Search Results

Search found 27912 results on 1117 pages for 'computer security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 216/1117 | < Previous Page | 212 213 214 215 216 217 218 219 220 221 222 223  | Next Page >

  • Web Application - Authentication / Login Framework

    - by user456563
    This is a very simple, probably a most asked question and frequently developed as part of any web application. Say I'm planning to build a web application and some of the functional requirements include (apart from the usual hard hitting security reqs), - Need to have users sign up for a new account profile - Authenticate user using the native app authentication / Facebook or Google or Yahoo or OpenId login - Allow lost password retrieval - Session handling needs Is there an out of the box frameworks (Drupal, Liferay??) that I can use to wrap my application which can be a bunch of JSP's or HTML's with JS? I know I'm asking a very simple and maybe a naive question. But this is a topic every web developer guru will go thru. Any help, advise and pointers much appreciated.

    Read the article

  • Established javascript solution for secure registration & authentication without SSL

    - by Tomas
    Is there any solution for secure user registration and authentication without SSL? With "secure" I mean safe from passive eavesdropping, not from man-in-the-middle (I'm aware that only SSL with signed certificate will reach this degree of security). The registration (password setup, i.e. exchanging of pre-shared keys) must be also secured without SSL (this will be the hardest part I guess). I prefer established and well tested solution. If possible, I don't want to reinvent the wheel and make up my own cryptographic protocols. Thanks in advance.

    Read the article

  • On Linux do people chroot a Java Web Application or use IPTables and run as non-root?

    - by Adam Gent
    When you run a Java Servlet Container that you would like to serve both static and dynamic content on port 80 you have the classic question of whether to run the server as: As root in hopefully a chroot jail if you can (haven't gotten this working yet) As a non root user and then use IPTables to forward port 80 to some other port (1024) that the container is running on Both: As a non root user, IPTables, and chroot jail. The problem with opt. 1 is the complexity of chrooting and still the security problems of running root.The problem with opt. 2 is that each Linux distro has a different way of persisting IPTables. Option 3 of course is probably idea but very hard to setup. Finally every distro has the annoying differences in daemon scripts. What do people find as the best distro agnostic solution and are there resources to show how to do this?

    Read the article

  • Best way to Store Passwords, User information/Profile data and Photo/Video albums for a social websi

    - by Nick
    Need some help figuring out how to best Store Passwords, User information/Profile data and Photo/Video albums for a social website? For photos/videos the actual photo/video + even encrypting the URL with the IDs to the photo/videos so other users cannot figure it out. Creating a site like myspace and designing retirement documents but i am unsure how to specify the security requirements for the database. Two things: 1) Protect from outside users 2) Protect all these from employees being able to access this info For #2, the additional question is: If we encrypt the user info and password so even the system admins cannot get in, how can we retrieve the user data tomorrow if someone flags the user's account as spam and admin needs to check it out or if law enforcement wants info on a user? Thanks.

    Read the article

  • Automatic people counting + twittering.

    - by c2h2
    Want to develop a system accurately counting people that go through a normal 1-2m wide door. and twitter whenever people goes in or out and tells how many people remain inside. Now, Twitter part is easy, but people counting is difficult. There is some semi existing counting solution, but they do not quite fit my needs. My idea/algorithm: Should I get some infra-red camera mounting on top of my door and constantly monitoring, and divide the camera image into several grid and calculating they entering and gone? can you give me some suggestion and starting point?

    Read the article

  • How do I allow Ubuntu to use more space on my computer?

    - by anonymous
    Ubuntu currently won't use more than 4GiBs on my computer, but I need more space. My computer can hold much more than 4GiBs. How do I allow Ubuntu to use more? Please give step-by-step instructions in plain English. Update: I'm referring to my Ubuntu operating system. I installed it using Wubi through Microsoft Windows. I deleted Wubi from my Windows desktop after installation. All I want is to expand my Ubuntu operating system. I plan to gradually transition from Windows to Ubuntu and so I'll need to transfer more files and programs from Windows to Ubuntu in the future. Right now, I already need more GiBs for Ubuntu. I can barely use Ubuntu right now because there's almost no space left. I simply want Ubuntu to use what space I need it to use. People, please quit complicating this issue and inform me how to make Ubuntu use more space.

