Search Results

Search found 13059 results on 523 pages for 'security hole'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 250/523 | < Previous Page | 246 247 248 249 250 251 252 253 254 255 256 257  | Next Page >

  • How do software projects go over budget and under-deliver?

    - by Carlos
    I've come across this story quite a few times here in the UK: NHS Computer System Summary: We're spunking £12 Billion on some health software with barely anything working. I was sitting the office discussing this with my colleagues, and we had a little think about. From what I can see, all the NHS needs is a database + middle tier of drugs/hospitals/patients/prescriptions objects, and various GUIs for doctors and nurses to look at. You'd also need to think about security and scalability. And you'd need to sit around a hospital/pharmacy/GPs office for a bit to figure out what they need. But, all told, I'd say I could knock together something with that kind of structure in a couple of days, and maybe throw in a month or two to make it work in scale. * If I had a few million quid, I could probably hire some really excellent designers to make a maintainable codebase, and also buy appropriate hardware to run the system on. I hate to trivialize something that seems to have caused to much trouble, but to me it looks like just a big distributed CRUD + UI system. So how on earth did this project bloat to £12B without producing much useful software? As I don't think the software sounds so complicated, I can only imagine that something about how it was organised caused this mess. Is it outsourcing that's the problem? Is it not getting the software designers to understand the medical business that caused it? What are your experiences with projects gone over budget, under delivered? What are best practices for large projects? Have you ever worked on such a project? EDIT *This bit seemed to get a lot of attention. What I mean is I could probably do this for say, 30 users, spending a few tens of thousands of pounds. I'm not including stuff I don't know about the medical industry and government, but I think most people who've been around programming are familiar with that kind of database/front end kind of design. My point is the NHS project looks like a BIG version of this, with bells and whistles, notably security. But surely a budget millions of times larger than mine could provide this?

    Read the article

  • SQL Server 2008 R2 Express Edition - a treat for small scale businesses

    - by ssqa.net
    SQL Server Express edition is a light-weight software within SQL Server arena, it is classed as database platform that makes it easy to develop data-driven applications that are rich in capability, offer enhanced storage security, and are fast to deploy. Also the SQL Server 2008 Express with Advanced Services is an edition of same flock that includes a new graphical management tool, features for reporting, and advanced text-based search capabilities. You can add the GUI capabilities for management...(read more)

    Read the article

  • Oracle OpenWorld Latin America 2012 - Middleware Session

    - by Roberto Monteiro
    Oracle Fusion Middleware PaaS and Oracle Java Cloud Service   Roberto Monteiro, Senior Sales Consultant, OracleIn this session, learn how Oracle Fusion Middleware platform as a service (PaaS) can supercharge productivity with instant access to a platform for developing and deploying business applications in the cloud, complete with integrated security and database access. See how these capabilities are used by Oracle Java Cloud Service.  Dec 4 - 17:15 - Mezzanine: Room 7

    Read the article

  • CVE-2012-1712 Path Traversal Vulnerability in Sun GlassFish Web Space Server

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-1712 Path Traversal Vulnerability 5.0 Liferay Sun GlassFish Web Space Server 10.0 Update 7 Patch 2 SPARC X86 Linux Windows Oracle acknowledges with thanks, Christian Schneider for bringing this issue to our attention. This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • 2010 is gone and Welcome 2011

    - by anirudha
    last days i spent my week @ firozabadthe town is much small and near to agraso i never forget to see the taj mahal and red fort their even it’s first chance to see them.i make a plan that i go to Agra last Saturday. firstly i go to red fort and i talking with many foreigner and they love to talking with me because their is only one man who with with them who is their GUIDE a person like a  book they never can talk with you but tell you about everything of the location because you buy them. their are many person come from various country such as German , Japan,  Russ , Italy and many other. their is no problem to talk with them perhaps they happen with talk to me. when i completely watch the Red fort at least i see a girl who are look like a foreigner. i talk themselves where they come from they tell me Francewhen i go elsewhere i thing to propose them to be  a friend of mine. i never propose any girl for friendship with me even in school and college. so i propose them to be a friend of mine.  they accept it i put the email ID in their hand whenever they gone. but i still not get their mail. 2ndly i go to Taj mahal the taj experience is not so good i spent 3 or 4 hours in rush. i found their is no security even their are many army force. they all person are too slow to work. they spent 10 minute to check  a person for security . their hands work very slow just like a low configuration computer. i talk many person their too. i talk to a person who tell themselves Jacob and they from Chicago. they speak very fast and i not know what they tell in speech. a another problem i got with some Chinese person. when i talking with them that i found they speak only Chinese language. Wish you a very very happy new year.

