How secure are VS2010 controls - grid using sql

I have an API from a vendor that is using a macro that was not encrypted that I used as a parm which was intercepted and changed by the users with the inspect element feature in a browsers.
Now I'm changing the app to avoid taking in any parms and writing it in server side code using a datagrid with an embedded data connection and sql statement.       The plan is to publish this as a web application only placing
the source on the server.   How secure is this method? Is there anything I need to look out for or avoid doing?   The material displayed on this page is sensitive information therefore I need it to be as secure as possible.
Thanks!

Hi kindnesshelps,
Based on your description, it seems that it is not the correct forum for this issue, since this forum is to discuss:
Visual Studio WPF/SL Designer, Visual Studio Guidance Automation Toolkit, Developer Documentation and Help System, and Visual Studio Editor.
To make this issue clearly, would you mind letting us know more information about this issue? Which language are you using? Which kind of app are you developing? Which VS IDE version do you have?
>> The plan is to publish this as a web application only placing the source on the server.
You said that “publish this as a web app”, do you mean that this issue is related to the Web app?
If this issue is related to web app, you could ask this question in the ASP.NET forum:
http://forums.asp.net. If then, you could get an answer more quickly and professional. Thanks for your cooperation.
Best Regards,
Jack
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey.

Similar Messages

  • HT4865 How secure are my personal emails and chats using the iCloud if my daughter just synced all our family apple devices to the cloud?

    How secure are my personal emails and chats using the iCloud if my daughter just synced all our family apple devices to the cloud?

    Welcome to the Apple Community.
    http://support.apple.com/kb/HT4865

  • How to maintain Vertion Control in PL/SQL

    Hi all..
    How to maintain Vertion Control in PL/SQL. I created one procedure/function/
    package. After sometime, i made changes to it. How to maintain
    that changes. Writing manually in it, what are the changes i made is the
    only option OR is there any other option is there...?
    Thanks in advance,
    Pal

    Hi,
    Version control is there for tables in oracle, but i don't think it is available for plsql code. Best method will be to use the third party software. Using Flashback DB you can try source control certain extent.
    Regards,
    Satheesh Babu S
    http://aaryaan.com/

  • I have lost my iPad. How secure are my data ?

    I have lost my iPad.
    Unfortunately I have not activated the Search my iPad function.
    The iPad is locked with the code.
    How secure are my data ? Is it possible, that someone get into my data ?

    Anything is possible, but having it locked is good. You need to change your Apple password. The finder may reset to factory settings which will delete all your data.
    These links may be helpful.
    How to Track and Report Stolen iPad
    http://www.ipadastic.com/tutorials/how-to-track-and-report-stolen-ipad
    Reporting a lost or stolen Apple product
    http://support.apple.com/kb/ht2526
    Report Stolen iPad Tips and iPad Theft Prevention
    http://www.stolen-property.com/report-stolen-ipad.php
    How to recover a lost or stolen iPad
    http://ipadhelp.com/ipad-help/how-to-recover-a-lost-or-stolen-ipad/
    How to Find a Stolen iPad
    http://www.ehow.com/how_7586429_stolen-ipad.html
    Apple Product Lost or Stolen
    http://sites.google.com/site/appleclubfhs/support/advice-and-articles/lost-or-st olen
    Oops! iForgot My New iPad On the Plane; Now What?
    http://online.wsj.com/article/SB10001424052702303459004577362194012634000.html
    If you don't know your lost/stolen iPad's serial number, use the instructions below. The S/N is also on the iPad's box.
    How to Find Your iPad Serial Number
    http://www.ipadastic.com/tutorials/how-to-find-your-ipad-serial-number
     Cheers, Tom

  • How can I validate a date using sql

    How can I validate a date using sql or pl/sql
    select to_date('01/01/2009','mm/dd/yyyy') from dual this is a good date
    but how can I check for a bad date
    select to_date('0a/01/2009','mm/dd/yyyy') from dual
    Howard

