msctls_trackbar32",TBS_AUTOTICKS | WS_TABSTOP,74,90,108,11 EDITTEXT IDC_TITLEFMT,7,127,255,15,ES_AUTOHSCROLL CONTROL "Default to file name on missing field",IDC_FNONMISSINGTAG, "Button",BS_AUTOCHECKBOX | WS_TABSTOP,50,114,124,8 CONTROL "Use Recompiler CPU",IDC_RECOMPILER,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,145,7,83,8 CONTROL "Round Frequency",IDC_ROUNDFREQ,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,145,16,73,8 CONTROL "Seek Backwards",IDC_BACKWARDS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,145,26,70,8 CONTROL "Fast Seek",IDC_FASTSEEK,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,145,35,48,8 CONTROL "RSP Sections",IDC_SECTIONS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,145,45,60,8 CONTROL "Soft Amplify",IDC_SOFTAMP,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,145,54,53,8 CONTROL "Audio HLE",IDC_AUDIOHLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,145,63,50,8 CONTROL "Auto Audio HLE",IDC_AUTOAUDIOHLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,145,72,64,8 CONTROL "Display Errors",IDC_DISPERROR,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,145,81,58,8 EDITTEXT IDC_RELVOL,211,104,28,12,ES_AUTOHSCROLL PUSHBUTTON "Cancel",IDCANCEL,212,54,50,14 PUSHBUTTON "Help",IDHELPBUTTON,212,71,50,14 LTEXT "Title format:",IDC_STATIC,7,113,38,8 LTEXT "seconds",IDC_STATIC,112,29,28,8 LTEXT "Default Fade",IDC_STATIC,19,43,42,8 LTEXT "seconds",IDC_STATIC,112,43,28,8 LTEXT "seconds",IDC_STATIC,112,57,28,8 CTEXT "CPU Thread Priority",IDC_STATIC,7,91,63,8 CTEXT "Look ma, I'm data!",IDC_CPUPRI,75,104,108,8 LTEXT "Relative Volume",IDC_STATIC,199,94,52,8 LTEXT "Fade Type",IDC_STATIC,7,75,35,8 COMBOBOX IDC_FADETYPE,45,72,87,74,CBS_DROPDOWNLIST | WS_TABSTOP END Naturally, without any substance in the proc function, the dialog doesn't have any functionality, but it still displays in Winamp when the Config function is invoked. However, it does not appear when I invoke it from my wrapper program. When I monitored the messages sent to the dialog in its proc function, I saw that WM_DESTROY and WM_NCDESTROY were sent within the first few messages, though I have no clue as to why. If I change the Config function so that it displays the plugin's About dialog instead of its configuration dialog, both Winamp and my wrapper will display the About dialog, which suggests that there is something unique to the configuration dialog template that's causing the problem. The modified Config function reads like so: void Config(HWND hwndParent) { DialogBox(slave, (const char *) IDD_ABOUTBOX, NULL, configDlgProc); } The template for the About dialog is as follows: IDD_ABOUTBOX DIALOGEX 0, 0, 152, 151 STYLE DS_SETFONT | DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU CAPTION "About 64th Note" FONT 8, "MS Sans Serif", 0, 0, 0x1 BEGIN LTEXT "64th Note v1.2 beta 3\nBased on Project 64 1.6 by Zilmar and Jabo\nAudio HLE by Azimer\nPSF concept and tagging by Neill Corlett\nPlayer by hcs, Josh W, dr0\nhttp://hcs64.com/usf",IDC_STATIC,7,94,138,50 CONTROL 110,IDC_STATIC,"Static",SS_BITMAP,26,7,95,86,WS_EX_DLGMODALFRAME END Like I said, my wrapper displays the About dialog just fine, as does Winamp. Why can Winamp display the Config dialog, while my wrapper cannot?

  Read the article

• Is there a way to designate that an app opens on a specific display in OsX?

  - by Dr.Dredel

  I need my application to launch in a specific display (assuming there's more than one display) and go to full screen. The app itself is a Flash app, but I can write a native executable for the mac to launch it, I just don't know how to dictate which display it opens in. This is a fairly simple thing to do in Windows, I was hoping there's a mac analog.

  Read the article

• Wordpress display specific sub category of a parent category.

  - by Pennf0lio

  So here's the scenario, I'm building a theme that would display sub category of a parent post for Food: [Food] -Hotdog -Eggs -Fries for Toys: [Toys] -Doll -Car -Drums for People: [People] -Mom -Dad -Uncle now I don't want to display their parent category, just their subcategory (eg Doll, Car, Drums). I've looked list_cats() and wp_list_categories() but I can't figure out how to display it right. Thanks!

