FileVault, UnBitLocker, Security, stolen encryption algorithms

It's in the news, that researchers have discovered a way to extract the encryption algorithms from DRAM chips. This affects the security of FileVault.
The technical paper is here:
http://citp.princeton.edu.nyud.net/pub/coldboot.pdf
FileVault info is on page 16.
But in order to steal this info:
1- thieves must have physical access to the computer
2- one way is through a quick re-boot using an external device
This just shows that if you have sensitive information on your computer:
1- don't leave it where thieves can easily steal it (in your car, on a table in a coffee shop)
2- use a firmware password, which will hinder a boot from another device
To learn how to add a firmware password, read this article:
*Setting up firmware password protection in Mac OS X*
http://docs.info.apple.com/article.html?artnum=106482
Bottom line: Nothing is absolutely secure.

This is crazy but obvious. I reviewed the Dept. Of Justice's procedure for what to do if law enforcement encounters a computer that is running but passworded. It says to not touch and call for help. So the DOJ knew about this all along.
I a called apple support, they acknowledged it but said it is unlike it will be fixed.

Similar Messages

  • Filevault and Secure Virtual Memory

    If I have filevault enabled and secure virtual memory am I reducing my system performance because it would be encrypting already encrypted data?
    What sorts of security breaches can occur by not enabling secure virtual memory?
    P.S would this protect against the hack where a thief can extract my RAM and read my system password stored inside?
    Thanks
    -IP20

    Hi, Bob,
    Yes, you are right but "not exactly."
    If the computer is a laptop and is stolen with an intact battery and has not been shut down, then data in RAM may be accessible. It may be difficult, however, to take a desktop Mac without removing power which would cause the RAM's content to be lost (except for PRAM.)
    As for cryogenically freezing the computer that would most likely require removing the computer to another location. Removing frozen chips would be difficult if one wished to avoid having them increase to a temperature where the data would be lost.
    In any event I don't think the above are even relevant concerns for the consumer user. What would the typical home user have on a computer that would merit such extreme measures. Handling something cold enough to freeze RAM sufficiently to recover its content requires special equipment. I don't think my neighbor really cares that much - and the hacker would need direct access to the hardware. I don't think I would let someone have access to my computer that showed up at my door with a large thermos of liquid nitrogen! Furthermore who would leave their computer turned on and accessible, then walk away from it if they were so security conscious that they needed to use FileVault and Secure VM?

  • Encryption algorithms used in SQL Compact Edition 3.5

    Hi,
    In the info for SQL Compact Edition 3.5 it states that one of the features is:
    Support for newer and more secure encryption algorithms.
    I can't seem to find details of exactly what these new, more secure algorithms are. It appears 3.1 used 128-bit RSA. Is this the same in 3.5, or has this changed?
    Thanks

    The official word is now out here: http://209.34.241.67/laxmi/archive/2008/04/15/sql-server-compact-database-file-security.aspx

  • ML FileVault how secure is it?

    I just ordered a new MBP and as a result will upgrade to ML.
    I have sensitive date on my MBP that in case of theft should be not accessible to the thief.
    the question is how secure if FV?  I read an older article that it is not. http://www.theregister.co.uk/2012/02/03/apple_disc_crypto_broken/.
    I also read some other things but it is still unclear to me.  mind you I am not an expert on this at all, so I might have missed points. 
    an other point is that I was warned by people that if you turn FV on and than of it might cause problems.  however this was in the days of it first appearing.  is this still the case?
    Is there anybody out there who knows what the score on this is.
    Thanks