    William Robertson wrote:
    It'll be complicated in pure SQL, as you'll have to parse out day, month and year and then validate the day against the month and year bearing in mind the rules for leap years. It would be simpler to write a PL/SQL function and call that.Nah, not that complicated, you just need to generate a calender to validate against.
    SQL> ed
    Wrote file afiedt.buf
      1  with yrs as (select rownum-1 as yr from dual connect by rownum <= 100)
      2      ,mnth as (select rownum as mn, case when rownum in (4,6,9,11) then 30
      3                            when rownum = 2 then 28
      4                       else 31
      5                       end as dy
      6                from dual
      7                connect by rownum <= 12)
      8      ,cent as (select (rownum-1) as cen from dual connect by rownum <= 21)
      9      ,cal as (select cen, yr, mn,
    10                      case when ((yr = 0 and mod(cen,400) = 0)
    11                             or (mod(yr,4) = 0 and yr > 0))
    12                            and mn = 2 then dy+1
    13                      else dy
    14                      end as dy
    15               from cent, yrs, mnth)
    16  --
    17      ,dt as (select '&date_dd_mm_yyyy' as dt from dual)
    18  --
    19  select case when cal.cen is null then 'Invalid Date'
    20              when not regexp_like(dt,'^[0-9]{1,2}[\/.-_][0-9]{1,2}[\/.-_][0-9]{4}$') then 'Invalid Date'
    21         else dt
    22         end as dt
    23  from dt left outer join
    24               cal on (to_number(regexp_substr(dt,'[0-9]+')) between 1 and cal.dy
    25                   and to_number(regexp_substr(dt,'[0-9]+',1,2)) = cal.mn
    26                   and floor(to_number(regexp_substr(dt,'[0-9]+',1,3))/100) = cal.cen
    27*                  and to_number(substr(regexp_substr(dt,'[0-9]+',1,3),-2)) = cal.yr)
    SQL> /
    Enter value for date_dd_mm_yyyy: a1/02/2008
    old  17:     ,dt as (select '&date_dd_mm_yyyy' as dt from dual)
    new  17:     ,dt as (select 'a1/02/2008' as dt from dual)
    DT
    Invalid Date
    SQL> /
    Enter value for date_dd_mm_yyyy: 01/02/2008
    old  17:     ,dt as (select '&date_dd_mm_yyyy' as dt from dual)
    new  17:     ,dt as (select '01/02/2008' as dt from dual)
    DT
    01/02/2008
    SQL> /
    Enter value for date_dd_mm_yyyy: 29/02/2008
    old  17:     ,dt as (select '&date_dd_mm_yyyy' as dt from dual)
    new  17:     ,dt as (select '29/02/2008' as dt from dual)
    DT
    29/02/2008
    SQL> /
    Enter value for date_dd_mm_yyyy: 30/02/2008
    old  17:     ,dt as (select '&date_dd_mm_yyyy' as dt from dual)
    new  17:     ,dt as (select '30/02/2008' as dt from dual)
    DT
    Invalid Date
    SQL> /
    Enter value for date_dd_mm_yyyy: 29/02/2009
    old  17:     ,dt as (select '&date_dd_mm_yyyy' as dt from dual)
    new  17:     ,dt as (select '29/02/2009' as dt from dual)
    DT
    Invalid Date
    SQL> /
    Enter value for date_dd_mm_yyyy: 28/02/2009
    old  17:     ,dt as (select '&date_dd_mm_yyyy' as dt from dual)
    new  17:     ,dt as (select '28/02/2009' as dt from dual)
    DT
    28/02/2009
    SQL> /
    Enter value for date_dd_mm_yyyy: 0a/01/2009
    old  17:     ,dt as (select '&date_dd_mm_yyyy' as dt from dual)
    new  17:     ,dt as (select '0a/01/2009' as dt from dual)
    DT
    Invalid Date
    SQL> /
    Enter value for date_dd_mm_yyyy: 00/01/2009
    old  17:     ,dt as (select '&date_dd_mm_yyyy' as dt from dual)
    new  17:     ,dt as (select '00/01/2009' as dt from dual)
    DT
    Invalid Date
    SQL>

  • How Secure Is A Disk Image Using AES-128 Encryption ?

