Problems with a vulnerability

Similar Messages

• I heard that there was a problem with Apple being vulnerable to Hackers. Has anyone seen an update for this issue? My IPad received the update last night but I have not seen anything for Safari.

  I heard that there was a problem with Apple being vulnerable to Hackers. Has anyone seen an update for this issue? My IPad received the update last night but I have not seen anything for Safari.

  Mac OS X 10.9.2 was released today for this issue and others. Earlier versions are not affected.
  See this Apple article - http://support.apple.com/kb/HT6114
  You can use the Mac app store to do the update or download it directly from here - http://support.apple.com/kb/DL1725
  Best of luck.

• CVE-2007-1862 vulnerability - problem with Apache mem_cache.

  I have a problem with CVE-2007-1862, which is an Apache mem_cache vulnerability. Even though my Snow Leopard machine is currently running Apache 2.2.17 and the problem supposedly went away with a much earlier version, the problem has not gone away. By the way, this machine also has Java Update 24 on it, while a similarly configured Snow Leopard machine does not have it (and the Filemaker Pro Admin Console still works on that one).
  Anyway, I am hoping that installing Apache 2.2.18 in a Software update will take care of this problem.
  Does anyone know when Apache 2.2.18 will be in a Software Update?

  Your parameter db_recovery_file_dest look strange
  db_recovery_file_dest = I:\oracle\product\10.2.0/flash_recove db_recovery_file_dest_size= 10737418240
  Did you put a slash (/) instead of a backslash (\) ?
  You're saying "can´t enter this the SYS user"
  It could be your log_archive_dest that is full.
  Do you get an error message?

• Problems with iPhone Result of Bad Music???

  In the last few weeks I've been experiencing problems with my iPhone. I did a lot of research online, and figured that it is NOT this "dead strip" that others have been having problems with; however, 75% of the time, the slide bar will not respond for the first 7-8 times I try and answer a call or turn off an alarm.
  As time went on, the problem got more frequent and more involved. The phone might work fine all day, but as soon as someone tried to call, it starting going nuts, even after the call was over. None of the applications would respond to my touch and in the rare case that they opened, they would run incredibly slow and crash. The phone would freeze and need to be restarted. In the more recent days, during the restart, in which the only buttons I'm holding are the sleep/wake and home, my music would spontaneously start playing, starting alphabetically with the first artist on my list with no controls for me to stop it.
  Most of the time, after a restart, the phone would continue to work fine, until a call comes in and starts the process all over...
  After failing an attempt to fix the problems by deleting many songs and videos to clear up some room on the hard drive, I decided to restore my iPhone, as I have done once before, but this time not syncing with previously backed up data. I allowed iTunes to erase all the contents of my phone and then manually put most things back on. Since then, the phone has been working flawlessly. However, there is one problem remaining...I have not put any of my music back on the phone.
  And now I am afraid to!! Even though all that same music has been on my phone for 3 months, and only now have I begun to experience problems, is it possible that the iPhone operating system is more fragile and more vulnerable to bad files that might otherwise work fine on my computer? I have no viruses on my computer, and I have never installed any of these problematic third party applications on my phone. And if it's not the music, what else could be causing these problems???

  This is exactly what apple care is for. Why delay and torture yourself when you can take it in and either have it fixed or have it replaced?
  Take it in to Apple

• Is Verizon unwilling or unable to fix problem with Account Owner(s)

