How Midlet Signing prevents code modification.

Similar Messages

• Signed classes & preventing code modification

  Hi, I've got a generic question concerning preventing code modification.
  Suppose I have written some neat code (yeah, that might happen, one never knows ;-)) and I want to bundle it in a JAR AND make sure nobody will modify my code (at least, without a warning).
  All right. I make up my JAR, and I sign it. This adds a SIGNER.SF & SIGNER.DSA/.RSA to the JAR.
  Yes... but... what prevents another person from:
  1. downloading my JAR
  2. unjarring my JAR, and retrieving the important .classes
  3. eventually, modifying the .class (to make my code silly and ugly for instance ! ;-( ).
  4. make again the JAR, and sign it with his own keys
  You'll tell me: "Yes, this is possible, but then the code is signed by him, not by you !". Correct... But who will warn the user that has downloaded my code that he's not using "my" code but another one.
  I'll have to tell him "check the signature is 0215AB45...". 1/ This is Highly unpractical... 2/ If He's the bad guy, this does not prevent him from modifying my code !
  Any solution or interesting thoughts for that topic ?
  Thanks,
  Axelle.

  Signing is not intended to prevent modification, java classes can always be decompiled, modified and redistributed. What signing does is allow modification to be detected.
  If a user has your public key, he will be able to detect that the (modified) jar was not signed by you, and hence is untrustworthy.
  Similarly a java application can detect that a given jar file (or even object, eg: an authentication token) was not signed by you, and hence cannot be trusted. If however the Bad Girl has access to the application code, she can decompile said application code and modify it so that it doesn't care.
  If you want to protect your code, you can try obfuscating it (there are various obfuscation tools around, do a search on google), but all this does is make the decompiled code less easy to read (variable names all a1, a2, etc), and won't really stop anyone who is serious about stealing your cool code.
  Another option might be to deploy a compiled version (if you are distributing an application to a single platform), but this won't work with applets, loses the portability of java classes, and if the Bad Girl is good enough (and determined enough) it will only slow her down (though probably a fair bit).
  The only sure fire way I know of preventing your Java code from being stolen is to not distribute it, which is hardly useful.

• How to sign VBA Code in AO and save it on BW-IP side.

  Does anybody know if it is possible to sign vba code in AO and save this as Document into BW-IP (to SAP NetWeaver)?
  If I try to sign the complete Workbook with a certificate I always get the prompt to convert the file into a Excel file, is it still possible than to save the Workbook to SAPNetWeaver? Anybody tried?

  Hi,
  I have done that many times. Create a button in the toolbar,say 'SAVE'. Write the code in the subroutine user command.For example :
  *&      Form  USER_COMMAND
  FORM USER_COMMAND USING R_UCOMM LIKE SY-UCOMM
          RS_SELFIELD TYPE SLIS_SELFIELD.
    DATA : REF_GRID TYPE REF TO CL_GUI_ALV_GRID.
    DATA: L_VALID TYPE C.
  *Code to reflect the changes done in the internal table
    IF REF_GRID IS INITIAL.
      CALL FUNCTION 'GET_GLOBALS_FROM_SLVC_FULLSCR'
        IMPORTING
          E_GRID = REF_GRID.
    ENDIF.
    IF NOT REF_GRID IS INITIAL.
      CALL METHOD REF_GRID->CHECK_CHANGED_DATA
        IMPORTING
          E_VALID = L_VALID.
    ENDIF.
    CASE SY-UCOMM.
      WHEN 'SAVE'.
      PERFORM BDC."Write all you BDC code in this subroutine
    ENDCASE.
  ENDFORM.
  Hope this will help.
  Thanks & Regards,
  Rock.

• Code modification...urgent

  hi experts,
  i am new to enhancement and modifications.
  can anybody tell me
  1.is the term modification and code modification one and the       
     same?or different?if so,
  2.what is code modification?
  3.how do u do code modification?
  4.adv. and disadv. of code modifications?
  i appreciate if u provide links also.
  thanks in advance.