    I want to make encrypted disk images using Disk Utility.
    How secure will they be ?
    Good enough for state secrets ?
    Can the encryption be broken ? If so, how easily ?
    Could the average hacker break it easily or with great effort over a long period ?
    Or would it take a team of government type experts ?
    Ian the Paranoid.

    I would say encrypted disks are a safe option.
    However, with the coming rise of quantum computers, in the wrong hands, encryption for the near future will be all but nullified.
    Some safe measures to take for making your computer safer include: Changing your router's password, enabling firewall, reverse firewall, FileVault (make sure you don't lose your paswords) Firmware password, encrypted mail service, (If available from your ISP).
    These are just some of the obvious. There's more and I haven't used them all. But, it just helps to be informed and work with what you can.

  • Cl58: How Secure are passwords stored on Firefox

    Without divulging anything to sensitive. How protected are the passwords we have stored on firefox. Thanks!

    The names and passwords are encrypted by a Triple-DES key that is stored in key3.db and a master password adds an additional level to that encryption.
    If you do not use a master password then having access to key3.db and signons.sqlite is sufficient to have access to the encrypted names and passwords.
    So use a strong master password (e.g at least 12 characters) that can't be easily guessed or found via a dictionary lookup or a script then you should be safe.
    Make sure that you remember that master password or all passwords are lost.
    See http://en.wikipedia.org/wiki/Triple_DES - TripleDES (CBC mode)

  • How Secure are LEAP/EAP enabled WLAN's ?

    I would like to ask you the experts the same question that I get asked many times by my customers with regards to how secure is a 802.1X enabled wireless networks.
    I constantly get presented with reports by security experts deeming Wireless as not secure.
    Do you have any direct answers to this and material to substantiate your answers.

    This page is an index to all of the WLAN security white papers plus various magazine and universtiy articals and the responses from Cisco
    http://www.cisco.com/warp/public/779/smbiz/wireless/wlan_security.shtml/
    There is more than a few nights vaulable reading that should help you answer your customers questions.
    Like any technolgy if you do not understand how to administer it then it will be insecure but there are many tools to make it secure.
    In my opinion network security should not be one layer of security but many layers all adding up to make it very hard and time consuming for hackers. They will look for an easier target.

  • How secure are stickies

    Im just wondering how secure stickies are. Im not talking about someone stealing my macbook and being able to read them. Im thinking some guy getting access to my mac via hacking??
    Just because I sometimes stick sensitive data in there

    Im thinking some guy getting access to my mac via hacking??
    In that case, extremely secure. Unless you've been careless in opening up services in System Preferences -> Sharing, it is extremely difficult or even impossible to hack a Mac at this time.

  • How Secure Are We?

    Hello there, Arch users.
    I'm a fairly secure user of Windows and Android operating systems. I've also recently wanted to further expand and harden my privacy and security out of a need, as I live under not-so-favorable conditions.
    I've switched my desktop OS to Linux less than a couple of months ago. Started with Linux Mint Debian Edition (a Debian "rolling release"). Was a fine learning experience and I've got to administer my home Linux box in a secure manner until it broke (nothing related to security, just that proprietary drivers broke over an update.. too lazy to fix it)
    Now I intend to install Arch after testing Antergos and getting to use the Arch environment. I'm interested in reading good tips on how to secure is the system and how to further increase security in terms of remote exploitation specifically. Should I depend on Arch as a daily *secure* driver for everyday needs? I need to address that firstly as it's the uncontrollable part; unlike human-infrastructure type of attacks. I did read the Security wiki, but I also need more tips from experience as what can be installed or what should be avoided.
    Some guidance questions:
    1- As this is a rolling release OS, is it more or less secure than long-support release systems?
    2- What specific tips can we use to further secure our systems?
    I'm currently using Antergos, but I intend to switch to full Arch install in about 2 weeks (will have free time by then). I like the Arch environment (and forums) and I'm interested in ways to further secure it.
    Also, a good tip would be like: you need to install ufw and gufw and run
    # sudo gufw
    and turn ufw on.
    3- How long, on average, does it usually take to patch vulnerabilities found in Linux, from your experience? i.e. Is it usually faster or slower than other distros? An educated guesstimate would work, as I don't expect to find standardized info.
    4- AUR! I need someone to go on all day about anything related to security about AUR. Awesome ArchWiki doesn't have much on this.
    For example:
    - When a package I installed is updated from vendors/authors, does my package pull from the source vendor and immediately update (most importantly, Google Chrome), or does my system have to wait for the package maintainer to actually update his work for yaourt to pull from? i.e. Does the system update packages as soon as the vendor updates them, or as soon as the maintainer updates them?
    - When I pacman -Syu, does this include updating AUR? Here
    5- What VPN do you guys use?
    # mod edit: less inflammatory title
    Last edited by jasonwryan (2015-01-28 20:22:08)