  A forum or Google search reveals several customers unhappy with how Verizon treats the account owners... count me as one.  I'm sure there are many more customers who were equally unhappy but just accept Verizon's incompetence and complete the unnecessary gymnastics of un-registering accounts and then re-registering with a new username.
  PROBLEM:
  There are numerous scenarios that can cause a My Verizon account to have the Account Owner be listed with an incorrect telephone number.  In my case, I had an account with AT&T and 3 additional numbers associated.  As each account expired, I transferred the numbers to Verizon.  The first account transferred was my 14yr old son.  I registered a My Verizon account for management (my name & my userid) and eventually added the additional numbers, however, the Account Owner's phone number is listed as my son's cell.
  Over the past 2 years (since I migrated to Verizon), I've had small problems with account notifications and other information being text to my son's cell.  I've called numerous times and customer service says it's corrected, but eventually the problems return.  Recently, I upgraded my phone and started using some new services like Backup Assistant and the fact that the Account Owner is associated with an incorrect number has caused even more trouble.
  I simply want to keep my existing username for My Verizon and correct the cell phone number associated as the Account Owner.  This should be extremely simple.
  VERIZON'S SOLUTION:
  "We can't do it".  "Our systems don't allow us to make this change".
  The Customer Service Department (or Lack of Customer Service Department) tells me that since they can't or are unwilling to do the necessary changes, their only solution is to force their customer to do their work.  They will un-register the account and I can register again.  There is no concern for the preferences of an existing customer (almost 3 years); there is no concern for the inconvenience caused to an existing customer who spends hundreds of dollars each month and thousands of dollars each year (I currently have 2 separate accounts with Verizon, 4 phones on my problem account and 4 phones on another for a total of 8 phones with data plans... do the math); there is no concern that I will now have to use a completely different username one that is no longer uniform with my other accounts; there is no concern that I will have to change any and all services that reference My Verizon.  Quite simply... Verizon Wireless shows their Account Owners that they have no concern for us.
  PROPER SOLUTION:
  I have almost 25 years of Information Technology experience and over 3 years working with Call Centers (similar to Verizon's Customer Service), which explains in part why I find this so frustrating...  the fix for this is SIMPLE!!!  The real problem is that Verizon simply doesn't care enough to fix it because we are existing customers and not new customers.
  Without going into specifics (nor could I since I don't have access to their systems), data for the My Verizon portal is contained within modifiable databases.  These relational databases will be tied to other systems and other databases, but a modification of this type would just require that the portal be allowed to make the update to the appropriate field(s) within the appropriate database(s).  If direct access is not attainable because of their design, it is still not too difficult to write an additional process to accommodate this change.  These types of things are done everyday.
  More importantly, even if Verizon was unable or unwilling to make these programming changes...  I have no doubt that if Customer Service has an escalation process to their I.T. Department that a programmer with access to the application(s) and/or database(s) could easily make the change directly and almost immediately.
  CONCLUSION:
  Until now, my experience with Verizon has been mostly positive even to the point of recommending the carrier to friends and family.  I've found their coverage area to meet my needs and the data speeds to be more than satisfactory.  However, Verizon needs to remember that cellular service has essentially become a commodity and that customer retention is often based on other things than simply providing dial tone.  With a monthly cell phone expense that rivals a car payment, I would think that Verizon would be more than willing to accommodate such a simple request to maintain a satisfied customer.
  If you too are one of the many customers having issue with modifying the Account Owner, just resolve yourself that it appears Verizon is unwilling to make the simple correction to the My Verizon portal to satisfy our request.