  Read the article

• Mac OS X: Best way to do runtime check for retina display?

  - by Todd Ditchendorf

  Given a Cocoa application which runs on Mac OS X 10.7 and later: What is the best way to check, at runtime, if your app is currently running on a Mac with at least one retina display attached? If checking for this sort of thing is just really wrong-headed, I fully welcome a well-reasoned explanation of why. But I'd still like to know :). It seems likely you could just do a check specifically for the new Mac Book Pro "Retina" hardware (the only Mac at this time which currently has a retina display), but ideally, I'd really prefer a more general/generic/future-proof way to check than this. Ideally, I'd like to know how to detect the retina display, not the specific Mac model which currently happens to ship with a retina display.

  Read the article

• Does waitpid yield valid status information for a child process that has already exited?

  - by dtrebbien

  If I fork a child process, and the child process exits before the parent even calls waitpid, then is the exit status information that is set by waitpid still valid? If so, when does it become not valid; i.e., how do I ensure that I can call waitpid on the child pid and continue to get valid exit status information after an arbitrary amount of time, and how do I "clean up" (tell the OS that I am no longer interested in the exit status information for the finished child process)? I was playing around with the following code, and it appears that the exit status information is valid for at least a few seconds after the child finishes, but I do not know for how long or how to inform the OS that I won't be calling waitpid again: #include <assert.h> #include <pthread.h> #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <sys/wait.h> int main() { pid_t pid = fork(); if (pid < 0) { fprintf(stderr, "Failed to fork\n"); return EXIT_FAILURE; } else if (pid == 0) { // code for child process _exit(17); } else { // code for parent sleep(3); int status; waitpid(pid, &status, 0); waitpid(pid, &status, 0); // call `waitpid` again just to see if the first call had an effect assert(WIFEXITED(status)); assert(WEXITSTATUS(status) == 17); } return EXIT_SUCCESS; }

  Read the article

• How to use javascript to get information from the content of another page (same domain)?

  - by hlovdal

  Let's say I have a web page (/index.html) that contains the following <li> <div>item1</div> <a href="/details/item1.html">details</a> </li> and I would like to have some javascript on /index.html to load that /details/item1.html page and extract some information from that page. The page /details/item1.html might contain things like <div id="some_id"> <a href="/images/item1_picture.png">picture</a> <a href="/images/item1_map.png">map</a> </div> My task is to write a greasemonkey script, so changing anything serverside is not an option. To summarize, javascript is running on /index.html and I would like to have the javascript code to add some information on /index.html extracted from both /index.html and /details/item1.html. My question is how to fetch information from /details/item1.html. I currently have written code to extract the link (e.g. /details/item1.html) and pass this on to a method that should extract the wanted information (at first just .innerHTML from the some_id div is ok, I can process futher later). The following is my current attempt, but it does not work. Any suggestions? function get_information(link) { var obj = document.createElement('object'); obj.data = link; document.getElementsByTagName('body')[0].appendChild(obj) var some_id = document.getElementById('some_id'); if (! some_id) { alert("some_id == NULL"); return ""; } return some_id.innerHTML; }

  Read the article

• To display the images in mobile devices is it necessary that the images should resides on device in

  - by Shailesh Jaiswal

  I am devloping smart device application in C#. In this application I have some images in my application which I used to dispay on emulator from my application. To display the images on emulator I need to create the one folder of images which resides on the emulator. Only after that I am able to display the images in emulator. I am able to create the folder in emulator by using File-Configure-General-Shared Folder. For sharing the folder I am giving the path of the folder which contains the images. Once I share the folder the folder of images which resides in my application will get copied in emulator with the name "Storage Card". Now I need to use the path as Bitmap bmp=new Bitmap(@"/Storage Card/ImageName.jpg"); Now I am able to display the images in emulator. Can we display the images in the emulator without any image folder which resides on emultor (so that we dont need to place the image folder in emulator as in the above case by sharing the folder) ? If the answere is no then to run the application on different mobile devices we need to place the folder which contains the images on different mobile devices. Isnt it? If the answere is yes then how we can display the images on different mobile device from our application without placing any folder of images on mobile devices?

  Read the article

• How to store and collect data for mining such information as most viewed for last 24 hours, last 7 d

  - by Kirzilla

  Hello, Let's imagine that we have high traffic project (a tube site) which should provide sorting using this options (NOT IN REAL TIME). Number of videos is about 200K and all information about videos is stored in MySQL. Number of daily video views is about 1.5KK. As instruments we have Hard Disk Drive (text files), MySQL, Redis. Views top viewed top viewed last 24 hours top viewed last 7 days top viewed last 30 days top rated last 365 days How should I store such information? The first idea is to log all visits to text files (single file per hour, for example visits_20080101_00.log). At the beginning of each hour calculate views per video for previous hour and insert this information into MySQL. Then recalculate totals (for last 24 hours) and update statistics in tables. At the beginning of every day we have to do the same but recalculate for last 7 days, last 30 days, last 365 days. This method seems to be very poor for me because we have to store information about last 365 days for each video to make correct calculations. Is there any other good methods? Probably, we have to choose another instruments for this? Thank you.