  Hi
  Explicit Enhancement Options
  There are two types of explicit enhancement options: Source code enhancements with source code plug-ins and BAdIs:
  •        Explicit enhancement options of the source code enhancement type allow you to insert source code plug-ins. These are lines of code that are executed if the source code enhancement option is inserted in the code with the Enhancement Point command. Source code enhancement options with the Enhancement Section command behave the same, except that the source code plug-in replaces the section in the original code. Therefore, you are not only able to enhance the original code, but can also flag specific code sections (as enhancement sections) so that other developers can replace these sections with other code without making modifications.
  •        Business Add-Ins (BAdIs) are “hangers” for object plug-ins. A BAdI definition comprises an interface with methods. BAdIs are enhanced by classes that implement the BAdI interface. If you instantiate a BAdI and then call its methods, you can, among other things, specify which method implementations are to be carried out on the basis of filter values. In other words, a BAdI method call is a dynamic method call with a specified interface, for which it is not determined until runtime which method implementations are to take place.
  In the case of source code enhancements, the definition and call coincide. You define BAdIs once in the BAdI Builder and can then call them at different points in the various compilation units.
  Implicit Enhancement Options 
  Implicit enhancement options are fixed points in compilation units – that is, points that remain intact even if the code is changed. This is important for the following reason: If the location of an enhancement is moved, you have to check manually after an upgrade whether the enhancement is still at the correct point and replace it if necessary. The following are implicit enhancement options at which enhancements can always be inserted:
  •        You can always insert source code plug-ins before the first and the after the last line of includes, methods, reports, and function modules.
  •        You can always add further optional parameters to function modules.
  •        For global classes, there are different permanent, implicit options for enhancements: You can insert additional attributes or methods, and you can add optional parameters to existing methods
  Customer-Specific Modification and Enhancement Possibilities
  Use
  The following documentation provides an overview of the customer-specific modification and enhancement possibilities in the IS-H System. Note that to implement enhancements, you require ABAP programming knowledge.
  Features
  The IS-H system provides the following technical possibilities for customer-specific modifications and enhancements
  Business Add-Ins (BAdIs)
     If default code (standard procedure defined by SAP) exists for the BAdI, please note it will be overwritten when you implement the BAdI. You can, if required, re-use the default code in your implementation.
  As of SAP NetWeaver 2004, the enhancement concept of the ABAP Workbench (Enhancement Framework) is available for BAdIs. Note that SAP Patient Management contains BAdIs that use the Enhancement Framework as well as the classic BAdIs.
  Customer Exits (transaction SMOD)
    If SAP delivers sample code for the customer exit, you can access it when implementing the exit by choosing Goto ® Sample Code. You can re-use the sample code using Copy&Paste
  User Exits from the IS-H Implementation Guide: Basic Settings ® Configuration/Systems/Events ® Display SAP User Exits.
    To implement the IS-H user exits, copy the function module delivered by SAP into a customer-specific function group. The name of the function module delivered by SAP is specified in the table you call in the IS-H Implementation Guide by choosing the path specified to the left here.
  Once you’ve copied the source code, you can modify this copy to meet your needs. Note that you must not modify the interface of your own function module.
  Now enter the name you’ve chosen for the function module in the customer table. You access this table by choosing Basic Settings ® Configuration/Systems/Events ® Configure Customer User Exits.
  If it is helpful rewards points.
  Regards
  Pratap.M

• When printing a signed document with Adobe Reader, the comment icons appear.  How do I prevent this

  When printing a signed document with Adobe Reader, the comment icons appear.  How do I prevent this ?

  When printing from Reader, select Document instead of Document and Markups:

• How to manage code modifications among multiple users using Project.mpt or Global.mpt

  Hi,
  There is one copy of a Template.mpt file in the shared drive. Users copy this file to their project folder for a specific project and they save it as Project_n.mpp. There is only one Project_n.mpp file per project. So whoever works on the particular project
  will always open the same Project_n.mpp file. There is a lot of projects that users work on and each of them has its respective Project1.mpp, Project2.mpp, Pproject3.mpp etc.file.
  These files contain modules that are called on the Project Open and some of them on the Project Close. Current code in modules is used to update the project file with data from a database and also to update database with the data from
  the project file.
  I am looking now into the solution on how to incorporate any future modifications of the modules so that it can be applied to all project files.
  If I modify code in any of the modules of the Template.mpt file that is on the Shared drive I am now sure that modifications will apply only to the new projects (when user initiate the Project_n.mpp and starts from the Template.mpt).
  But in the case of already created project files (Project1.mpp, Project2.mpp, Project3.mpp) I also want to apply the modified code in modules, but currently when I open them I have the old code.
  I tried using Global.mpt file but ran into some issues such as if I move all modules to the global.mpt the functions called from ThisProject/Project Open are ending having errors since they are not defined. Is there any way of specifying
  in the project that modules are defined in the Global.mpt.
  I also tried to Move modules from Template.mpt file to the Project_n.mpp file on the opening. Before moving modules I deleted them to avoid having to answer to the question "Do you want to replace the file?", but then some modules wouldn't get deleted
  right away because functions that are called in the Project.mpp open event are defined in the modules I want to delete. They get deleted at the end of the code execute and that causes issues when code runs again.
  I would appreciate any help, suggestion on how to solve this issue. I am open to any proposition in regards how to share modifications among all users and previous and future projects.
  Thanks in advance.