    I am not an expert on Apple's FileVault but I did work in IT security for a long time so I think I can make some general comments that may be of assistance.
    Firstly, the article you reference seems clearly to be for a very specific type of attack.  This is for reasonably sophisticated attackers who can access your computer while it is still turned on.  That allows them to access the encryption key used for FileVault and bypass the encryption.  The risk you are worried about possibly doesn't match this threat at all.
    For instance, this threat doesn't seem to apply if your computer is turned off - I think the contents of memory can typically only be read for a few minutes after power off (there are technical articles on the web about this if you need to know more).  Of course, your computer is a laptop and so it is battery powered and therefore it is not out of the question that a thief would be able to steal it while still on - pulling out the power won't shut it down.  You need to consider whether this is a likely scenario, depending on how you use it, and if you think these attackers would be likely to attempt this type of exploit - as opposed to just nicking it at Cash Converters (insert name of local pawn shop).
    Secondly, it is true that if you encrypt your whole disk it can affect things like backups, depending on how you do them.  A change to one file affects the entire encrypted volume and this may result in much larger backups as the backup might have to copy your entire disk or home directory.  However, as far as I can see FileVault is now a mature technology, we have many Macbooks at work using it and they seem to be fine.
    I hope that's some helpful background and perhaps someone with more expertise in this area will also respond.  Another thing worth mentioning is that you can create encrypted disk volumes using Disk Utility that are good for small quantities of sensitive information. This is how I have always done it. You avoid any possible problems with making your entire directory encrypted, and still get the same type of protection for your sensitive data.  You can read http://support.apple.com/kb/HT1578?viewlocale=en_US&locale=en_US for more information on how to do that.
    There are also several other useful threads relating to FileVault in Apple Discussions, for instance https://discussions.apple.com/message/17942614#17942614 . You should be able to see them on the right hand side of this page under "More Like This".
    Hope that is helpful.
    Ivan

  • Conversion of postscript (converted from secure or encrypted pdf) to pdf

    I have a postscript file which has been created from secure or encrypted (opening restriction) pdf.
    Now when i use distiller to convert this postscript file to pdf then distiller cannot produce a pdf file.
    The log file contains following text:
    This PostScript file was created from an encrypted PDF file.
    Redistilling encrypted PDF is not permitted.
    %%[ Flushing: rest of job (to end-of-file) will be ignored ]%%
    %%[ Warning: PostScript error. No PDF file produced. ] %%
    1) Is there a way to convert this postscript file into pdf ?
    I have a limitation that i cannot remove security from secure pdf.
    2) Do distiller provide any settings which can be changed to convert
    this kind of ps(from secure pdf) to pdf.
    3) Can we provide password to distiller during process of conversion to
    pdf.
    4) If above methods do not work then is there a way we can
    programatically using Distiller Api's for conversion to pdf.
    Like methods 'FileToPdf' etc.
    Thanks in advance.

    I am facing a similar problem.
    My workflow dictates that I convert the input PDF job initially to PS and finally back to PDF. If the input PDF file is secure (it's not encrypted - you will still be able to open the document), the redistillation of PS to PDF fails while using Normalizer 6.0 && 9.0 libraries. If I use Normalizer 505 library, the redistillation succeeds. I have checked with the same generated PS on both Distiller 6.0 && 9.0, and both the versions fail to reconvert as well. I am a little surprised that 6.0 and 9.0 will fail to do something that 505 library manages.
    Any suggestions?

  • Error in Admin and manager server startup - BEA-149205-  due to error weblogic.security.internal.encryption.EncryptionServiceException