  Read the article

• In CSS, does it make sense or is it legal to nest an id in another id -- such as "#main #display img

  - by Jian Lin

  In CSS, if it is #main #display img { height: 80px } that means all images within an element with id display that is within another element with id main. But does it make sense or is it legal since id seems to be just global names. It is because SASS actually allow nesting and some code may nest it like #main width: 700px #display img height: 80px which is "id within id".

  Read the article

• how can i display the list data to an jtable in the swings!

  - by harish0510

  we are doing hibernate project,then problem is we want to display the users list from the database to userinterface by jtable concept. so, we are not able to display the data using jtable? code: Criteria criteria=session.createCriteria(User.class);//user is pojo class List studentlist= criteria.list(); System.out.println("records"+studentlist);// we want to display the list data to jtable.

  Read the article

• Pain Comes Instantly

  - by user701213

  When I look back at recent blog entries – many of which are not all that current (more on where my available writing time is going later) – I am struck by how many of them focus on public policy or legislative issues instead of, say, the latest nefarious cyberattack or exploit (or everyone’s favorite new pastime: coining terms for the Coming Cyberpocalypse: “digital Pearl Harbor” is so 1941). Speaking of which, I personally hope evil hackers from Malefactoria will someday hack into my bathroom scale – which in a future time will be connected to the Internet because, gosh, wouldn’t it be great to have absolutely everything in your life Internet-enabled? – and recalibrate it so I’m 10 pounds thinner. The horror. In part, my focus on public policy is due to an admitted limitation of my skill set. I enjoy reading technical articles about exploits and cybersecurity trends, but writing a blog entry on those topics would take more research than I have time for and, quite honestly, doesn’t play to my strengths. The first rule of writing is “write what you know.” The bigger contributing factor to my recent paucity of blog entries is that more and more of my waking hours are spent engaging in “thrust and parry” activity involving emerging regulations of some sort or other. I’ve opined in earlier blogs about what constitutes good and reasonable public policy so nobody can accuse me of being reflexively anti-regulation. That said, you have so many cycles in the day, and most of us would rather spend it slaying actual dragons than participating in focus groups on whether dragons are really a problem, whether lassoing them (with organic, sustainable and recyclable lassos) is preferable to slaying them – after all, dragons are people, too - and whether we need lasso compliance auditors to make sure lassos are being used correctly and humanely. (A point that seems to evade many rule makers: slaying dragons actually accomplishes something, whereas talking about “approved dragon slaying procedures and requirements” wastes the time of those who are competent to dispatch actual dragons and who were doing so very well without the input of “dragon-slaying theorists.”) Unfortunately for so many of us who would just get on with doing our day jobs, cybersecurity is rapidly devolving into the “focus groups on dragon dispatching” realm, which actual dragons slayers have little choice but to participate in. The general trend in cybersecurity is that powers-that-be – which encompasses groups other than just legislators – are often increasingly concerned and therefore feel they need to Do Something About Cybersecurity. Many seem to believe that if only we had the right amount of regulation and oversight, there would be no data breaches: a breach simply must mean Someone Is At Fault and Needs Supervision. (Leaving aside the fact that we have lots of home invasions despite a) guard dogs b) liberal carry permits c) alarm systems d) etc.) Also note that many well-managed and security-aware organizations, like the US Department of Defense, still get hacked. More specifically, many powers-that-be feel they must direct industry in a multiplicity of ways, up to and including how we actually build and deploy information technology systems. The more prescriptive the requirement, the more regulators or overseers a) can be seen to be doing something b) feel as if they are doing something regardless of whether they are actually doing something useful or cost effective. Note: an unfortunate concomitant of Doing Something is that often the cure is worse than the ailment. That is, doing what overseers want creates unfortunate byproducts that they either didn’t foresee or worse, don’t care about. After all, the logic goes, we Did Something. Prescriptive practice in the IT industry is problematic for a number of reasons. For a start, prescriptive guidance is really only appropriate if: • It is cost effective• It is “current” (meaning, the guidance doesn’t require the use of the technical equivalent of buggy whips long after horse-drawn transportation has become passé)*• It is practical (that is, pragmatic, proven and effective in the real world, not theoretical and unproven)• It solves the right problem With the above in mind, heading up the list of “you must be joking” regulations are recent disturbing developments in the Payment Card Industry (PCI) world. I’d like to give PCI kahunas the benefit of the doubt about their intentions, except that efforts by Oracle among others to make them aware of “unfortunate side effects of your