This tag is used for topics relating to application security and attacks against software. If your question is not about a specific programming problem, please consider asking it at security.stackexchange.com instead.
0
votes
0answers
9 views
How to encrypt, decrypt data using DUKPT and 3DES algorithm in iphone for a card reader application?
I have reffered this code and successfuly created IPEK and PEK for differant TKSN and Now how do I encrypt this keys to my card reader device and how do decrypt the card information using those keys. ...
1
vote
0answers
17 views
how to generate AES Secret key in objective c?
How to generate java equivalent secret key in objective C?
public SecretKey getSymmetricKey(String keyString) {
SecretKey secretKey = null;
try {
byte[] raw = ...
0
votes
1answer
10 views
Symfony2: How to hide link in Twig based on permissions
My application shows a list of projects, project detail pages and forms to edit these projects. These are the routes:
/ - list of projects
/project/42 - view project (project detail page)
...
0
votes
0answers
10 views
Devise identity confirmation
not sure this is going to be easily done or even possible without some other service but thought I'd ask anyway.
Basically a have a doctors site set up and i would like for patients to be able to ...
1
vote
0answers
11 views
How is Azure ACS authentication secured?
Thanks to Gaurav Mantri for answering my earlier question Azure ACS Set Up in C#.
However can someone explains to me, how the following line is secured?
if ...
azure
0
votes
2answers
28 views
Peek at DOCUMENT_ROOT on a live site without compromising security?
I have some code in a form mailer:
$t = date("U");
$file = $_SERVER['DOCUMENT_ROOT'] . "\ssfm\gdform_" . $t;
and I have reason to believe that on my clients GoDaddy server the ...
8
votes
0answers
63 views
Few questions about custom permissions in Android
I am learning Android programming and I have kind of understood the concept of custom permission.
Based on my understanding this is how custom permissions works:
'Base app' can protect some of its ...
1
vote
0answers
15 views
Cakephp Security component blackholes delete post
I'm sending a delete post from an organisation page to a people controller like this:
$this->Form->postLink(__('Delete'),
array('controller'=> 'people', 'action' => ...
1
vote
0answers
23 views
Ios objective c best method for secure delete
We have files in SQLite wrapped with bcrypt for SQLite encryption. We pull sensitive files out of the db for the end user to view. We need a best practice for deleting a file and having unrecoverable. ...
2
votes
2answers
22 views
Is it possible to extract constants and other predefined values from binary executables?
Let's say we have this program here
class Message{
public static SUPER_SECRET_STRING = "bar";
public static void Main(){
string SECRET = "foo";
...
1
vote
2answers
44 views
are anonymous sessions secure?
I'm new in web design. My concern is if I trace anonymous users by session to keep correct language, and etc., then I would save data for each user who visit my website(for example 2 KB). then ...
1
vote
2answers
12 views
Rate limiting an API with a special exception
I have a webapp that consumes a REST API. I'd like share the API with the wider world, but before doing so, I need to add rate limiting to prevent abuse / high load from buggy clients. I'd like to ...
-1
votes
0answers
29 views
Algorithm to “unlock” an app through another one
EDIT:
feel free to downvote but at least be constructive and comment, or answer.
Ok, here's the scenario: I need to register how many times an app (read: a certain activity) has been launched. I ...
1
vote
0answers
16 views
Storing strings securely in memory from within node.js apps
In this question, Mubashar asks about storing sensitive info securely in memory using C#, and is pointed to the SecureString class from .NET. Is there an existing comparable tool that will do this in ...
0
votes
1answer
12 views
Java: Access an API that uses SAML authentication
I have a web project that needs to pull some data from a hosted versionone instance. The versionone instance uses SAML authentication for single sign-on.
The single sign-on itself uses a username and ...
Community Bulletin
Related Tags
php × 3549java × 2167
c# × 1579
asp.net × 1470
.net × 1135
encryption × 1134
javascript × 1068
authentication × 962
android × 705mysql × 699
passwords × 633
ssl × 589
wcf × 554
web-services × 530
web-security × 494
cryptography × 485
windows × 464
hash × 419
database × 410
xss × 408
login × 400
html × 397
session × 375
ruby-on-rails × 371
spring × 369