  I'm not 100% sure that I follow your reasoning, so please correct me if I misstate your opinions.  I've numbered them so it will be easier to identify any mistakes I make.
  1.  Not allowing a user, customer service representative, or any Verizon representative to change the cell phone number associated with the Account Owner to another cell phone number on the same account is a security risk.
  I'm not suggesting that I be allowed to change the name, social security number, or any other pertinent details related to establishing the original account.  All the information pertaining to who is responsible for the bill remains the same with the single exception that the current associated cell phone number be changed to another number already listed on the account.  In what possible manner is this a security risk?  Frankly if the ability was enabled and someone either by mistake or incompetence made such a change the impact would simply be what I'm currently experiencing (inconvenience).  Since in this hypothetical situation the ability to change this value is enabled, the "inconvenience" would easily be re-mediated by returning the value to its original state.
  Furthermore, if there is some "security risk" that I'm over looking then an organization that is concerned about providing quality customer service would create procedures to accommodate customer requests and meet security requirements.  Let's use a bank (with an obvious security vulnerability) and debit cards as an example.  If I lose my debit card, I cannot go to my computer and print out a temporary debit card (very user friendly, but not secure).  Some banks will allow you to go online and cancel the lost debit card while requesting a new one to be mailed to the address you have on file (user friendly and mostly secure).  To solve this same problem at other banks might require you to go into the office and sign a form cancelling the lost debit card and confirming the address to mail you a new one (less user friendly, but highly secure).  The Verizon equivalent, is me requesting that I add an existing bank account to my online banking and being told "We can't do it".  However, because the bank cares so much about keeping me as a customer... they will delete my account, allow me to create another, possibly losing my historical data, have me change my username that I've been using for years, spend time adding all my online bill payments... all for the pleasure of staying their customer and getting to use their services as they should have been designed.
  2.  Making a software change that would allow users or CSR's to associate a different cell phone number on the account to the current Account Owner would be difficult and require downtime.
  You give some time expounding this thought and I'm unaware of your web, application, and/or database experience... but I will try to address your concerns later.  However, let's assume that you are correct and these changes will be difficult ("taking weeks to months").  The purpose of my post was whether Verizon was unwilling or unable to accommodate this customer request.  You seem to be agreeing that Verizon is unwilling to make these changes, or at the very least, feel that Verizon has decided that the time and expense involved is of more importance than correcting an issue impacting their customers.  I personally find the later equally disheartening as this has been an issue for many customers (you yourself mention experiencing the problem) and has been well documented through previous forum and Internet posts.  Even by your estimations, if they had taken previous customer complaints seriously... this would have been fixed by now.  Once again it seems the obvious answer is that Verizon may not consider customer service as an important factor as I do.
  As far as your technology issues, I agree that more than a web page change would be required.  I do take issue with comparing the change of a distributed application (operating system) that must be designed to support enumerable hardware components to the work required to makes changes to a web portal with a back-end in-house database.  You could write an entire book detailing the differences between these two scenarios as they have very little in common, but I'll try to keep it focused to your points.
  Coding
  Coding an Operating System that must run on literally a multitude of hardware configurations and support an unending diversity of applications is an incredible endeavor and really never a finished product.  Changes to an OS are constantly being made and the developers must consider hardware and software that they are not intimately familiar and occasionally even deal with 3rd parties to facilitate changes.
  The change I'm advocating has a web component which would be replicated throughout their web server topology, however, these are items that Verizon's developers deal with routinely (if not daily).  There are a very limited number of 3rd party concerns (a few different browsers, IE, Chrome, Mozilla & a disparate platforms such as PC, tablet, phone).  A little research in the benefits of web portals (and cloud computing) verses distributed applications will clearly outline the drastic differences.  A simple illustrative question (though maybe not a completely fair analogy) is how many people do you know who can code an operating system and how many people get on GoDaddy and create their own web pages.  I'm not trying to insinuate that anyone who knows a little HTML can make the web portal changes, however, this isn't a difficult project for an experienced developer.
  The bigger issues and ones that I alluded to in my original post are the changes that would be required to Verizon's back-end databases.  The changes that would need to be made mostly likely involve multiple databases and assuming they are using a typical relational database design might require changes to key fields, adding new databases/tables, and exhaustive integrity checks.  This isn't something that an average user could sit down and accomplish in an hour, however, these are simply the routine day-to-day duties of any professional database developer.
  Again I reiterate... this change simply involves allowing someone (either a user, CSR, or other Verizon agent) to readily change an index record or records that correlates Account Owner to cell phone number.  In terms of database management this should be simple.
  Debugging & Deployment
  The debugging/testing of changes made to an Operating System are amazingly complex for all the aforementioned reasons.  The deployment of such changes is even more complex in that you've got to develop the mechanism to push these changes out to the entirety of the user community.  I'll address deployment (or as you said dispersal) of this change because it's the easiest... quite simply there isn't one.  The benefit of having a centralized web portal like My Verizon is that users come to you, not the other way around, and any change made will immediately be accessible by the user community.  There is a deployment aspect in that My Verizon doesn't exist on a single web server, but again this is just the typical topology for a portal of this size and not relevant to our discussion.  Debugging/Testing is an important aspect of any change and certainly Verizon has this methodology in place, however, I'll reiterate that this change should not be complex and shouldn't require extensive testing.  We've also already discussed the fact that any debugging/testing only has to take place on a limited number of platforms.
  Downtime
  If adding the ability to change the relationship of the Account Owner to an associated cell phone number requires any downtime... the person responsible for Verizon's Development, Beta, and Production environments should be fired.  There is simply no way this is even a possible concern.  I've dealt with many companies with far less resources than Verizon and I assure you that changes of this nature would never require down time.  I'm sure they have staff in place whose sole responsibility is to work on their continuity plan.  This is a non issue.
  Other Carriers
  You can't possibly know how all carriers operate, though you may have some past experience with other companies.  I would contend (and maybe I'm too optimistic) that a company with a focus on customer satisfaction when made aware of complaints and/or limitations in their service would seek to rectify the issue.  It's quite possible that whatever other company you are referencing has fixed this issue if indeed it was similar... especially since I've hopefully bolstered my opinion that the resolution is not overly complicated.
  Would you mind telling me if you deleted your 2 original comments to my post before I had an opportunity to answer?  The reason I ask is that last night another user (jimfitzgerald) had posted a comment and I replied.  He later posted a 2nd comment and while writing my response... all the posts were removed (his 2 posts, my reply, and your 2 posts).  I'm curious if this was just a user withdrawal (though I really wish my response had remained in the thread), if there was some sort of technical issue with these forums last night, or if my response was deleted for cause by Verizon or other admin.   Thanks!