    Read the article

  • Leaving SQL Management open on the internet

    - by Tim Fraud
    I am a developer, but every so often need access to our production database -- yeah, poor practice, but anyway... My boss doesn't want me directly on the box using RDP, and so we decided to just permit MS SQL Management Console access so that I can do my tasks. So right now we have the SQL box somewhat accessible on the internet (on port 1433 if I am not mistaken), which opens a security hole. But I am wondering, how much of an uncommon practice is this, and what defaults should I be concerned about? We use MSSQL2008 and I created an account that has Read-Only access, because my production tasks only need that. I didn't see any unusual default accounts with default passwords on the system, so I would be interested to hear your take. (And of-course, is there a better way?)

    Read the article

  • Triangulation & Direct linear transform

    - by srand
    Following Hartley/Zisserman's Multiview Geometery, Algorithm 12: The optimal triangulation method (p318), I got the corresponding image points xhat1 and xhat2 (step 10). In step 11, one needs to compute the 3D point Xhat. One such method is Direct Linear Transform (DLT), mentioned in 12.2 (p312) and 4.1 (p88). The homogenous method (DLT), p312-313, states that it finds a solution as the unit singular vector corresponding to the smallest singular value of A, thus, A = [xhat1(1) * P1(3,:)' - P1(1,:)' ; xhat1(2) * P1(3,:)' - P1(2,:)' ; xhat2(1) * P2(3,:)' - P2(1,:)' ; xhat2(2) * P2(3,:)' - P2(2,:)' ]; [Ua Ea Va] = svd(A); Xhat = Va(:,end); plot3(Xhat(1),Xhat(2),Xhat(3), 'r.'); However, A is a 16x1 matrix, resulting in a Va that is 1x1. What am I doing wrong (and a fix) in getting the 3D point? For what its worth sample data: xhat1 = 1.0e+009 * 4.9973 -0.2024 0.0027 xhat2 = 1.0e+011 * 2.0729 2.6624 0.0098 P1 = 699.6674 0 392.1170 0 0 701.6136 304.0275 0 0 0 1.0000 0 P2 = 1.0e+003 * -0.7845 0.0508 -0.1592 1.8619 -0.1379 0.7338 0.1649 0.6825 -0.0006 0.0001 0.0008 0.0010 A = <- my computation 1.0e+011 * -0.0000 0 0.0500 0 0 -0.0000 -0.0020 0 -1.3369 0.2563 1.5634 2.0729 -1.7170 0.3292 2.0079 2.6624

    Read the article

  • Retrieve web user's Identity outside of request scope

    - by Kendrick
    I have an ASP.NET app that logs Audit reports using nHibernate's IPreUpdateListener. In order to set the current user in the Listener events, I was using System.Security.Principal.WindowsIdentity.GetCurrent(). This works fine when debugging on my machine, but when I move it to the staging server, I'm getting the ASP.NET process credentials, not the requesting user. In the ASP.NET page, I can use Request.LogonUserIdentity (which works fine since I'm using integrated authentication), but how do I reference this user directly without having to pass it directly to my event? I don't want to have to pass this info through the pipeline because it really doesn't belong in the intermediate events/calls.

    Read the article

  • P implies Q, how to read in english

    - by user177883
    how to read P implies Q in classical logic? example : Distributivity: Ka(X->Y) -> (KaX -> KaY) This is model logic which uses classical logic rules. KaX : a knows the that X is true. I m curious about how to read implication in english? if then else?

    Read the article

  • PHP - How to determine if request is coming from a specific file.