    Read the article

  • In agile environment, how is bug tracking and iteration tracking consolidated.

    - by DXM
    This topic stemmed from my other question about management-imposed waterfall-like schedule. From the responses in the other thread, I gathered this much about what is generally advised: Each story should be completed with no bugs. Story is not closed until all bugs have been addressed. No news there and I think we can all agree with this. If at a later date QA (or worse yet a customer) finds a bug, the report goes into a bug tracking database and also becomes a story which should be prioritized just like all other work. Does this sum up general handling of bugs in agile environment? If yes, the part I'm curious about is how do teams handle tracking in two different systems? (unless most teams don't have different systems). I've read a lot of advice (including Joel's blog) on software development in general and specifically on importance of a good bug tracking tool. At the same time when you read books on agile methodology, none of them seem to cover this topic because in "pure" agile, you finish iteration with no bugs. Feels like there's a hole there somewhere. So how do real teams operate? To track iterations you'd use (whiteboard, Rally...), to track bugs you'd use something from another set of products (if you are lucky enough, you might even get stuck with HP Quality Center). Should there be 2 separate systems? If they are separate, do teams spend time creating import/sync functionality between them? What have you done in your company? Is bug tracking software even used? Or do you just go straight to creating a story?

    Read the article

  • Managing Joomla via Android

    Surprisingly, it was only today that I actually looked for possible solutions to write more content for my blog. Since quite some time I'm using my Samsung Galaxy Tab 10.1 for all kind of social media activities like Google+, FB, etc. but also for my casual mail during the evening hours. And yes, I feel a little bit guilty about missing the chance to use my tablet to write some content here... OK, only a little bit. ;-) These are not the droids you are looking for But those lazy times are over! While searching the Play Store with the expression 'joomla' I got three interesting hits: - Joomla Admin Mobile! - Joooid - Joomla! Security Checklist After reading the reviews I installed the two later apps. Joomla! Security Checklist The author clearly outlines here that the app is primarily for his personal purpose to have safety checklist at hand at anytime. I guess that any reader of this article has an Android based smartphone or tablet, so that simple app should be part of your toolbox when using Joomla! for your websites. Joooid plugin & app Although I was looking for an app that could work with the default XML RPC interface of Joomla I have to admit that this combination of an enhanced Web service suits me better, mainly due to performance reason. The official website has not only the downloads for Joomla versions 1.5 - 2.5 but also very good and easy to follow step-by-step instructions to prepare your server for the Android app. It will take you less than 5 minutes to get it up and running. For safety reasons, I recommend that you should configure your Web server to have an additional authentication layer on the plugins folder. The smartphone app has the ability to run against HTTP authentication. Personally, I like the look and feel of the app. It is a little bit different compared to the web UI but still easy to use. In fact, this article is the first one written in the Joooid app. At the moment, I only miss the ability to have list tags. Quick and easy Writing full-fledged articles with images, a couple of hyperlinks and some styling here and there should be left to the desktop. At least for the moment. Let's see whether I'm going to change my mind on this during the upcoming months... I'll give it a try, and hope to publish at least once per month to write some content using Joooid. Actually, it would be great to have some feedback about other Joomla! clients in the wild.

    Read the article

  • Multiple vulnerabilities in Network Time Protocol (NTP)

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2009-0021 Improper Authentication vulnerability 5.0 Firmware SPARC T3-4 SPARC: 147317-01 SPARC T3-2 SPARC: 147316-01 SPARC T3-1B SPARC: 147318-01 SPARC T3-1 SPARC: 147315-01 Netra SPARC T3-1B SPARC: 147320-01 Netra SPARC T3-1 SPARC: 147319-01 Netra SPARC T3-1BA SPARC: 144609-07 CVE-2009-0159 Buffer Overflow vulnerability 6.8 CVE-2009-3563 Denial of Service (DoS) vulnerability 6.4 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Investing in Servers by Intel