• Aperture 2.1.3 Export Problems with Cropped Photos

  I ran into an odd problem after updating to 2.1.3. I was trying to upload to a Picasa album via "aperture-picasa-plugin", which I had used before without problems. The resulting export had problems with two photos I had cropped from landscape to portrait size. The resulting exports had the entire uncropped/original content "squeezed" into a photo matching the cropped size, so the exported pics were squished making everything look tall and skinny. (I found it especially odd that stuff I had cropped out was back in, but the size was cropped.)
  I assumed it was a problem with the plugin, so I exported to a file straight from Aperture and had the same problem. I had other crops that worked OK, but they appear to all be landscape to landscape with no change in aspect ratio.
  Is anyone else having this problem?

  YES!
  I have seen this show up as well. I'm also using Aperture 2.1.3. I too thought it was the fault of the picasa plugin... but when I, like you, started doing my exports directly to files I noticed that they still had the same problem.
  The horizontal 16x9 seems to be particularly vulnerable... And, yes, it almost looks as if the (pre-crop) master has been "squished" into the aspect ratio of the (post-crop) version. It is very strange, very annoying, and very intermittent. Although, I found that if I quit aperture, restart then re-export... I have better luck.
  Boy, am I relieved to find somebody else who is having this problem. For a while there I thought I was going nuts.
  -C.