requirements” – which is as tactful I can be for reasons that I believe will become obvious below - have gone, to-date, unanswered and more importantly, unchanged. A little background on PCI before I get too wound up. In 2008, the Payment Card Industry (PCI) Security Standards Council (SSC) introduced the Payment Application Data Security Standard (PA-DSS). That standard requires vendors of payment applications to ensure that their products implement specific requirements and undergo security assessment procedures. In order to have an application listed as a Validated Payment Application (VPA) and available for use by merchants, software vendors are required to execute the PCI Payment Application Vendor Release Agreement (VRA). (Are you still with me through all the acronyms?) Beginning in August 2010, the VRA imposed new obligations on vendors that are extraordinary and extraordinarily bad, short-sighted and unworkable. Specifically, PCI requires vendors to disclose (dare we say “tell all?”) to PCI any known security vulnerabilities and associated security breaches involving VPAs. ASAP. Think about the impact of that. PCI is asking a vendor to disclose to them: • Specific details of security vulnerabilities • Including exploit information or technical details of the vulnerability • Whether or not there is any mitigation available (as in a patch) PCI, in turn, has the right to blab about any and all of the above – specifically, to distribute all the gory details of what is disclosed - to the PCI SSC, qualified security assessors (QSAs), and any affiliate or agent or adviser of those entities, who are in turn permitted to share it with their respective affiliates, agents, employees, contractors, merchants, processors, service providers and other business partners. This assorted crew can’t be more than, oh, hundreds of thousands of entities. Does anybody believe that several hundred thousand people can keep a secret? Or that several hundred thousand people are all equally trustworthy? Or that not one of the people getting all that information would blab vulnerability details to a bad guy, even by accident? Or be a bad guy who uses the information to break into systems? (Wait, was that the Easter Bunny that just hopped by? Bringing world peace, no doubt.) Sarcasm aside, common sense tells us that telling lots of people a secret is guaranteed to “unsecret” the secret. Notably, being provided details of a vulnerability (without a patch) is of little or no use to companies running the affected application. Few users have the technological sophistication to create a workaround, and even if they do, most workarounds break some other functionality in the application or surrounding environment. Also, given the differences among corporate implementations of any application, it is highly unlikely that a single workaround is going to work for all corporate users. So until a patch is developed by the vendor, users remain at risk of exploit: even more so if the details of vulnerability have been widely shared. Sharing that information widely before a patch is available therefore does not help users, and instead helps only those wanting to exploit known security bugs. There’s a shocker for you. Furthermore, we already know that insider information about security vulnerabilities inevitably leaks, which is why most vendors closely hold such information and limit dissemination until a patch is available (and frequently limit dissemination of technical details even with the release of a patch). That’s the industry norm, not that PCI seems to realize or acknowledge that. Why would anybody release a bunch of highly technical exploit information to a cast of thousands, whose only “vetting” is that they are members of a PCI consortium? Oracle has had personal experience with this problem, which is one reason why information on security vulnerabilities at Oracle is “need to know” (we use our own row level access control to limit access to security bugs in our bug database, and thus less than 1% of development has access to this information), and we don’t provide some customers with more information than others or with vulnerability information and/or patches earlier than others. Failure to remember “insider information always leaks” creates problems in the general case, and has created problems for us specifically. A number of years ago, one of the UK intelligence agencies had information about a non-public security vulnerability in an Oracle product that they circulated among other UK and Commonwealth defense and intelligence entities. Nobody, it should be pointed out, bothered to report the problem to Oracle, even though only Oracle could produce a patch. The vulnerability was finally reported to Oracle by (drum roll) a US-based commercial company, to whom the information had leaked. (Note: every time I tell this story, the MI-whatever agency that created the problem gets a bit shirty with us. I know they meant well and have improved their vulnerability handling/sharing processes but, dudes, next time you find an Oracle vulnerability, try reporting it to us first before blabbing to lots of people who can’t actually fix the problem. Thank you!) Getting back to PCI: clearly, these new disclosure obligations increase the risk of exploitation of a vulnerability in a VPA and thus, of misappropriation of payment card data and customer information that a VPA processes, stores or transmits. It stands to reason that VRA’s current requirement for the widespread distribution of security vulnerability exploit details -- at any time, but particularly before a vendor can issue a patch or