    - by Koushal Deshpande
    Originally posted on: http://geekswithblogs.net/BizTalkAndOtherTechs/archive/2013/10/31/investing-in-servers-by-intel.aspxA nice article reference from Intel, refer here. Referees to cloud as well. Choose correctly what you need. 1 Do determine right server for your company. There is no use getting a server that has redundant services but still add to the costs. 2 Do get servers that can be upgraded. A server with limited memory and storage may not be able to keep up with your business growth. The basic memory and storage options might not be sufficient. Consider at least 8GB of RAM and 1 terabyte of hard disk space. 3 Do check the server has at least one Gigabit Ethernet port. This allows high speed transferring of files and increases productivity for your employees. USB and Firewire ports may not be enough as their transfer speed is too low and will affect the productivity of your company. Infinite Technologies is ready to help perform this upgrade. Contact Infinite Technologies now View our other resellers » 4 Do verify that the server comes with documentation. Documentation allows you to make a claim when your server breaks down and is supported by a warranty. 6 Do check the support options for the server from the manufacturer. Different manufacturer has different support options such as maintenance plans and software upgrades. 5 Do always look into the warranty. Get an enhanced warranty that guarantees response and repair time to avoid disruption. 7 Do get server management tools that can be used on any computer. Server management tools should be cross compatible across different operating systems to take into account future PC replacements. 8 Do check the power usage of the servers. Get the right power supply to avoid damaging server hardware and consider the Intel® Xeon® E3 processor to help save on your electricity bills. 9 Do check what built-in security packages are available. Ensure that your server is protected. Built-in security1 helps you save on getting add on security packages.

    Read the article

  • CVE-2011-4128 Buffer Overflow vulnerability in gnutls

    - by Umang_D
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4128 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 4.3 gnutls Solaris 11 11/11 SRU 12.4 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2008-6536 Unspecified vulnerability in 7-zip

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2008-6536 Unspecified vulnerability 10.0 7-zip Solaris 10 SPARC: 137321-02 x86: 137322-02 Solaris 9 SPARC: 137477-02 x86: 137478-02 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Moving from Tortoise to TFS

    - by MarkPearl
    The Past A few years ago my small software company made the jump from storing code on a shared folder to source code control. At the time we had evaluated a few of the options and settled on Tortoise SVN. The main motivation for going the SVN route was that we found a great plugin for Visual Studio that allowed us to avoid the command prompt for uploading changes (like I said we are windows programmers… command prompt bad!! ) and it was free. Up to now we have been pretty happy with SVN as it removed many of the worries that I had about how safe my code was on a shared folder and also gave us the opportunity to safely have several developers work on the same project at the same time. The only times when we have been unhappy has been when we have had SVN hell days – which pretty much occur when you are doing something out of the norm and suddenly SVN just won’t resolve conflicts or something along those lines. This happens once every 4 or 5 months and is not necessarily a problem caused directly by SVN – but a problem augmented by SVN. When you have SVN hell days you want to curse SVN! With that in mind I recently have been relooking at our source code control. I have explored using GIT and was very impressed by it and have also looked at TFS. From a source code control perspective I don’t want to get into a heated discussion on which one is better – but I do want to mention that I wear two hats in my organization – software developer & manager, and with the manager hat on I tend to sway the TFS route. So when I was given a coupon to test DiscountASP.Net Team Foundation Server Service for a year, I thought it was the perfect opportunity to try TFS in a distributed environment and also make the first step towards having an integrated development management system. Some of the things that appeal to me about DiscountASP’s offering are the following… Basic management / planning facilities like to do lists inside Visual Studio Daily backup of data on the server – we are developers, not IT managers and so the more of this I could outsource the better Distributed solution – all of us work remotely and so this was a big one as well. Registering and Setting Up with DiscountASP.NET The whole registration process was simple and intuitive. The web interface is not the most visually impressive one, but it is functional and a few seconds after I clicked the last submit button a email was sitting in my inbox giving me my control panel username and suggesting that I read the “Getting Started” article. The getting started article was easy to read and understand so no complaints there either. Next to set my dev environment to work. With a few references to the getting started article I had completed the whole setup process in a matter of minutes. Ten minutes after initiating the whole thing I was logged into VS2010 and creating my first TFS project. With the service that I signed up for, I have access for 5 users – which is sufficient for my internal needs. So from what I can tell, to set the rest of us up on the system I just need to supply them with their user credentials and url. My Concerns Resolved 1) Security So, a few concerns I had about the service. First and foremost – is it secure? I would hate for someone to get access to our code and the whole idea of putting it up on the internet is a concern for me. Turning to the Knowledge Base on the DiscountASP website this is one of the first question I can see answered. According to them it is secure. I have extracted their comment below regarding this. Our TFS hosting service is secure. We only accept HTTPS connections ensuring that any client-server data transmission is encrypted. At the network level, all of our systems are protected by multiple Juniper firewalls, Tipping Point's Intrusion Detection System (see Tipping Point's case study of our use here), and we also employ DDoS mitigation to add extra layers of security. Additionally, physical access to the servers is tightly restricted. Please see the security section of this Knowledge Base article for further details. 2) Web Portal Access The other big concern I have is regarding web portal access. In the ideal world I would like to be able to give my end users access to a web portal for reporting bugs etc. When I initially read through the FAQ of the site it mentioned that there was web portal access – but from what I can see this is just for “users”. Since I am limited to 5 users for the account, it would not be practical to set up external users that we could get feedback from on bugs etc. I would be interested if this is possible – and if so if someone could post it in the comments it would be much appreciated. If this isn’t possible, it is a slight let down as we rely heavily on end user feedback to get feedback and it would have been ideal to have gotten this within the service. Other than those two items, I didn’t have any real concerns that were unresolved. So where do I go from here? So time passed by from the initial writing of this post and as work whirred in and out of my inbox I have still not had a proper opportunity to give the service a test run. Recently though things have began to slow down and then surprise surprise I had another SVN Hell day. With that experience I had a new found resolve to get our team on TFS and so today we are going to start to use the service as a team. I am hoping that I do not have TFS hell days – but if I do, I will be sure to write about them. In short - the verdict is still out on whether this service is going to be invaluable to my business or whether it will create more headaches than it is worth BUT I am hopping it will be an invaluable service. I will only really be able to determine that in a few months… till then!