• Problems with Oracle Web Logic 10.3.6, certificates and proxies

  Good morning.
  We are trying to establish a SSL connection using Apache Cxf and WebLogic Server 10.3.6.
  For that, we are passing through a proxy. Using Apache Tomcat, the test is ok, we can connect to the endpoint correctly. But in WebLogic 10.3.6, we have problems with the certificates.
  In our code, we are loading the certificates programatically.
  The web-services-config.xml is the following:
  <?xml version="1.0" encoding="UTF-8"?>
  <beans
       xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd"
       xmlns:http="http://cxf.apache.org/transports/http/configuration"
       xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:jaxws="http://cxf.apache.org/jaxws"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.springframework.org/schema/beans">
       <jaxws:client address="@SNE.SNE_WS_URL@"
            serviceClass="com.bankia.sne.ws.clientes.buzonAPESNE.APESNEBuzonWSTipoPuerto"
            id="puertoAPESNEBuzonWS" />
       <http:conduit name="@SNE.SNE_WS_URL@">
            <http:client Connection="Keep-Alive" AutoRedirect="true"
                 ProxyServerType="HTTP" ProxyServerPort="@SNE.PROXY_PORT@"
                 ProxyServer="@SNE.PROXY_HOST@" />
            <http:proxyAuthorization>+
                 <sec:UserName>@SNE.PROXY_USER@</sec:UserName>
                 <sec:Password>@SNE.PROXY_PASSWORD@</sec:Password>
            </http:proxyAuthorization>
            <http:tlsClientParameters>
                 <sec:cipherSuitesFilter>
                      <!-- these filters ensure that a ciphersuite with export-suitable or
                           null encryption is used, but exclude anonymous Diffie-Hellman key change
                           as this is vulnerable to man-in-the-middle attacks -->
                      <sec:include>.*EXPORT.*</sec:include>
                      <sec:include>.*EXPORT1024.*</sec:include>
                      <sec:include>.*WITHDES_.*</sec:include>
                      <sec:include>.*WITHNULL_.*</sec:include>
                      <sec:exclude>.*DHanon_.*</sec:exclude>
                 </sec:cipherSuitesFilter>
            </http:tlsClientParameters>
       </http:conduit>
  </beans>
  That's the code used for establish the CXF connection:
  private void configuraConexion(Buzon buzon){
            try {
                 LOGGER.debug("Configurando conexión con el sevicio Web para el buzón con id " + buzon.getId() + " ...");
                 Client client = ClientProxy.getClient(puertoAPESNEBuzonWS);
                 HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
                 TLSClientParameters tlsParams = httpConduit.getTlsClientParameters();
                 Certificado certificado = buzon.getCertificado();
                 byte[] bytes = certificado.bytesCertificado();
                 CertificadoSerializable certSerializado = (CertificadoSerializable)Serializador.desserializar(bytes);
                 //Cargamos el truststore de disco
                 TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                 KeyStore truststore = KeyStore.getInstance(Propiedades.getProperty(KEY_SERVICIO_WEB_ALMACEN_TRUSTSTORE));
                 String contrasenia = Propiedades.getProperty(KEY_SERVICIO_WEB_TRUSTORE_PASSWORD);
                 // -- provide your truststore
                 File ficheroTruststore = null;
                 String rutaTrustore = Propiedades.getProperty(KEY_SERVICIO_WEB_TRUSTORE_RUTA) Propiedades.getProperty(KEY_SERVICIO_WEB_NOMBRE_TRUSTSTORE);
                 LOGGER.debug("rutaTrustore --> " + rutaTrustore);
                 if (rutaTrustore!=null){+
                      ficheroTruststore = new File(rutaTrustore);
            URL url = null;
                 if(ficheroTruststore == null || !ficheroTruststore.exists()){
                      url = Localizador.getResource(Propiedades.getProperty(KEY_SERVICIO_WEB_NOMBRE_TRUSTSTORE));
                      ficheroTruststore = new File(url.getPath());
                      truststore.load(url.openStream(), contrasenia.toCharArray());
                 }else{
                      truststore.load(new FileInputStream(ficheroTruststore), contrasenia.toCharArray());                    
                 LOGGER.info("[ServicioWSBuzonAPESNEImpl.configuraConexion] Fichero truststore.pks recuperado de "+ficheroTruststore.getPath());
                 trustFactory.init(truststore);
                 TrustManager[] tm = trustFactory.getTrustManagers();
                 tlsParams.setTrustManagers(tm);
                 //Cargamos el Keystore de base de datos
                 KeyStore keyStore = KeyStore.getInstance(Propiedades.getProperty(KEY_SERVICIO_WEB_TIPO_ALMACEN_KEYSTORE));
                 keyStore.load(null, certificado.getContrasenia().toCharArray());
                 keyStore.setKeyEntry(certificado.getAlias(), certSerializado.getClavePrivada(), certificado.getContrasenia().toCharArray(), certSerializado.getCadena());
                 // set our key store+
                 // (used to authenticate the local SSLSocket to its peer)
                 KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                 keyFactory.init(keyStore, certificado.getContrasenia().toCharArray());
                 KeyManager[] km = keyFactory.getKeyManagers();
                 tlsParams.setKeyManagers(km);
                 httpConduit.setTlsClientParameters(tlsParams);
                 LOGGER.debug("Conexión configurada satisfactoriamente");
            }catch (Exception e) {
                 LOGGER.error("Error al configurar la conexión del servicio Web", e);
                 throw new WSBuzonException("Error al configurar la conexión del servicio Web: " + e.getMessage());
  We don't know how to solve this issue? Please, could you help us?
  Thanks in advance,
  Jaime.
  Edited by: j2eedevelopment on 10-jul-2012 10:05

  Hi Zack, thanks for the answer.
  I've cleaned the code below.
  Our problem is the following: we wan't to use many keystores, in function the user who is connected in the application. For that reason, we wan't to give the keyStore from Java Client, because we've saw that, in WebLogic, you can select one keystore, but only one. For that reason, we wantto change the keystore in run time execution, dinamically.
  The problem we have found are the following:
  1) If we configure WebLogic with the correct keystore and trustore, we are not able to change keysotre and trustore in runtime execution, so we have to us always the same keystore and we don't want this.
  2) Also, I'm trying now to use JaxWS instead Apache Cxf, and I've tried to put the ssl properties of the system with the following code:
  System.setProperty(JAVAXNETSSLTRUST_STORE, trustore);
  System.setProperty(JAVAXNETSSLTRUST_STORE_PASSWORD, trustStorePassword);
  System.setProperty(JAVAXNETSSLKEY_STORE, keyStore);
  System.setProperty(JAVAXNETSSLKEY_STORE_PASSWORD, keyStorePassword);
  System.setProperty(JAVAXNETSSLKEY_STORE_TYPE, keyStoreType);
  Thanks in advance,
  Jaime.

• Does Firefox have a problem with the latest Flashplayer as it keeps telling me it needs updating, even after being updated

  I am running Firefox 3.6.9 and have updated to Flashplayer 10.1 r53, but the system keeps telling me when I check for plugin updates that Flashplayer is vulnerable and a security risk???
  I have contacted Adobe is that was a lot of help NOT
  Does anyone know what is going on with this program, besides having some very sophisticated reporting software installed within the program

  The 3.6.8.version will not update. It locks up. ALSO the flash player is 10.1.r82, in the 3.6.8 version however if enabled will cause firefox to crash without any user intervention. Starts, loads approx 20 seconds, disappears. No problem with flash player and/or firefox until firefox update. Then all went to%$!!. Chrome is looking better all the time.