    Mars wrote:1- As this is a rolling release OS, is it more or less secure than long-support release systems?
    Two totally different things; "LTS" distributions aim to provide support to a generally "fixed" set of packages (ie, same major kernel, same major toolchain etc), usually back-porting security fixes to those packages where required. Rolling release aims to provide the latest packages of everything -- this can lead to a lot more breakages than an "LTS" distro if not managed properly. LTS is generally more forgiving of "lazy" management.
    As far a security goes, it's difficult to compare. LTS releases generally get security patches back-ported, but sometimes they may not, especially towards the end of the LTS life cycle, or if implementing the fix would significantly change expected behaviour of the software. On a Rolling Release, you'll get the latest which includes any security fixes, but also includes any NEW security issues (probably not even discovered yet) introduced in recent versions.
    Mars wrote:2- What specific tips can we use to further secure our systems?
    This is the same regardless of your distribution. The standard list applies: minimize your attack surface (use a firewall, disable services you don't need), use good passwords, enforce MAC instead of DAC (eg, SELinux or AppArmour).
    Mars wrote:3- How long, on average, does it usually take to patch vulnerabilities found in Linux, from your experience? i.e. Is it usually faster or slower than other distros? An educated guesstimate would work, as I don't expect to find standardized info.
    You say "in Linux" then "other distros" -- are you wanting to compare Linux to other operating systems, or Arch to other distributions? If it's the later, then Arch is generally quite on the ball. Looking at recent vulnerabilities:
    http://allanmcrae.com/2015/01/who-you-gonna-call/
    http://allanmcrae.com/2014/09/shellshoc … rch-linux/
    Mars wrote:- When a package I installed is updated from vendors/authors, does my package pull from the source vendor and immediately update (most importantly, Google Chrome), or does my system have to wait for the package maintainer to actually update his work for yaourt to pull from? i.e. Does the system update packages as soon as the vendor updates them, or as soon as the maintainer updates them?
    makepkg will do whatever the PKGBUILD tells it to do. If the PKGBUILD is for a specific version of a package (as is generally the case) then that is what it will build. You are free to download the PKGBUILD from the AUR and modify it yourself if it is not the version you want/latest version. This is fairly straightforward generally, and there is lots of information in the wiki, on man pages and generally around the web.
    The exception to this is git packages, which often pull the latest git tree before building, which means you'll *really* have the latest version, probably not even a version that has been released by the upstream developer.
    Mars wrote:- When I pacman -Syu, does this include updating AUR? Here
    No, read up on the wiki the difference between the official repos, the community repo and the AUR.
    Mars wrote:5- What VPN do you guys use?
    OpenVPN to my own VPS.

  • How to read varbinary data type using sql server

    Hello,
         I'm converted a text file data into varbinary format, and stored in DB table. Now I need to read
    Varbinary column and store in Temp table
    in sql server.
     can some one help on this.
    Regards,
    Praven
    Regards, Praveen

    I understand this question is related to your previous thread and I believe what Erland suggested is the best way to implement this.
    https://social.msdn.microsoft.com/Forums/en-US/a96a8952-0378-4238-9d9d-85b053182174/send-direct-text-file-as-a-input-parameter-to-sp?forum=transactsql
    I believe when the user uploads the data its getting uploaded onto the Application Server, You could then open the file and import the files into SQL server(all using application code) and do the manipulations. I believe this is the better way of handling
    this.
    Also what is the expected file size and what is the kind of data you are expecting?
    Satheesh
    My Blog | How to ask questions in technical forum

  • How secure are Apps that store your personal Information?