    Hi -
    I have installed OIM 11g r2 ps2, I an tring to start my Admin and SOA server :
    1. Though my admin server is coming up fine, but I am getting the following error when I am trying to start Admin server.
    ####<Apr 22, 2015 12:22:27 AM PDT> <Error> <Deployer> <devoimx003> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS
    Kernel>> <> <> <1429687347654> <BEA-149205> <Failed to initialize the application 'opss-DBDS' due to error weblogic.security.internal.encryption.EncryptionServiceException.
    weblogic.security.internal.encryption.EncryptionServiceException
            at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
            at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
            at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
            at sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
            at java.lang.reflect.Method.invoke(Method.java:597)
            at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy._invokeServiceMethod(DescriptorManager.java:173)
            at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy.decrypt(DescriptorManager.java:192)
            at weblogic.descriptor.DescriptorManager$SecurityServiceImpl.decrypt(DescriptorManager.java:114)
            at weblogic.descriptor.internal.AbstractDescriptorBean._decrypt(AbstractDescriptorBean.java:1092)
            at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.getPassword(JDBCDriverParamsBeanImpl.java:337)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getDriverProperties(DataSourceConnectionPoolConfig.java:368)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$2.run(DataSourceConnectionPoolConfig.java:304)
            at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
            at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.initJDBCParameters(DataSourceConnectionPoolConfig.java:300)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.access$000(DataSourceConnectionPoolConfig.java:24)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$1.run(DataSourceConnectionPoolConfig.java:78)
            at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
            at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getPoolProperties(DataSourceConnectionPoolConfig.java:75)
            at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1329)
            at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:176)
            at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:507)
            at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:428)
            at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:280)
            at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
            at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
            at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
            at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
            at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
            at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:648)
            at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
            at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
            at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:44)
            at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
            at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
        at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
            at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
            at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
            at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
            at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
            at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
            at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
            at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
            at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
            at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
            at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
            at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
    Caused By: weblogic.security.internal.encryption.EncryptionServiceException
            at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
            at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
            at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
            at sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
            at java.lang.reflect.Method.invoke(Method.java:597)
            at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy._invokeServiceMethod(DescriptorManager.java:173)
            at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy.decrypt(DescriptorManager.java:192)
            at weblogic.descriptor.DescriptorManager$SecurityServiceImpl.decrypt(DescriptorManager.java:114)
            at weblogic.descriptor.internal.AbstractDescriptorBean._decrypt(AbstractDescriptorBean.java:1092)
            at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.getPassword(JDBCDriverParamsBeanImpl.java:337)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getDriverProperties(DataSourceConnectionPoolConfig.java:368)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$2.run(DataSourceConnectionPoolConfig.java:304)
            at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
            at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.initJDBCParameters(DataSourceConnectionPoolConfig.java:300)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.access$000(DataSourceConnectionPoolConfig.java:24)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$1.run(DataSourceConnectionPoolConfig.java:78)
            at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
            at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getPoolProperties(DataSourceConnectionPoolConfig.java:75)
            at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1329)
            at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:176)
            at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:507)
            at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:428)
            at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:280)
            at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
            at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
            at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
          at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
            at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
            at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:648)
            at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
            at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
            at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:44)
            at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
            at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
            at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
            at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
            at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
            at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
            at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
            at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
            at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
            at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
            at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
            at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
            at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
            at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
    2. My SOA server is coming up but in admin mode and giving OPSS connections errors.
    Any help is really appreciated!
    Thanks,
    SK

    Hi Faisal -
    is your domain in development mode or production mode?
         - While configuring my domian , I had selected Prod Mode, but pon start up when I see in admin server console, it is starting in developement mode already ?
    Any idea how, why ?
    if its production mode you can switch to development mode, change all the credentials in the config.xml and configurations under sub folders to cleartext and start the server..
    - Let me still try these and get back to you.
    Thanks,
    SK

  • Weblogic.security.internal.encryption.EncryptionServiceException: Error decrypting Secret Key