• I just heard a news report that there is a problem with malware in mac computers that came through a recent java update. Is this true? If so, what should be done about it?

  I just heard a news report that there is a problem with malware in mac computers that came through a recent java update. Is this true? If so, what should be done about it?

  As usual those "news" reports mangled the facts and got most of the story completely wrong. This particular attack did not arise through a Java update, it was distributed through a fraudulent Flash download popup window, or malicious websites that Safari is designed to block.
  If you run Java on your Mac you may be vulnerable to this malware. If you do not run Java there is no risk. If you routinely keep your Mac up to date with Software Update the risk is greatly reduced.
  Shut off the mass market junk that masquerades as "news" and read this to learn some real facts:
    https://discussions.apple.com/docs/DOC-3271

• Problems with Office Plugin

  Hello!
  I'm having problems with the Rights Management Office Plugin. Adobe Pro is working fine and connected properly with the LiveCycle server, but when i try to configure the LiveCycle Server in the Office Plugin (in the office 32 bit version) i get an error about the certificate, something like "It was not possible to find the site certificate, contact your administrator..." any ideas of why is this happening?
  Thank you so much,
  Best regards

  Hello everybody,
  I am not quite thrilled by the idea of uninstalling a Microsoft patch in order to use this add-on. Leaving a known vulnerability unpatched at the expense of using an application feature is not my sense of complete security.
  Is Adobe aware of the situation? Is there a fix available from Adobe? How can we engage Adobe on this?
  Thanks in advance for all your answers and help in this matter.
  Thanks
  Mayank

• My Problems with SHARE

  okay.. email was sent to my account without a problem..
  but the whole SHARE flash thing take a really LONG thing to
  long.. so long that i gave it up all together..
  I use Firefox +xp sp2 home.. shouldn't be a problem, should
  i?

  I am after a frustrating problem.  It may be MS14-045 update, according to the Brits, which coincides with major Adobe updates in August 2014.  It is a big disappointment to find Adobe has inadequate manpower to attend Abobe Cloud users, and that waiting for help is an open-ended deal with no information given about how many people are before you.   I need Abode for my work, but will be looking for replacement options.  NO USER SUPPORT IS UNACCEPTABLE.   FYI, I get repeated crashes--blue screen of death--and the errors cite Adobe products--though the problem could be Microsoft, whose security fixes can be more dangerous the vulnerability they address.   One approach I will try, with two Win 7 PCs, is migrating to Linux.  Like most other users, I don't have time to investigate problems with Windows, or with Adobe TSR programs that crash, or intrusive Norton routines.   After waiting an hour for tech support, I cruised over to this site, to find Adobe bragging about it's great user support.  Right!  Fix it yourself!

• A problem with threads

  I am trying to implement some kind of a server listening for requests. The listener part of the app, is a daemon thread that listens for connections and instantiates a handling daemon thread once it gets some. However, my problem is that i must be able to kill the listening thread at the user's will (say via a sto button). I have done this via the Sun's proposed way, by testing a boolean flag in the loop, which is set to false when i wish to kill the thread. The problem with this thing is the following...
  Once the thread starts excecuting, it will test the flag, find it true and enter the loop. At some point it will LOCK on the server socket waiting for connection. Unless some client actually connects, it will keep on listening indefinatelly whithought ever bothering to check for the flag again (no matter how many times you set the damn thing to false).
  My question is this: Is there any real, non-theoretical, applied way to stop thread in java safely?
  Thank you in advance,
  Lefty

  This was one solution from the socket programming forum, have you tried this??
  public Thread MyThread extends Thread{
       boolean active = true;          
       public void run(){
            ss.setSoTimeout(90);               
            while (active){                   
                 try{                       
                      serverSocket = ss.accept();
                 catch (SocketTimeoutException ste){
                 // do nothing                   
       // interrupt thread           
       public void deactivate(){               
            active = false;
            // you gotta sleep for a time longer than the               
            // accept() timeout to make sure that timeout is finished.               
            try{
                 sleep(91);               
            }catch (InterruptedException ie){            
            interrupt();
  }