   Well, it certainly sounds like you could use Project Server, rather than standalone Project and MPP files stored on hard drives. This would be a perfect example of why Project Server was developed. 
  Some of the features that may address your needs are...
  Project Server permits the creation of "template" schedules, so that users create new projects from existing Templates on the server. There can be as many as you like - different templates
  for different types of schedules. Users have a drop down menu to select which "type" of project they want to create. There are other items that can be associated to the project creation.
  Project Server also has workflow, which can perform actions (on the server side, not the desktop) to help manage the Project Management process flow.
  Project Server allows many users to access the same copy of the schedule via a check-out (for editing) / check-in mechanism. This ensures that everyone is seeing the current and accurate version of
  the schedule.
  Project Server allows you to automatically keep "archived" versions of your published schedules for backup / restore purposes.
  Project Server stores all project information in a SQL server database which permits you to use standard SQL tools to transfer data in / out.
  Finally, Project Server still uses a Global.mpt, which is stored in the database and every user gets an automatic update of that file each time they open a project from the server (they get a local
  copy, which updates with any changes) so that all changes to Global MPT are pushed out to all project users.
  It sounds like you may benefit from Project Server Online, which is quick and relatively cost effective.
  http://office.microsoft.com/en-us/project-server-help/get-started-with-project-online-HA102858793.aspx
  Pay close attention to your data transfer needs, this area is getting better, but may or may not meet your requirements.
  Finally, work with a Microsoft Partner who has "been there and done that" so you get the most benefit from Project Server.
  Hope that helps,
  Thanks, Eric S. Pcubed

• How can we prevent viewing the source code  of JSP by the user

  Dear sirs,
  how can we prevent viewing the source code by the user ( from the browser for the Viwe Sorce option) for a JSP file that use struts frame work.
  infact i don't wan the user to view the javascript that in incorporated in the JSP for various purpose...
  thanks and regards...
  Sudheesh K S
  INDIA

  Dear sirs,
  how can we prevent viewing the source code by the
  user ( from the browser for the Viwe Sorce option)
  for a JSP file that use struts frame work.
  infact i don't wan the user to view the javascript
  that in incorporated in the JSP for various
  purpose...
  thanks and regards...
  Sudheesh K S
  INDIAJSP and Servlets are programs/scripts that run on the server. The user/clients only sees the HTML output generated by the server. If you want to hide JavaScript from casual users then you can put the JavaScript code in a seperate file. This file can however be read from the Cache.

• Midlet Signing

  Hello,
  Questions
  - Is trusted third party signing enough to reach a significant amount of JSR-75 compatible mobiles, with a good user experience ?
  -What is the best third party for signing midlets ?
  - Is Manufacturer & Operator Sining feasible for a small company ?
  Background
  we're involved in a project that aims at accessing various data on the memory car/Internal memory/Sim+ memory of mobile phones.
  we know JSR-75 "File connection" is a must to do that, and we wish to use it on every capable phone.
  Different-devices = different-behaviour
  However, we are facing a platform/menufacturer specific issue :
  With an unsigned midlet :
  -Nokia device (6680, 6120, n95...) give access to the data, but keeps asking the permission to the user each time he wants to read a single file
  -Sagem (my700x) device allows us to configure the program so that we're asked only once the permission.
  - Motorola (RAZR V3i) freezes....
  Midlet signing solutions
  I know that midlet signing can help. However, we don't know which signing process suites our need :
  - Java Code Signing (self-certification using keytool)
  - Java Code Signing - Trusted third party (buying the certificate from Verysign or Thawthe as in google mail)
  - Manufacturer & Operator.
  Edited by: Nicolas_Dmailer on Dec 19, 2007 8:16 AM
  Edited by: Nicolas_Dmailer on Dec 19, 2007 11:53 PM