    Hi all,
    I have one admin server 8 managed servers in cluster environment. I am using node
    manager to start managed servers. I used the demo certificate and private key
    file provided by BEA before getting my real certificate, but when I got the real
    certificate the node manager can't no more. The error I am getting is this :
    <Dec 24, 2002 10:01:27 AM EST> <Info> <NodeManager> <NodeManager: for information
    on command line options, try "java weblogic.nodemanager.NodeManager help">
    <Dec 24, 2002 10:01:27 AM EST> <Info> <NodeManager> <Starting NodeManager >
    Exception in thread "main" weblogic.security.internal.encryption.EncryptionServiceException:
    Error decrypting Secret Key
         at weblogic.security.internal.encryption.JSafeSecretKeyEncryptor.decryptSecretKey(JSafeSecretKeyEncryptor.java:119)
         at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.<init>(JSafeEncryptionServiceImpl.java:205)
         at weblogic.security.internal.encryption.JSafeEncryptionServiceFactory.getEncryptionService(JSafeEncryptionServiceFactory.java:23)
         at weblogic.nodemanager.NodeManager.initializeEncryptionService(NodeManager.java:727)
         at weblogic.nodemanager.NodeManager.init(NodeManager.java:425)
         at weblogic.nodemanager.NodeManager.main(NodeManager.java:649)
    --------------- nested within: ------------------
    weblogic.security.internal.encryption.EncryptionServiceException - with nested
    exception:
    [weblogic.security.internal.encryption.EncryptionServiceException: Error decrypting
    Secret Key]
         at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.<init>(JSafeEncryptionServiceImpl.java:226)
         at weblogic.security.internal.encryption.JSafeEncryptionServiceFactory.getEncryptionService(JSafeEncryptionServiceFactory.java:23)
         at weblogic.nodemanager.NodeManager.initializeEncryptionService(NodeManager.java:727)
         at weblogic.nodemanager.NodeManager.init(NodeManager.java:425)
         at weblogic.nodemanager.NodeManager.main(NodeManager.java:649)
    here is the setting of node manager
    # Set user-defined variables.
    BEA_HOME="/opt/app/weblogic"
    WL_HOME=${BEA_HOME}/weblogic700
    NODEMGR_HOME=${BEA_HOME}/common/nodemanager/config
    JAVA_HOME=${BEA_HOME}/software/j2sdk1_3_1_06
    #Set NODEMANAGER variables
    NODEMANAGER_CERTIFICATEFILE=${NODEMGR_HOME}/uxmwpr01_nam_pwcinternal_com-cert.pem
    NODEMANAGER_KEYFILE=${NODEMGR_HOME}/uxmwpr01_nam_pwcinternal_com-key.der
    NODEMANAGER_KEYPASSWORD="wR2DfgiHjF0m4"
    NODEMANAGER_LISTENADDRESS="uxmwpr01"
    NODEMANAGER_LISTENPORT="5501"
    NODEMANAGER_REVERSEDNS="true"
    NODEMANAGER_SSLVERIFICATION="true"
    NODEMANAGER_STARTTEMPLATE=${NODEMGR_HOME}/startManagedWeblogic
    NODEMANAGER_SSLTRUSTED=${WL_HOME}/server/lib/cacerts
    NODEMANAGER_JAVASECURITY=${WL_HOME}/server/lib/weblogic.policy
    NODEMANAGER_TRUSTEDHOSTS=${NODEMGR_HOME}/nodemanager.hosts
    NODEMANAGER_NATIVEIO="true"
    ${JAVA_HOME}/bin/java ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS} -classpath "${CLASSPATH}"
    -Dbea.home=${BEA_HOME} -Dweblogic.security.SSL.trustedCAKeyStore=${NODEMANAGER_SSLTRUSTED}
    -Djava.security.policy=${NODEMANAGER_JAVASECURITY} -Dweblogic.nodemanager.javaHome=${JAVA_HOME}
    -Dweblogic.ListenAddress=${NODEMANAGER_LISTENADDRESS} -Dweblogic.ListenPort=${NODEMANAGER_LISTENPORT}
    -Dweblogic.nodemanager.certificateFile=${NODEMANAGER_CERTIFICATEFILE} -Dweblogic.nodemanager.keyFile=${NODEMANAGER_KEYFILE}
    -Dweblogic.nodemanager.keyPassword=${NODEMANAGER_KEYPASSWORD} -Dweblogic.nodemanager.reverseDnsEnabled=${NODEMANAGER_REVERSEDNS}
    -Dweblogic.nodemanager.startTemplate=${NODEMANAGER_STARTTEMPLATE} -Dweblogic.nodemanager.sslHostNameVerificationEnabled=${NODEMANAGER_SSLVERIFICATION}
    -Dweblogic.nodemanager.trustedHosts=${NODEMANAGER_TRUSTEDHOSTS} -Dweblogic.nodemanager.nativeVersionEnabled=${NODEMANAGER_NATIVEIO}
    weblogic.nodemanager.NodeManager