    - by John
    I have fileA.php on SERVER_A and fileB.php on SERVER_B fileB.php makes a curl request to fileA.php for it's contents How can fileA.php determine that the request is coming specifically from fileB.php? -- I was thinking about sending the $_SERVER['SCRIPT_NAME'] in fileB.php to fileA.php but since someone can go into fileB.php or any file in general and just do $_SERVER['SCRIPT_NAME'] = 'fileB.php'; it's not really that secure. So how can I determine, for security reasons, that the request is coming from a specific file on a different server?

    Read the article

  • Sitemap Links don't work on live site, Windows Authentication

    - by Chris
    I have a intranet site with Windows Authentication. I have 'Administrator' pages in an 'Administrator' folder that will only show for those in the admin group (windows security group) These pages work I have a folder with sub folders containing reports. These permissions are broken down for each type of report. They have similar role priveleges. When I test the application, I can navigate to the pages. When I deploy the site live on the intranet the links don't return a page. Error missing link 404. Do I need to set something in IIS?

    Read the article

  • Count the number of objects in an Image

    - by kunjaan
    I am investigating the possibility of image processing to identify certain objects and also count them in an image. I will be given a picture and I need to identify the number of boxes present in that image. Does anybody have any experience with any Machine Vision/ Image Processing libraries like ImageJ, Fiji, JAI, jMagick ,Java Vision Toolkit? Which do you think is best suited for the job? What do you guys suggest? If the APIs can be used from Java, it would be better. Thank you. Edit: I am dealing with warehouse brown boxes. Yes I am talking about regular photos. The source is usually a mobile phone picture.

    Read the article

  • Merging and splitting overlapping rectangles to produce non-overlapping ones

    - by uj
    I am looking for an algorithm as follows: Given a set of possibly overlapping rectangles (All of which are "not rotated", can be uniformly represented as (left,top,right,bottom) tuplets, etc...), it returns a minimal set of (non-rotated) non-overlapping rectangles, that occupy the same area. It seems simple enough at first glance, but prooves to be tricky (at least to be done efficiently). Are there some known methods for this/ideas/pointers? Methods for not necessarily minimal, but heuristicly small, sets, are interesting as well, so are methods that produce any valid output set at all.

    Read the article

  • Secure xml messages being read from database into app.

    - by scope-creep
    I have an app that reads xml from a database using NHibernate Dal. The dal calls stored procedures to read and encapsulate the data from the schema into an xml message, wrap it up to a message and enqueue it on an internal queue for processing. I would to secure the channel from the database reads to the dequeue action. What would be the best way to do it. I was thinking of signing the xml using System.Security.Cryptography.Xml namespace, but is their any other techniques or approaches I need to know about? Any help would be appreciated. Bob.

    Read the article

  • how do i install a game patch on an external hard drive

    - by shadow
    I have a 2tb external hard drive and I want to install battlefield 1942 on it. i can get the game on the hard drive without problems, and it runs great. the problem is that i have an outdated version, and i need to install a patch. thats when it gets iffy. i get the patch and start the install, and it finishes, but it doesnt install to the game itself. it goes to its own seperate folder, and that does nothing to the game. the patch installer doesnt ask me where the game is, and so im thinking that it cant find the game itself, and then screws up. any help would be great!

    Read the article

  • Securing Web Services approach valid?

    - by NBrowne
    Hi , Currently I am looking at securing our web services. At the moment we are not using WCF so this is not an option. One approach I have seen and implemented locally fairly easily was the approach described in article: http://www.codeproject.com/KB/aspnet/wsFormsAuthentication.aspx Which describes adding a HttpModule which prompts for user credentials if the user browses to any pages (web services) which are contained in a services folder. Does anyone see any way that this security could fall down and could be bypassed etc. I'm really just trying to decide whether this is a valid approach to take or not? thanks

    Read the article

  • WCF: What happens if a channel is established but no method is called?

    - by mafutrct
    In my specific case: A WCF connection is established, but the only method with "IsInitiating=true" (the login method) is never called. What happens? In case the connection is closed due to inactivity after some time: Which setting configures this timeout? Is there still a way for a client to keep the connection alive? Reason for this question: I'm considering the above case as a possible security hole. Imagine many clients connecting to a server without logging in thus preventing other clients from connecting due to bandwidth problems or port shortage or lack of processing power or ... Am I dreaming, or is this an actual issue?