  Signing issue related with permission of midlet like to send the SMS to open the http connection that api required certification of third party & u can sign the midlet using tool givan by java itself
  here is link u can see the how to sign the midlet first then follow the certification procedure
  http://developers.sun.com/techtopics/mobility/wtk/demos/wtk-sign.html
  its link how can sign with wireless tollkit
  to certification u can follow but u have to check u rdevice which certification support then choose
  1) Verisign certification : u can visit www.verisign.com here u got the link for digital key under u got link for for sun java certification
  2)Also u can follow thawte certification : u can visit also thwate.com
  3)Or u can visit for java certification www.javacertification.com
  Regards
  AB
  for RMS persistence issue no need of signing u have to check code

• FiOS INTERNET - What is spam and how can I prevent it?

  Spam is unsolicited junk email sent out over the Internet. Technically, it's Unsolicited Bulk Email, or UBE. Spam is sent without permission to thousands of recipients at once. Most spam is advertising for dubious products, get-rich-quick schemes, and adult content.
  You can sign up for email updates and offers that may be of interest to you. Spam is the email you didn't sign up for. Occasionally a company will sell its emailing list that includes your name, to an email marketer. The email marketer then begins to spam you. Check the privacy policy before you give your email address to any company.
  Another method spammers use to acquire your email address is through your browser. You may have entered your email address when you first installed your Web browser. When your browser opens a page on the Web, the site can query your browser for your email address.
  How do I prevent spam in the future?
  Review a Web site's privacy policy before deciding to provide information about yourself.
  A Web site's policy outlines how the site might use your email address or other personal information that they collect. If a Web site doesn't have a privacy policy or if the policy doesn't explicitly guarantee that your personal information will not be shared, you should assume that any information you provide to that site could be sold to spammers or other direct marketers.

  A package is just a way of organizing your code. You organize the code in directories. For example if you have a package called "package database.util" you should put the Java code in a directory called "database/util/".

• How to create Bar code

  Hi,
  How to create Bar code?
      Explain the steps.

  Hi,
  A barcode solution consists of the following:
  - a barcode printer
  - a barcode reader
  - a mobile data collection application/program
  A barcode label is a special symbology to represent human readable information such as a material number or batch number
  in machine readable format.
  There are different symbologies for different applications and different industries. Luckily, you need not worry to much about that as the logistics supply chain has mostly standardized on 3 of 9 and 128 barcode symbologies - which all barcode readers support and which SAP support natively in it's printing protocols.
  You can print barcodes from SAP by modifying an existing output form.
  Behind every output form is a print program that collects all the data and then pass it to the form. The form contains the layout as well as the font, line and paragraph formats. These forms are designed using SAPScript (a very easy but frustratingly simplistic form format language) or SmartForms that is more of a graphical form design tool.
  Barcodes are nothing more than a font definition and is part of the style sheet associated with a particular SAPScript form. The most important aspect is to place a parameter in the line of the form that points to the data element that you want to represent as barcode on the form, i.e. material number. Next you need to set the font for that parameter value to one of the supported barcode symbologies.
  The next part of the equation can be a bit tricky as you will need to get a printer to print that barcode font. Regular laser printers does not normally print barcode fonts, only specialized industrial printers that is specifically designed to support that protocol and that uses specialized label media and heat transfer (resin) ribbon to create the sharp image required for barcodes.
  Not to fear though, there are two ways to get around this:
  - You can have your IT department do some research -
  most laser printers can accept a font cartridge/dimm chip (similar to computer memory), called a BarDIMM that will allow a laser printer to support the printing of barcodes.
  - Secondly, you can buy software that you can upload in your SAP print Server that will convert the barcode symbology as an image that will print on a regular laser printer. I found that this option results in less sharper barcodes. This option is really if you need to convert a large quantity of printers (>10) to support barcodes.
  - Thirdly, you can buy a third party software like Barcode.dll and install on your frontend PC connected to the laser printer.
  Now you have a barcode printed - what next?
  Well there are two options, depending on your business requirements:
  - You can use an existing SAP transaction on a regular workstation and get a barcode wedge reader to hook up between the keyboard and the PC. These wedge readers comes in a wand or scanner format. There are even wireless wedge scanners available that allows you to roam a few yards from the workstation to scan a label. This approach is mostly used where you want to prevent human errors in typing in long material, batch or serial numbers in receiving or issuing of material. The problem is that it's just replacing the keyboard input and you are basically locked down in one location and have to bring all the material to that location to process.
  - Another solution is to use SAPConsole transactions
  or write your own ABAP Dialog programs that will fit onto a barcode enabled wireless handheld terminal and that will follow the business logic as executed on the shop floor.
  These programs are highly complex exercises in industrial engineering and ergonomics because of the limited screen sizes and limited ability to accept keyboard input. The user is instructed step-by-step and only scan and push F-keys to interact with the SAP system. Scan, scan, beep, beep, enter - highly automated.
  <b>To Create a Bar code Prefix</b>
  1) Go to T-code - SPAD -> Full Administration -> Click on Device Type -> Double click the device for which you wish to create the print control -> Click on Print Control tab ->Click on change mode -> Click the plus sign to add a row or prefix say SBP99 (Prefix must start with SBP) -> save you changes , it will ask for request -> create request and save
  2) Now when you go to SE73 if you enter SBP00 for you device it will add the newly created Prefix
  http://www.servopack.de/Files/HB/ZPLcommands.pdf.
  Check this link:
  http://help.sap.com/saphelp_nw04/helpdata/en/d9/4a94c851ea11d189570000e829fbbd/content.htm
  Regards,
  Padmam.