a workaround -- is very poor public policy. It effectively publicizes information of great value to potential attackers while not providing compensating benefits - actually, any benefits - to payment card merchants or consumers. In fact, it magnifies the risk to payment card merchants and consumers. The risk is most prominent in the time before a patch has been released, since customers often have little option but to continue using an application or system despite the risks. However, the risk is not limited to the time before a patch is issued: customers often need days, or weeks, to apply patches to systems, based upon the complexity of the issue and dependence on surrounding programs. Rather than decreasing the available window of exploit, this requirement increases the available window of exploit, both as to time available to exploit a vulnerability and the ease with which it can be exploited. Also, why would hackers focus on finding new vulnerabilities to exploit if they can get “EZHack” handed to them in such a manner: a) a vulnerability b) in a payment application c) with exploit code: the “Hacking Trifecta!“ It’s fair to say that this is probably the exact opposite of what PCI – or any of us – would want. Established industry practice concerning vulnerability handling avoids the risks created by the VRA’s vulnerability disclosure requirements. Specifically, the norm is not to release information about a security bug until the associated patch (or a pretty darn good workaround) has been issued. Once a patch is available, the notice to the user community is a high-level communication discussing the product at issue, the level of risk associated with the vulnerability, and how to apply the patch. The notices do not include either the specific customers affected by the vulnerability or forensic reports with maps of the exploit (both of which are required by the current VRA). In this way, customers have the tools they need to prioritize patching and to help prevent an attack, and the information released does not increase the risk of exploit. Furthermore, many vendors already use industry standards for vulnerability description: Common Vulnerability Enumeration (CVE) and Common Vulnerability Scoring System (CVSS). CVE helps ensure that customers know which particular issues a patch addresses and CVSS helps customers determine how severe a vulnerability is on a relative scale. Industry already provides the tools customers need to know what the patch contains and how bad the problem is that the patch remediates. So, what’s a poor vendor to do? Oracle is reaching out to other vendors subject to PCI and attempting to enlist then in a broad effort to engage PCI in rethinking (that is, eradicating) these requirements. I would therefore urge all who care about this issue, but especially those in the vendor community whose applications are subject to PCI and who may not have know they were being asked to tell-all to PCI and put their customers at risk, to do one of the following: • Contact PCI with your concerns• Contact Oracle (we are looking for vendors to sign our statement of concern)• And make sure you tell your customers that you have to rat them out to PCI if there is a breach involving the payment application I like to be charitable and say “PCI meant well” but in as important a public policy issue as what you disclose about vulnerabilities, to whom and when, meaning well isn’t enough. We need to do well. PCI, as regards this particular issue, has not done well, and has compounded the error by thus far being nonresponsive to those of us who have labored mightily to try to explain why they might want to rethink telling the entire planet about security problems with no solutions. By Way of Explanation… Non-related to PCI whatsoever, and the explanation for why I have not been blogging a lot recently, I have been working on Other Writing Venues with my sister Diane (who has also worked in the tech sector, inflicting upgrades on unsuspecting and largely ungrateful end users). I am pleased to note that we have recently (self-)published the first in the Miss Information Technology Murder Mystery series, Outsourcing Murder. The genre might best be described as “chick lit meets geek scene.” Our sisterly nom de plume is Maddi Davidson and (shameless plug follows): you can order the paper version of the book on Amazon, or the Kindle or Nook versions on www.amazon.com or www.bn.com, respectively. From our book jacket: Emma Jones, a 20-something IT consultant, is working on an outsourcing project at Tahiti Tacos, a restaurant chain offering Polynexican cuisine: refried poi, anyone? Emma despises her boss Padmanabh, a brilliant but arrogant partner in GD Consulting. When Emma discovers His-Royal-Padness’s body (verdict: death by cricket bat), she becomes a suspect.With her overprotective family and her best friend Stacey providing endless support and advice, Emma stumbles her way through an investigation of Padmanabh’s murder, bolstered by fusion food feeding frenzies, endless cups of frou-frou coffee and serious surfing sessions. While Stacey knows a PI who owes her a favor, landlady Magda urges Emma to tart up her underwear drawer before the next cute cop with a search warrant arrives. Emma’s mother offers to fix her up with a PhD student at Berkeley and showers her with self-defense gizmos while her old lover Keoni beckons from Hawai’i. And everyone, even Shaun the barista, knows a good lawyer. Book 2, Denial of Service, is coming out this summer. * Given the rate of change in technology, today’s “thou shalts” are easily next year’s “buggy whip guidance.”