    "Jas" <[email protected]> wrote in message news:<3e657be5$[email protected]>...
    Hi,
    I am wondering if anyone has tried creating a domain on a weblogic server by copying
    and pasting an entire domain directory. ie. Copying %bea_home%\config\DomainName
    to the new installation %bea_home%\config\DomainName.
    When I do this I get the following error when starting up the weblogic server:
    "The WebLogic Server did not start up properly. Exception raised:
    weblogic.security.internal.encryption.EncryptionServiceException:Error decrypting
    Secret Key" when loading config.xml
    I assume this is because the weblogic system password is encrypted in the config.xml
    file. Is there anyway I can get around this so I can easily clone weblogic servers?
    Thanks,
    JasJas,
    Yeah the security key is tied to the server, what exactly are you
    trying to accomplish? Do you want seperate domains or servers? Are
    they on different physical servers?
    Also what version of wls? 6 or 7?
    Will try to help you if I can
    Steve

  • What is the best encryption algorithm to use on a Mac

    If I'm using a program like cryptor-1.51, what is most reliable encryption algorithm I could use with it?

    Ask the developer. BTW, they claim you can use Blowfish, RC2, RC4, RC5, DES, and AES
    (128,192 and 256-bit) encryption schemes.

  • No available encryption algorithms in my ASA

    Hi all,
    I have a cisco asa 5510 running ver 8.02, when i navigate to "remote access vpn-> advanced->ssl settings" i could not see any available algorithms under encryption section. How can i add the encryption algorithm in? I need the encryption algorithm as i want to enable ssl authentication using cert on my asa interface. Pls advise. Thk you.

    Hi Don,
    What exactly are you looking for?
    The ASA base license does allow two simultaneous SSL sessions and you do not need any extra license to achieve certificate authentication.
    In order to allow certificate authentication per connection profile:
    Please check this document for further reference:
    AnyConnect Certificate Based Authentication.
    HTH.
    Portu.
    Please rate any helpful posts

  • Simple encryption algorithm

    Hi there,
    Where can i find a very simple encryption algorithm to allow me to encrypt basic strings?
    It should be simple enough so i can make a version for Java and Cobol.
    Thanks for any help.

    I guess you can implement any encryption algorithm with either language. XOR should suffice... just not ROT13, it'll be a pain with EBCDIC. XOR each byte with some byte you randomly picked.

  • When turning on Advanced Security Network Encryption tnsping fails

    Hi people,
    I'm installing Advanced Security Network Encryption in my server (RHEL 3), I've configured my sqlnet.ora as follows:
    SQLNET.CRYPTO_CHECKSUM_SERVER = REQUIRED
    SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER = MD5
    SQLNET.ENCRYPTION_TYPES_SERVER= (RC4_256)
    SQLNET.ENCRYPTION_SERVER = REQUIRED
    SQLNET.CRYPTO_SEED = "abcdefg"
    After that, tnsping do not work anymore, I'm getting TNS-03505 - "Failed to resolve name".
    If I remove Adv. Security configuration tnsping become normal.
    Do anybody knows what can it be?
    Thanks in Advance
    André Teixeira

    Are you running tnsping from the server to itself? Or from the client? Has Advanced Security been configured on the client?
    Justin
    Distributed Database Consulting, Inc.
    http://www.ddbcinc.com/askDDBC

  • Is it possible to use multiple encryption algorithms in Oracle 10g RAC?

    We have two separate databases on same physical servers, running 10g RAC Using TDE, is it possible to have different encryption algorithms for each database?