    Read the article

  • Images with unknown content: Dangerous for a browser?

    - by chris_l
    Let's say I allow users to link to any images they like. The link would be checked for syntactical correctness, escaping etc., and then inserted in an <img src="..."/> tag. Are there any known security vulnerabilities, e.g. by someone linking to "evil.example.com/evil.jpg", and evil.jpg contains some code that will be executed due to a browser bug or something like that? (Let's ignore CSRF attacks - it must suffice that I will only allow URLs with typical image file suffixes.)

    Read the article

  • asp.net impersonation identity: Where does it come from?

    - by Rising Star
    Here's a simple question I've been stuck on for a while. When I set < identity impersonate=true > in my web.config so that asp.net impersonates the logged on user automatically (or the anonymous account if not using Windows Authentication), where does the identity that asp.net impersonates come from? This document: http://msdn.microsoft.com/en-us/library/ff649264.aspx shows three places you can retrieve information about the logged on user: Httpcontext.Current.user System.Threading.Thread.Current System.Security.Principal.WindowsIdentity.GetCurrent It seems that none of these locations consistently match the identity that gets impersonated when I set < identity impersonate=true > in web.config. I would like to know where the impersonated identity comes from.

    Read the article

  • Beginner Question ; About Prime Generation in "C" - What is wrong with my code ? -

    - by alorsoncode
    I'm a third year irregular CS student and ,i just realized that i have to start coding. I passed my coding classes with lower bound grades so that i haven't a good background in coding&programming. I'm trying to write a code that generates prime numbers between given upper and lower bounds. Not knowing C well, enforce me to write a rough code then go over it to solve. I can easily set up the logic for intended function but i probably create a wrong algorithm through several different ways. Here I share my last code, i intend to calculate that when a number gives remainder Zero , it should be it self and 1 , so that count==2; What is wrong with my implementation and with my solution generating style? I hope you will warm me up to programming world, i couldn't find enough motivation and courage to get deep into programming. Thanks in Advance :) Stdio and Math.h is Included int primegen(int down,int up) { int divisor,candidate,count=0,k; for(candidate=down;candidate<=up;candidate++) { for(divisor=1;divisor<=candidate;divisor++) { k=(candidate%divisor); } if (k==0) count++; if(count==2) { printf("%d\n", candidate); count=0; } else { continue; } } } int main() { primegen(3,15); return 0; }

    Read the article

  • Why is using a Non-Random IV with CBC Mode a vulnerability?

    - by The Rook
    I understand the purpose of an IV. Specifically in CBC mode this insures that the first block of of 2 messages encrypted with the same key will never be identical. But why is it a vulnerability if the IV's are sequential? According to CWE-329 NON-Random IV's allow for the possibility of a dictionary attack. I know that in practice protocols like WEP make no effort to hide the IV. If the attacker has the IV and a cipher text message then this opens the door for a dictionary attack against the key. I don't see how a random iv changes this. (I know the attacks against wep are more complex than this.) What security advantage does a randomized iv have? Is this still a problem with an "Ideal Block Cipher"? (A perfectly secure block cipher with no possible weaknesses.)

    Read the article

  • Can a variable like 'int' be considered a primitive/fundamental data structure?

    - by Ravi Gupta
    A rough definition of a data structure is that it allows you to store data and apply a set of operations on that data while preserving consistency of data before and after the operation. However some people insist that a primitive variable like 'int' can also be considered as a data structure. I get that part where it allows you to store data but I guess the operation part is missing. Primitive variables don't have operations attached to them. So I feel that unless you have a set of operations defined and attached to it you cannot call it a data structure. 'int' doesn't have any operation attached to it, it can be operated upon with a set of generic operators. Please advise if I got something wrong here.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 212 213 214 215 216 217 218 219 220 221 222 223  | Next Page >