  Read the article

• Make a lives display in HUD, Flash AS3 (not text!)

  - by user40404

  I've been searching the internet all day and I can't find the answer I'm looking for. In my HUD I want to use orange dots to represent lives. The user starts off with 5 lives and every time they die, I want a dot to be removed. Pretty straight forward. So far my idea is to make a movie clip that has the five dots in a line. There would be 5 frames on the timeline (because after the last life it goes to a game over screen right away). I would have a variable set up to store the number of lives and a function to keep track of lives. So every hit of an obstacle would result in livesCounter--;. Then I would set up something like this: switch(livesCounter){ case 5: livesDisplay.gotoAndPlay(1); break; case 4: livesDisplay.gotoAndPlay(2); break; case 3: livesDisplay.gotoAndPlay(3); break; case 2: livesDisplay.gotoAndPlay(4); break; case 1: livesDisplay.gotoAndPlay(5); break; } I feel like there has to be an easier way to do this where I could just have a movie clip of a single orange dot that I could replicate across an x value based on the number of lives. Maybe the dots would be stored in an array? When the user loses a life, a dot on the right end of the line is removed. So in the end the counter would look like this: * * * * * * * * * * * * * * * (last life lost results in the end game screen) EDIT: code based on suggestions by Zhafur and Arthur Wolf White package { import flash.display.MovieClip; import flash.events.*; import flash.ui.Multitouch; import flash.ui.MultitouchInputMode; import flash.display.Sprite; import flash.text.*; import flash.utils.getTimer; public class CollisionMouse extends MovieClip{ public var mySprite:Sprite = new Sprite(); Multitouch.inputMode = MultitouchInputMode.TOUCH_POINT; public var replacement:newSprite = new newSprite; public var score:int = 0; public var obstScore:int = -50; public var targetScore:int = 200; public var startTime:uint = 0; public var gameTime:uint; public var pauseScreen:PauseScreen = new PauseScreen(); public var hitTarget:Boolean = false; public var hitObj:Boolean = false; public var currLevel:Number = 1; public var heroLives:int = 5; public var life:Sprite; public function CollisionMouse() { mySprite.graphics.beginFill(0xff0000); mySprite.graphics.drawRect(0,0,40,40); addChild(mySprite); mySprite.x = 200; mySprite.y = 200; pauseScreen.x = stage.width/2; pauseScreen.y = stage.height/2; life = new Sprite(); life.x = 210; stage.addEventListener(MouseEvent.MOUSE_MOVE,followMouse); /*mySprite.addEventListener(TouchEvent.TOUCH_END, onTouchEnd);*/ //checkLevel(); timeCheck(); trackLives(); } public function timeCheck(){ addEventListener(Event.ENTER_FRAME, showTime); } public function showTime(e:Event) { gameTime = getTimer()-startTime; rm1_mc.timeDisplay.text = clockTime(gameTime); rm1_mc.livesDisplay.text = String(heroLives); } public function clockTime(ms:int) { var seconds:int = Math.floor(ms/1000); var minutes:int = Math.floor(seconds/60); seconds -= minutes*60; var timeString:String = minutes+":"+String(seconds+100).substr(1,2); return timeString; } public function trackLives(){ for(var i:int=0; i<heroLives; i++){ life.graphics.lineStyle(1, 0xff9900); life.graphics.beginFill(0xff9900, 1); life.graphics.drawCircle(i*15, 45, 6); life.graphics.endFill(); addChild(life); } } function followMouse(e:MouseEvent){ mySprite.x=mouseX; mySprite.y=mouseY; trackCollisions(); } function trackCollisions(){ if(mySprite.hitTestObject(rm1_mc.obst1) || mySprite.hitTestObject(rm1_mc.obst2)){ hitObjects(); } else if(mySprite.hitTestObject(rm1_mc.target_mc)){ hitTarg(); } } function hitObjects(){ addChild(replacement); mySprite.x ^= replacement.x; replacement.x ^= mySprite.x; mySprite.x ^= replacement.x; mySprite.y ^= replacement.y; replacement.y ^= mySprite.y; mySprite.y ^= replacement.y; stage.removeEventListener(MouseEvent.MOUSE_MOVE, followMouse); removeChild(mySprite); hitObj = true; checkScore(); } function hitTarg(){ addChild(replacement); mySprite.x ^= replacement.x; replacement.x ^= mySprite.x; mySprite.x ^= replacement.x; mySprite.y ^= replacement.y; replacement.y ^= mySprite.y; mySprite.y ^= replacement.y; stage.removeEventListener(MouseEvent.MOUSE_MOVE, followMouse); removeEventListener(Event.ENTER_FRAME, showTime); removeChild(mySprite); hitTarget = true; currLevel++; checkScore(); } function checkScore(){ if(hitObj){ score += obstScore; heroLives--; removeChild(life); } else if(hitTarget){ score += targetScore; } rm1_mc.scoreDisplay.text = String(score); rm1_mc.livesDisplay.text = String(heroLives); trackLives(); } } }

  Read the article

• How to display Windows Explorer Column Headers in "List" mode?