    I have a few Apps for storing ID and Credit card info - but I am very hesitant to use them - How do I know that once I have used them, the creator of the app cant access my supposedly "secured" info?

    Any app--regardless of the "who"--can be hacked, and info stolen, if someone wants it bad enough. Not all apps store info in your unit; the info may be safely stored in a encrypted server somewhere far away.
    My recommendation is that you not store your CC info and any personal information you don't want spread around. Turn off certain program functions for example, go into settings and scroll down and see what programs are listed there. You can turn off certain info that they gather there. Other programs, you may need to open the app and adjust settings there.
    If there is an "purchase in the app" function...that becomes your call. Generally, though...the less info you keep in an app, the better.
    Doc

  • How secure are livecycle designer ES2 forms?

    When a form is created using livecycle ES2 - are the responses submitted over email then secure?
    Ie. when both submitted or attached (as required with yahoo & hotmail accounts)

    Does anyone have any tips on how to resolve this?  My LiveCycle form is a dynamic form.  It seems like livecycle Designer ES2 has corrupted it or designer ES2 has a bug that makes reader and acrobat print engine not recognize the pages.
    Any help would be great.
    Thanks,
    Josh

  • How secure are the documents that are uploaded via the form?

    I am looking to create a form for RFP use and have added a section that allows them to upload documents.  How is this information encrypted or secured?

    Hello,
    apparently, you are concerned that no one can execute a successful right-click, or is that a misunderstanding?
    If not, should we really do that? Thereover you will find a wonderful philosophical discussion at http://webhome.idirect.com/~bowers/copy/copy1.htm
    And by the way there is the misconception that we can protect our graphics, or, or ... With little effort interested people can get to their destination.
    Hans-Günter

  • How secure are my photos in Aperture?

    This is following on from another question I asked the other day about how best to organise my library.
    Prior to using Aperture I used to store all of my photos in two directories. RAW files where stored in one called Digital Negatives and high res TIFF files in once called Final Prints.
    This is my current workflow:
    1. Create folder in Digital Negatives directory named after shoot date and download all photos into it.
    2. Create a new project in Aperture and import the photos as referenced material.
    3. Do all the neccassary RAW processing etc and, if required open certain files in External Editor (Photoshop), save those changes and this updates the version in Aperture.
    So far so good, so far so simple.
    However it strikes me that in doing this I'm not actually creating a new file to store in my Final Prints. If Aperture where to stop working (something I've read in these forums when applying an update) I have no access to my finished photos. If I were to ever decide to stop using Aperture I'd loose all my edits etc. Ultimately yes I would still have my RAW files but the idea of having to re-process several thousand files and trying to recreate the image exactly as it originally was is going to be nigh on impossible.
    So, is it safe to just leave Aperture to handle all of my files like this or should I as a matter of course export all photos that I want to keep as high res tiffs?

    We just finished a podcast interview with Joe Schorr (prd. mgr) that'll be up at ApertureProfessional.com in a few days, but the bottom line is this...
    If you reference your images, and your library were to vanish, with no backup at all, you still would have your original raw files. You'd just be missing your adjustments, keywords, etc. But as the other posters said, you need to back up any type of file that is crucial to you.
    However, the comment "even if Aperture were to stop working" isn't something that could happen. The program Aperture is not the library of files it creates. If your copy of Aperture were to somehow stop working, you could just reinstall it. Or, if your computer died and you had your library backed up, you'd could just move that library to any other computer. Aperture wont' "stop working" on any universal level.
    Even if, hypothetically, Apple were to go out of business tomorrow, the copies of Aperture on your computers would still work. Whether stored in the Library or stored as referenced files, they're still stored as their original raw files, and any program that can edit those can read them.
    Even better, you can, if you're really concerned, periodically export your images along with XMP sidecars, then you could just pick right up in Adobe Bridge and keep going.
    Incidentally, files that live in the Library are still not locked in. The library's just one big folder. If you right click on it and select "Show Package Content" you'll be able to navigate through a folder structure of your images that matches the layout of your projects.
    I go into this more in depth here:
    http://www.apertureprofessional.com/showthread.php?t=939

Maybe you are looking for