    It is possible to have every column in a single table use a different algorithm.
    Take a look in Morgan's Library (www.morganslibrary.org/library.html) under
    Wallet
    Transparent Data Encryption
    SecureFiles
    DBMS_CRYPTO
    and perhaps a few other topics.

  • SOAP Security and Encryption...

    Hi All,
    My scenarios are SOAP to IDOC Async and IDOC to SOAP Async.
    How to achieve security and encryption in SOAP side?

    Hi Arthita
    You can use SSL encryption via SAML (http://scn.sap.com/docs/DOC-16302)
    Or you migt find it usefull to check out Siva Kumar Arivinti document http://scn.sap.com/docs/DOC-26144 SSL Configuration in SAP ABAP AS and JAVA AS – Step-by-step procedure.
    Regards Torben

  • Network security: Configure encryption types allowed for Kerberos-Windows 2008

    If below setting has been enabled in domain policy on Windows 2008 R2 DC ; what is the effect on Windows 2008 Member server . that seeting is not present in Windows 2008.
    Network security: Configure encryption types allowed for Kerberos:
    Please advice & if possible please provide more info.
    AliahMurfy

    Hi,
    I found some related information is some type of the encrypt not supported on the server 2008, such as AES128_HMAC_SHA1.
    More detail information please refer the following KB:
    Network security: Configure encryption types allowed for Kerberos
    http://technet.microsoft.com/en-us/library/jj852180(v=ws.10).aspx
    Hope this helps.
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • Remote desktop is it secure and encrypted for windows 7 and windows 2008 servers

    Remote desktop is it secure and encrypted? any supporting documenting showing if it is secure and encrypted .

    Hi,
    Yes, RDP is secure and encrypted. RDP uses RSA Security's RC4 cipher, a stream cipher designed to efficiently encrypt small amounts of data. RC4 is designed for secure communications over
    networks. Administrators can choose to encrypt data by using a 56- or 128-bit key.
    For more details, you can refer to the following:
    Standard RDP Security
    http://msdn.microsoft.com/en-us/library/cc240771.aspx
    Enhanced RDP Security
    http://msdn.microsoft.com/en-us/library/cc240795.aspx
    Secure RDS (Remote Desktop Services) Connections with SSL
    http://technet.microsoft.com/en-us/magazine/ff458357.aspx
    Configure Security Settings for Remote Desktop Services Connections
    http://technet.microsoft.com/en-us/library/cc753488.aspx
    Thanks.
    Jeremy Wu
    TechNet Community Support

Maybe you are looking for

  • Error while opening the Pdf Attachment  at the time sending mail ..

    Hi Frn's ,    i am sending a mail with pdf attachment ... but the pdf is not opening ...it is giving error "There was and error opening this document . This file can not be open because it has no page ." Please resolve the problem ...below is the cod

  • Queries on two fronts

    I am experiencing 2 problems, in the last few days. 1) Why do some icons on my Desktop have a small grey square with a white triangular line inside, and what does this mean. 2) I have wanted to send some multiple pic files to another Forum, nothing t

  • Flash 11 ExternalInterface.call slow response or Not working on Firefox 18 windows 7

    I'm working in a flash project that usually use externallinterface.call to call javascript from html. But when I update firefox to version 18. When I call javascript from flash it will take awhile to response. For example I make a simple flash with 1

  • Non-updated Idocs found in Business Information Warehouse

    Hi, I got the following error while trying to load data: "Non-updated Idocs found in Business Information Warehouse Diagnosis      IDocs were found in the ALE inbox for Business Information Warehouse that are not updated. Processing is overdue. Error

  • Long SMS messages are being cut off-- iPhone 5 (original model), iOS 7.1.2

    When I receive messages from people on different carriers, AT&T in particular, I only receive the first 160 characters. The reason I'm asking is because this is a recent problem. I had no issue receiving long texts from people before; it would either