  - by Sung Meister

  Windows Vista File Explorer used to display column headers regardless whether it was in Details or List view. But Windows 7 displays column headers only in Details view. Details View - column headers are present List View - column headers are missing How can I display column headers in List view mode as it did in Windows Vista?

  Read the article

• How are Linux environment variables DISPLAY and XAUTHORITY used?

  - by theactiveactor

  How are these 2 variables used by the X Window system? On my Ubuntu 9.10 host, if I set XAUTHORITY to anything and then try to run a GUI program, I receive a GTK-WARNING ***: cannot open display :0.0 (DISPLAY is set to :0.0 by default). What is causing this error message?

  Read the article

• Is there a way to make nautilus display the "recently used" files and directories?

  - by Peltier

  Is there a way to make nautilus display the "recently used" files and directories, just like the "open file" dialog does? Just to make my question clearer, here are two screenshots: The GTK open file dialog, showing the recently used items: A nautilus window, which doesn't offer to display recently used items: EDIT : This has been added as a feature request to Nautilus. Don't hesitate to make your voice heard if you want it to happen!

  Read the article

• display values within stacked boxes of rowstacked histograms in gnuplot?

  - by gojira

  I am using gnuplot (Version 4.4 patchlevel 2) to generate rowstacked histograms, very similar to the example called "Stacked histograms by percent" from the gnuplot demo site at http://www.gnuplot.info/demo/histograms.html I want to display the values of each stacked box within it. I.e. I want to display the actual numerical value (in percent and/or the absolute number) of each box. How can I do that?

  Read the article

• How to modify htaccess to display files in subdirectory instead of root directory, but at the root u

  - by 99miles

  What needs to go in the htaccess file to make it display the files in a subdirectory but still just display mydomain.com in the browser? For example, normally the index.htm file in public_html displays at mydomain.com but I instead want the index.htm file in public_html/sub to be displayed at mydomain.com

  Read the article

• How to do something like `mplayer movie.mpg` from ssh and it play on the current display?

  - by Earlz

  I've set up a little media center computer running Arch Linux. I want to eventually get it so that there is no keyboard or mouse required. Right now I want the solution to be SSH. My problem is that when I do something like mplayer movie.mpg over an ssh shell, I'll just get vo: couldn't open the X11 display ()! How do I get this to work correctly and play on my TV(the display the media center computer is hooked to)?

  Read the article

• Why does my PowerBook display “Fixing recursive fault but reboot is needed!” and stop booting?

  - by Blacklight Shining

  I have an old PowerBook G4 that worked (more or less) fine with a previous installation of Ubuntu Desktop 12.04. A few days ago I decided to install Ubuntu Server instead, and got a copy of Ubuntu Server 12.10. The installation seemed to complete successfully, but now, whenever I try to boot the system, it simply halts at some point after I unlock the hard disk. There is a lot of text on the screen (which is normal for me during a boot, except now it's mostly errors and debug information), the last of which is this: [ 26.338228] Fixing recursive fault but reboot is needed! Pressing control command power to force a reboot yields exactly the same results. A search for the error message turned up many temporary solutions involving kernel parameters, but none of them have worked for me. I don't think I can remove the default set of parameters (which I think is quiet splash), but I can pass additional parameters on boot. I've tried booting on AC and battery power, as well as using these combinations of kernel parameters while on battery power: acpi=enable pci=noacpi pci=assign-busse acpi=ht acpi=off nomodeset nomodeset acpi=off Why am I getting this error and how can I fix it?

  Read the article

• SQL SERVER – Capturing Wait Types and Wait Stats Information at Interval – Wait Type – Day 5 of 28