• Problem with Threads and a static variable

  I have a problem with the code below. I am yet to make sure that I understand the problem. Correct me if I am wrong please.
  Code functionality:
  A timer calls SetState every second. It sets the state and sets boolean variable "changed" to true. Then notifies a main process thread to check if the state changed to send a message.
  The problem as far I understand is:
  Assume the timer Thread calls SetState twice before the main process Thread runs. As a result, "changed" is set to true twice. However, since the main process is blocked twice during the two calls to SetState, when it runs it would have the two SetState timer threads blocked on its synchronized body. It will pass the first one, send the message and set "changed" to false since it was true. Now, it will pass the second thread, but here is the problem, "changed" is already set to false. As a result, it won't send the message even though it is supposed to.
  Would you please let me know if my understanding is correct? If so, what would you propose to resolve the problem? Should I call wait some other or should I notify in a different way?
  Thanks,
  B.D.
  Code:
  private static volatile boolean bChanged = false;
  private static Thread objMainProcess;
     protected static void Init(){
          objMainProcess = new Thread() {
              public void run() {
                  while( objMainProcess == Thread.currentThread() ) {
                     GetState();
          objMainProcess.setDaemon( true );
          objMainProcess.start();
      public static void initStatusTimer(){
          if(objTimer == null)
               objTimer = new javax.swing.Timer( 1000, new java.awt.event.ActionListener(){
                  public void actionPerformed( java.awt.event.ActionEvent evt){
                            SetState();
      private static void SetState(){
          if( objMainProcess == null ) return;
          synchronized( objMainProcess ) {
              bChanged = true;
              try{
                  objMainProcess.notify();
              }catch( IllegalMonitorStateException e ) {}
      private static boolean GetState() {
          if( objMainProcess == null ) return false;
          synchronized( objMainProcess ) {
              if( bChanged) {
                  SendMessage();
                  bChanged = false;
                  return true;
              try {
                  objMainProcess.wait();
              }catch( InterruptedException e ) {}
              return false;
      }

  Thanks DrClap for your reply. Everything you said is right. It is not easy to make them alternate since SetState() could be called from different places where the state could be anything else but a status message. Like a GREETING message for example. It is a handshaking message but not a status message.
  Again as you said, There is a reason I can't call sendMessage() inside setState().
  The only way I was able to do it is by having a counter of the number of notifies that have been called. Every time notify() is called a counter is incremented. Now instead of just checking if "changed" flag is true, I also check if notify counter is greater than zero. If both true, I send the message. If "changed" flag is false, I check again if the notify counter is greater than zero, I send the message. This way it works, but it is kind of a patch than a good design fix. I am yet to find a good solution.
  Thanks,
  B.D.

• Problem with threads running javaw

  Hi,
  Having a problem with multi thread programming using client server sockets. The program works find when starting the the application in a console using java muti.java , but when using javaw multi.java the program doesnt die and have to kill it in the task manager. The program doesnt display any of my gui error messages either when the server disconnect the client. all works find in a console. any advice on this as I havent been able to understand why this is happening? any comment would be appreciated.
  troy.