• Midlet signing - is it worth it ?

  Hi,
  What I don't understand is, how signing prevents a hacker, to copy the Java program, re engineer it with some other code, and then publish it with the same name - with no signature. What does the user need to do in order to verify that the version he has - is signed ?
  Also, is there a list somewhere of which Cellular models work with which public key provider.
  And finally, which company is the best to but a Public Key for Nokia cellulars.
  Thanks

  If at all possible, keep the pc alive.  You will need a place to backup your stuff that will not go to the cloud.  If your pc supports the current version of I tunes, then load it up and make that your central storage place.   If your problem is simply lack of disk space on the pc, external USB drives are pretty cheap.
  In any event, you will need I tunes to get the non purchased music o to your pad, so you will need a pc at some point.

• Midlet Signing Problem

  I signed a midlet and tried to load it to my Cingular Motorola V557 phone.
  All I want is to use Bluetooth. So I bought a Verisign Java Code signing certificate and did everything the tutorials told me to do in regards to the keystore file. I am using EclipseME and set it to sign my midlet using that keystore, it correctly asks me for my passwords so I know it tried to do its work.
  When I upload it to the phone I get the following error:
  Authorization failed, application not installed.
  I am a noob to signing java code so I am hoping this is something fundamental:
  Here is a copy of my jad file:
  MIDlet-Jar-Size: 40360
  MIDlet-1: tbt,,midlets.BluetoothTest
  MIDlet-Jar-URL: tbt.jar
  MIDlet-Jar-RSA-SHA1: a8I0l6zLBH6JoL0VGnHjaJ5rZ8YptQf1q7tW1BzXe+Xr4EWVp4mrhtfhAy1dooXFYj2aihZg5IaCcG4mWb6fTnpWkwUo1mUt8J88HUu8kaPrRywfJJ1DX+BM2zeHnffck4Psg4S+Iv6LqhaSzr7vzFvMF2uxvRrz7qkSdVFXOiw=
  MicroEdition-Configuration: CLDC-1.1
  MIDlet-Version: 1.0.10
  MIDlet-Certificate-1-2: MIIEvzCCBCigAwIBAgIQQZGhWjl4389JZWY4HUx1wjANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQwNzE2MDAwMDAwWhcNMTQwNzE1MjM1OTU5WjCBtDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNDEuMCwGA1UEAxMlVmVyaVNpZ24gQ2xhc3MgMyBDb2RlIFNpZ25pbmcgMjAwNCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL687rx+74Pr4DdP+wMQOL4I0ox9nfqSfxkMwmvuQlKM3tMcSBMl6sFjevlRZe7Tqjv18JScK/vyZtQk2vf1n24ZOTa80KN2CB4iJyRsOJEn4oRJrhuKof0lgiwQMOhxqyjod0pR8ezN+PBU1G/A420Kj9nYZI1jsi1OJ/aFDv5t4ymZ4oVHfC2Gf+hXj61nwjMykRMg/KkjFJptwoRLdmgE1XEsXSH6iA0m/R8tkSvnAVVN8m01KILf2WtcttbZqoH9X82DumOd0CL8qTtCabKOOrW8tJ4PXsTqLIKLKP1TCJbdtQEg0fmlGOfA7lFwN+G2BUhSSG846sPobHtEhLsCAwEAAaOCAaAwggGcMBIGA1UdEwEB/wQIMAYBAf8CAQAwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDAzAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgABMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFDbGFzczNDQTIwNDgtMS00MzAdBgNVHQ4EFgQUCPVR6Pv+PT1kNnxoz1t4qN+5xTcwgYAGA1UdIwR5MHehY6RhMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIQcLrkHRDZKTS2OMp7A8y6vzANBgkqhkiG9w0BAQUFAAOBgQCuOhe4SntV+mRV7ECk7UlBkJmcibyvLh3KeCP5HBkPf+tovDLZiDje3D/TibQ/sYKW8aRauu0uJtPefAFuAAoApAaSEUgJQPkcGHlnIyTgu9XhUK4b9Q7d4C6BzYCjbFJPkXVViroi8tLqQXWIL2NVfR5UWpVZytk0gcBfXvZ6tQ==
  MIDlet-Certificate-1-1: MIIE5DCCA8ygAwIBAgIQczrbZKL5lkATnBWyJJPECDANBgkqhkiG9w0BAQUFADCBtDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNDEuMCwGA1UEAxMlVmVyaVNpZ24gQ2xhc3MgMyBDb2RlIFNpZ25pbmcgMjAwNCBDQTAeFw0wNjA4MjkwMDAwMDBaFw0wNzA4MjkyMzU5NTlaMIGoMQswCQYDVQQGEwJVUzEOMAwGA1UECBMFVGV4YXMxEDAOBgNVBAcTB0hvdXN0b24xITAfBgNVBAoUGGVQcm9jZXNzaW5nIE5ldHdvcmssIExMQzExMC8GA1UECxMoRGlnaXRhbCBJRCBDbGFzcyAzIC0gSmF2YSBPYmplY3QgU2lnbmluZzEhMB8GA1UEAxQYZVByb2Nlc3NpbmcgTmV0d29yaywgTExDMIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgGyIADMloGcWMEp16WHfNfbCZltLwzG5ooxpq9mzSBtpHW1Qv8FH7/xXYFwumxtM58h1r75cwYoROj4kZHHE1YrAv68Ze/9SRkpnii7wbJJSblgL826ZlWfPbR926u+p4ICZUjKSRB1StiNynBRxwcrWdqWjS5PUfdkPT6b1z5hNAgMBAAGjggF/MIIBezAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vQ1NDMy0yMDA0LWNybC52ZXJpc2lnbi5jb20vQ1NDMy0yMDA0LmNybDBEBgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwEwYDVR0lBAwwCgYIKwYBBQUHAwMwdQYIKwYBBQUHAQEEaTBnMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC52ZXJpc2lnbi5jb20wPwYIKwYBBQUHMAKGM2h0dHA6Ly9DU0MzLTIwMDQtYWlhLnZlcmlzaWduLmNvbS9DU0MzLTIwMDQtYWlhLmNlcjAfBgNVHSMEGDAWgBQI9VHo+/49PWQ2fGjPW3io37nFNzARBglghkgBhvhCAQEEBAMCBBAwFgYKKwYBBAGCNwIBGwQIMAYBAQABAf8wDQYJKoZIhvcNAQEFBQADggEBACis5xvgrQDI+1X+WQ3OlpIH/MEX4iSawYxlLoQZsct6hBdGIiqPQNPyyMr9EBNeCVt7Eb+h7zWQCZfRD/nVPaxqzUFR1H40Yrt0KGPPvq65UdZ4FjMYAt6BI2KHaG/2R90BJMAtgfSJs53rR4CaTU55XLlgwKx54nh0qqqc9LRwcwrxnxXGoW4ZO7WDTyMeT2nC9h+VacicyJjGpcaPLHfmvf9OLUrv8BvvLEqtqStKf2zVtUsIpTEfcwLyTLC+5jZxE2rKlpBvMjbkv7zIThFxMd9Zm3T8b3G0J5/OU4DLi57WFmRlDeUEx8O+JAHRN3exM264vQRcfsc5J2uwCA8=
  MIDlet-Name: tbt Midlet Suite
  MIDlet-Vendor: Midlet Suite Vendor
  MicroEdition-Profile: MIDP-2.0
  MIDlet-Permissions: javax.bluetooth.DiscoveryAgent
  Is there a tool or something I can grind this through to determine what the problem might be?
  Thanx
  Bodger