  - by pinaldave

  Earlier, I have tried to cover some important points about wait stats in detail. Here are some points that we had covered earlier. DMV related to wait stats reset when we reset SQL Server services DMV related to wait stats reset when we manually reset the wait types However, at times, there is a need of making this data persistent so that we can take a look at them later on. Sometimes, performance tuning experts do some modifications to the server and try to measure the wait stats at that point of time and after some duration. I use the following method to measure the wait stats over the time. -- Create Table CREATE TABLE [MyWaitStatTable]( [wait_type] [nvarchar](60) NOT NULL, [waiting_tasks_count] [bigint] NOT NULL, [wait_time_ms] [bigint] NOT NULL, [max_wait_time_ms] [bigint] NOT NULL, [signal_wait_time_ms] [bigint] NOT NULL, [CurrentDateTime] DATETIME NOT NULL, [Flag] INT ) GO -- Populate Table at Time 1 INSERT INTO MyWaitStatTable ([wait_type],[waiting_tasks_count],[wait_time_ms],[max_wait_time_ms],[signal_wait_time_ms], [CurrentDateTime],[Flag]) SELECT [wait_type],[waiting_tasks_count],[wait_time_ms],[max_wait_time_ms],[signal_wait_time_ms], GETDATE(), 1 FROM sys.dm_os_wait_stats GO ----- Desired Delay (for one hour) WAITFOR DELAY '01:00:00' -- Populate Table at Time 2 INSERT INTO MyWaitStatTable ([wait_type],[waiting_tasks_count],[wait_time_ms],[max_wait_time_ms],[signal_wait_time_ms], [CurrentDateTime],[Flag]) SELECT [wait_type],[waiting_tasks_count],[wait_time_ms],[max_wait_time_ms],[signal_wait_time_ms], GETDATE(), 2 FROM sys.dm_os_wait_stats GO -- Check the difference between Time 1 and Time 2 SELECT T1.wait_type, T1.wait_time_ms Original_WaitTime, T2.wait_time_ms LaterWaitTime, (T2.wait_time_ms - T1.wait_time_ms) DiffenceWaitTime FROM MyWaitStatTable T1 INNER JOIN MyWaitStatTable T2 ON T1.wait_type = T2.wait_type WHERE T2.wait_time_ms > T1.wait_time_ms AND T1.Flag = 1 AND T2.Flag = 2 ORDER BY DiffenceWaitTime DESC GO -- Clean up DROP TABLE MyWaitStatTable GO If you notice the script, I have used an additional column called flag. I use it to find out when I have captured the wait stats and then use it in my SELECT query to SELECT wait stats related to that time group. Many times, I select more than 5 or 6 different set of wait stats and I find this method very convenient to find the difference between wait stats. In a future blog post, we will talk about specific wait stats. Read all the post in the Wait Types and Queue series. Reference: Pinal Dave (http://blog.SQLAuthority.com) Filed under: Pinal Dave, PostADay, SQL, SQL Authority, SQL DMV, SQL Query, SQL Scripts, SQL Server, SQL Tips and Tricks, SQL Wait Stats, SQL Wait Types, T SQL, Technology

  Read the article

• Is this information about me as a programmer concise and good enough?

  - by Nick Rosencrantz

  I not only want you to review my resume but please tell me what you think Google means when they answered me: "We don't look at personal letters and we like your resume and we can recommend you internally but we need measurable experience. What is meant with "measurable" here? Do they mean like O(1) compared to O(n), selling an entire company, grades or what? This is what I sent: Curriculum vitae Nick Rosencrantz Competence: System development, web development Technical competence: Java, Javascript, HTML, XML, CSS, AJAX, PHP, SQL, Python Employments: 2012- Mobile Innovation AB System Developer IT consultant (Java programmer) 2011-2012 Bnano International Ltd System Developer Python programming in Google App Engine 2008-2009 Sweden Island AB System Developer Programming C++ and Java EE components 2003-2007 Studies Stockholm School of Economics During studies worked as network technician at Effnet AB 2000-2002 Jadestone AB System Developer System development in Java/J2EE. In 2001: KTH, Assistant. Teaching application server programming in Java Enterprise + weblogic + Informix. 1999-2000 Studies KTH 1996-1998 Spray.se System development, Researcher 1995-1995 Finance broker Backoffice work with financial instruments 1993-1994 Computer & Audio-Technical Systems AB Programming, sommer job Education/Courses: Stockholm School of Economics, Master of Science diploma, KTH, Computer Science undergraduate studies Languages Swedish, English, also some German and French Born 1973, Swedish citizen I also have a project-based CS which is several pages long but the above is about what I was aiming for in the beginning when I was looking for a job, now I have employment as an IT consultant in central Stockholm and I want to make my resume concise and also know what Google meant with their answer (It was a Swedish Google employee that via linkedin recruited from my Stockholm School of Economics groups since that is a small elite economics school where I took my M.Sc. and KTH is one of the largest universities in northern Europe so I sent her a link with my CV and she said she could promote me internally if I added "measurable experience" and I've been thinking for weeks what that may mean?

  Read the article

• Tool to convert from XML to CSV and back to XML without losing information?

  - by Lanaru

  I would like to convert an XML file into CSV, and then be able to convert that CSV back into the original XML file. Is there a tool out there that makes this possible? The reason I want to do this is that I want to generate a ton of data to be stored in an xml file that my program will parse. I can easily generate a lot of data with a CSV file through the use of Excel macros, so that's why I'm looking for a tool to convert between these two formats. Any alternative suggestions are greatly appreciated.

  Read the article

< Previous Page | 134 135 136 137 138 139 140 141 142 143 144 145  | Next Page >