    Read the article

  • Sandboxes Explained: How They’re Already Protecting You and How to Sandbox Any Program

    - by Chris Hoffman
    Sandboxing is an important security technique that isolates programs, preventing malicious or malfunctioning programs from damaging or snooping on the rest of your computer. The software you use is already sandboxing much of the code you run every day. You can also create sandboxes of your own to test or analyze software in a protected environment where it won’t be able to do any damage to the rest of your system.    

    Read the article

  • Multiple vulnerabilities in fetchmail

    - by Umang_D
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-3389 Improper Input Validation vulnerability 4.3 fetchmail Solaris 11 11/11 SRU 12.4 CVE-2012-3482 Denial of Service vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Resources relating to Java EE and Scala

    - by Ant Kutschera
    Are there any good sites / blogs / books / articles on using Java EE together with Scala? Or indeed articles saying that it should not be done. Many Scala resources talk about using Akka and Lift. Akka solves a different domain problem than Java EE. I don't know Lift, but I assume its geared towards the web end of Java EE and doesn't replace app server containers which provide transactions, security, scalability, resource management, reliability, etc. (all those things which Java EE markets itself as being good at).

    Read the article

  • Help needed on a UI/Developer Interview

    - by AJ Seth
    I have a phone interview with a major Internet company and it is a mostly front-end developer position. If anyone has experience with UI/developer interviews and can give some advice/questions asked etc. that'll be great. Additionally, what resources can be read and reviewed for the following: Designing for performance, scalability and availability Internet and OS security fundamentals EDIT: Now I am told that the interview I am told will be mostly on coding, Data Structures, design questions etc. Anyone?

    Read the article

  • Új adatbázis-biztonsági termék: Audit Vault and Database Firewall, lényegesen olcsóbban

    - by user645740
    Az Oracle összevonta az Audit Vault és a Database Firewall termékeket, még szélesebb felhasználói körnek elérhetové téve az adatbázisok biztonságának magasabb szintjét. Az új termék, az Oracle Audit Vault and Database Firewall (AVDF) mostantól kedvezobb áron érheto el. A jelentések megtekintéséhez restricted use-ban tartalmazza  a Business Intelligence Publisher licencet. Az adatgyujto, management szerver komponensek kiemelten védettek, az Audit Vault Server és a Database Firewall szerverekre restricted use-ban használhatók:Oracle Database Enterprise Edition, Database Vault, Partitioning, Advanced Compression és Advanced Security.

    Read the article

  • How to explain why design choices are good?

    - by Telastyn
    As I've become a better developer, I find that much of my design skill comes more from intuition than mechanical analysis. This is great. It lets me read code and get a feel for it quicker. It lets me translate designs between languages and abstractions much easier. And it let's me get stuff done faster. The downside is that I find it harder to explain to teammates (and worse, management) why a particular design is advantageous; especially teammates that are behind the times on best practices. "This design is more testable!" or "You should favor composition over inheritance." go right over their heads, and lead into the rabbit hole of me trying to clue everyone in to the last decade of software engineering advances. I'll get better at it with practice of course, but in the mean time it involves a lot of wasted time and/or bad design (that will lead to wasted time fixing it later). How can I better explain why a certain design is superior, when the benefits aren't completely obvious to the audience?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 246 247 248 249 250 251 252 253 254 255 256 257  | Next Page >