  It apparently has something to do with the midlet permission string.
  The one I had was definitely wrong.
  So, I now have:
  javax.microedition.io.Connector.bluetooth.client
  Now I get this error when I try to load the midlet, this is from my phones debug log:
  SM_GetNumRootCerts: Total number of KJAVA certs on SIM and NVM (Type-3): 0, 0
  SJ_IsCoreletDI: Synerj signature not found into the JAD file
  SM_GetRootCertificate: DN = C="US";O="VeriSign, Inc.";OU="Class 3 Public Primary Certification Authority", Type = 15
  SM_GetRootCertificate: Subject key ID extension is not present.
  sm_LoadDomainRegistryIDs: number of domains = 6
  sm_LoadDomainRegistryIDs: number of permissions = 28
  sm_LoadDomainRegistryIDs: domain "0" name length = 3f
  sm_LoadDomainRegistryIDs: Read domain: 'CN="Cingular Preferred Root CA",O="Cingular Wireless, LLC",C=US' with 8 permission groups
  sm_LoadDomainRegistryIDs: domain "1" name length = 3d
  sm_LoadDomainRegistryIDs: Read domain: 'CN="Cingular Trusted Root CA",O="Cingular Wireless, LLC",C=US' with 10 permission groups
  sm_LoadDomainRegistryIDs: domain "2" name length = 42
  sm_LoadDomainRegistryIDs: Read domain: 'CN="GeoTrust CA for UTI",O="Unified Testing Initiative (UTI)",C=US' with 3 permission groups
  sm_LoadDomainRegistryIDs: domain "3" name length = 55
  sm_LoadDomainRegistryIDs: Read domain: 'O="Motorola Inc",C=US,ST=Illinois,L=Libertyville,OU=PCS,CN="Manufacturer Domain 40-1"' with 10 permission groups
  sm_LoadDomainRegistryIDs: domain "4" name length = 4b
  sm_LoadDomainRegistryIDs: Read domain: 'OU="Class 3 Public Primary Certification Authority",O="VeriSign, Inc.",C=US' with 3 permission groups
  sm_LoadDomainRegistryIDs: domain "5" name length = 10
  sm_LoadDomainRegistryIDs: Read domain: 'Untrusted_Domain' with 2 permission groups
  sm_LoadDomainRegistryIDs: WARNING! Permission UID "0x301e" not found on the device
  sm_LoadDomainRegistryIDs: WARNING! Permission UID "0x301e" not found on the device
  sm_LoadDomainRegistryIDs: WARNING! Permission group UID "0x100b" not found on the device
  sm_LoadDomainRegistryIDs: WARNING! Permission UID "0x301e" not found on the device
  sm_LoadDomainRegistryIDs: WARNING! Permission UID "0x301e" not found on the device
  sm_LoadDomainRegistryIDs: WARNING! Permission group UID "0x100b" not found on the device
  sm_LoadDomainRegistryIDs: WARNING! Permission UID "0x301e" not found on the device
  sm_LoadDomainRegistryIDs: WARNING! Permission UID "0x301e" not found on the device
  SM_MapDomainToRootCert: certType = 4, certName = 'C="US";O="VeriSign, Inc.";OU="Class 3 Public Primary Certification Authority"'
  SM_MapDomainToRootCert: Found domain: 'OU="Class 3 Public Primary Certification Authority",O="VeriSign, Inc.",C=US'!
  SM_getDomainPermissions: Domain name: OU="Class 3 Public Primary Certification Authority",O="VeriSign, Inc.",C=US
  SM_getDomainPermissionGroup: Domain name: OU="Class 3 Public Primary Certification Authority",O="VeriSign, Inc.",C=US, Requested group: 6
  sm_SetDomainPermissions: Critical permission 'javax.microedition.io.Connector.bluetooth.client' is not found in domain!
  SECMGR_verifyJADSecurity: Returned error code: 23
  SECURITY_MANAGER FINAL CODE: 23. DATE: 01-09-2006 16:40:17 (81)
  AMS ERROR: AMS_JADR_PROCESSING, 103, 23
  AMS: AMS_STATE_CHANGED_TR, 21
  AMS: AMS_INST_EXIT
  AMS: "ams_Inst_Start_Posting, code ", 10
  AMS: AMS_INSTL_FINALIZATION
  AMS: AMS_HEAP_RELEASED_TR
  AMS: "ams_Inst_Finalize() end."
  AMS: AMS_STATE_CHANGED_TR, 0
  JsaInst : JsaInst_Exit.
  [AMSDLG] : AmsDlgGainFocus route id=41.
  [AMSDLG]: process event_list code=20 route id=41..
  JTOOLS : Event 0x14 has come
  AMS: "ams_Inst_Exit() end."
  This has to be the problem can you give me some idea how to proceed?
  'javax.microedition.io.Connector.bluetooth.client' is not found in domain!
  Thanx
  Bodger

• How do you prevent hackers from spoofing a user?

  Hello,
  I want to write a free P2P gaming network similar to Battle.net.
  One thing I've run across is that one person can snoop someone else's user string, and then post as that user.
  When two people have the same user id, they can dopplegang the other person, messing their game up.
  How do I prevent this?
  ,James
  private function sendMessage():void{
  var message:Object = new Object();
  message.sender = netGroup.convertPeerIDToGroupAddress(nc.nearID);
  message.user = txtUser.text;
  message.text = txtMessage.text;
  netGroup.post(message);
  receiveMessage(message);
  txtMessage.text = "";
  private function receiveMessage(message:Object):void{
  write(message.user+": "+message.text);
  As you can see in my code, the only thing you get/give is message.user as far as ID, and anyone can spoof this that can decompile the software.

  Battle.net is a client-server architecture.
  If you really want to do secure messaging in a p2p mesh I guess you'll need to somehow cryptographically sign every message and have the receiving end filter unproperly signed ones. A server would securely distribute signing private keys to legit users of the system only.

• How can I prevent the flushing of the buffer until the playing is finished in AS3?

  How can I prevent the flushing of the buffer until the playing is finished in AS3?
  Is it possible?
  The buffer is emptied and flushed 10-11 seconds before the real end of the flv file.
  The file is locally saved and I stream it though crtmp server.
  I cannot seek the last 10 seconds because of empty buffer. How can I stop flash from flushing the buffer at end?

  i used the same code and i got it working correctly...
  thanx a lot fot it...
  now i have one more problem with it.
  Actually i created a new class 'ErrorDialog' and the function showErrorDialog() inside it.
  now i want the option YES_NO_OPTION and the function sayshowMsgDialog() returning int value indicating the option selected from the dialog box.
  I tried it with following code
  public
  static
  int
  confirmDialog( String message_in, Component parent_in, String title_in,
  int messageType_in )
  try
  JOptionPane pane = new JOptionPane( message_in, messageType_in,
  JOptionPane.YES_NO_OPTION );
  JDialog dialog = pane.createDialog( parent_in, title_in );
  dialog.setResizable( false );
  dialog.show();
  int optionType = -1;
  try
  optionType = ( ( Integer )( pane.getValue() ) ).intValue();
  catch( Exception ee )
  optionType = -1;
  dialog.dispose();
  return optionType;
  catch( Exception e )
  e.printStackTrace();
  but, since return is after dispose() it is throwing an error 'missing return value'
  can i get some kind of solution for this?
  waiting eagerly...........
  -Soni

• How do i prevent display of a particular column in ALV

  How do i prevent display of a particular column
  of a structure in ALV

  Hi Serdar,
  Please do let us know the link , as soon as your code sample is put in sdn.sap.com.
  I request the <b>veteran members</b> of this forum to <b>contribute to WebLogs</b> or <b>code samples</b>, since over the time, the same questions will be asked and instead of repeating the answers, we can direct them to Weblogs or Code Samples.
  There is an ABAP FAQ present in this site, which has given insight to so many things, that I have not even considered remotely possible.
  As seen today, there was a useful piece of code posted. Instead of posting the code in the forum, you can create it as a weblog and post it there.
  Regards,
  Subramanian V.