  troy,
  Try and post a minimum code sample of your app which
  does not work.
  When using javaw, make sure you redirect the standard
  error and standard output streams to file.
  Graeme.Hi Graeme,
  I dont understand what you mean by redirection to file? some of my code below.
  The code works fine under a console, code is supposed to exit when the client (the other server )disconnects. the problem is that but the clientworker side of the code still works. which under console it doesnt.
  public class Server{
  ServerSocket aServerSocket;
  Socket dianosticsSocket;
  Socket nPortExpress;
  ClientListener aClientListener;
  LinkedList queue = new LinkedList();
  int port = 0;
  int clientPort = 0;
  String clientName = null;
  boolean serverAlive = true;
  * Server constructor generates a server
  * Socket and then starts a client threads.
  * @param aPort      socket port of local machine.
  public Server(int aPort, String aClientName, int aClientPort){
  port = aPort;
  clientName = aClientName;
  clientPort = aClientPort;
  try{
  // create a new thread
  aServerSocket = new ServerSocket(port) ;
  // connect to the nPortExpress
  aClientListener = new ClientListener(InetAddress.getByName(clientName), clientPort, queue,this);
  // aClientListener.setDaemon(true);
  aClientListener.start();
  // start a dianostic port
  DiagnosticsServer aDiagnosticsServer = new DiagnosticsServer(port,queue,aClientListener);
  // System.out.println("Server is running on port " + port + "...");
  // System.out.println("Connect to nPort");
  catch(Exception e)
  // System.out.println("ERROR: Server port " + port + " not available");
  JOptionPane.showMessageDialog(null, (e.toString()),"ERROR: Server port " + port + " not available", JOptionPane.ERROR_MESSAGE);
  serverAlive = false;
  System.exit(1);
  while(serverAlive&&aClientListener.hostSocket.isConnected()){
  try{
  // connect the client
  Socket aClient = aServerSocket.accept();
  //System.out.println("open client connection");
  //System.out.println("client local: "+ aClient.getLocalAddress().toString());
  // System.out.println("client localport: "+ aClient.getLocalPort());
  // System.out.println("client : "+ aClient.getInetAddress().toString());
  // System.out.println("client port: "+ aClient.getLocalPort());
  // make a new client thread
  ClientWorker clientThread = new ClientWorker(aClient, queue, aClientListener, false);
  // start thread
  clientThread.start();
  catch(Exception e)
  //System.out.println("ERROR: Client connection failure");
  JOptionPane.showMessageDialog(null, (e.toString()),"ERROR: Client connection failure", JOptionPane.ERROR_MESSAGE);
  }// end while
  } // end constructor Server
  void serverExit(){
       JOptionPane.showMessageDialog(null, "Server ","ERROR: nPort Failure", JOptionPane.ERROR_MESSAGE);
       System.exit(1);
  }// end class Server
  *** connect to another server
  public class ClientListener extends Thread{
  InetAddress hostName;
  int hostPort;
  Socket hostSocket;
  BufferedReader in;
  PrintWriter out;
  boolean loggedIn;
  LinkedList queue;      // reference to Server queue
  Server serverRef; // reference to main server
  * ClientListener connects to the host server.
  * @param aHostName is the name of the host eg server name or IP address.
  * @param aHostPort is a port number of the host.
  * @param aLoginName is the users login name.
  public ClientListener(InetAddress aHostName, int aHostPort,LinkedList aQueue,Server aServer)      // reference to Server queue)
  hostName = aHostName;
  hostPort = aHostPort;
  queue = aQueue;
  serverRef = aServer;      
  // connect to the server
  try{
  hostSocket = new Socket(hostName, hostPort);
  catch(IOException e){
  //System.out.println("ERROR: Connection Host Failed");
  JOptionPane.showMessageDialog(null, (e.toString()),"ERROR: Connection to nPort Failed", JOptionPane.ERROR_MESSAGE);     
  System.exit(0);
  } // end constructor ClientListener
  ** multi client connection server
  ClientWorker(Socket aSocket,LinkedList aQueue, ClientListener aClientListener, boolean diagnostics){
  queue = aQueue;
  addToQueue(this);
  client = aSocket;
  clientRef = aClientListener;
  aDiagnostic = diagnostics;
  } // end constructor ClientWorker
  * run method is the main loop of the server program
  * in change of handle new client connection as well
  * as handle all messages and errors.
  public void run(){
  boolean alive = true;
  String aSubString = "";
  in = null;
  out = null;
  loginName = "";
  loggedIn = false;
  while (alive && client.isConnected()&& clientRef.hostSocket.isConnected()){
  try{
  in = new BufferedReader(new InputStreamReader(client.getInputStream()));
  out = new PrintWriter(new OutputStreamWriter(client.getOutputStream()));
  if(aDiagnostic){
  out.println("WELCOME to diagnostics");
  broadCastDia("Connect : diagnostics "+client.getInetAddress().toString());
  out.flush();
  else {       
  out.println("WELCOME to Troy's Server");
  broadCastDia("Connect : client "+client.getInetAddress().toString());
       out.flush();
  String line;
  while(((line = in.readLine())!= null)){
  StringTokenizer aStringToken = new StringTokenizer(line, " ");
  if(!aDiagnostic){
  broadCastDia(line);
  clientRef.sendMessage(line); // send mesage out to netExpress
  out.println(line);
  out.flush();
  else{
  if(line.equals("GETIPS"))
  getIPs();
  else{
  clientRef.sendMessage(line); // send mesage out to netExpress
  out.println(line);
  out.flush();
  } // end while
  catch(Exception e){
  // System.out.println("ERROR:Client Connection reset");
                           JOptionPane.showMessageDialog(null, (e.toString()),"ERROR:Client Connection reset", JOptionPane.ERROR_MESSAGE);     
  try{
  if(aDiagnostic){
  broadCastDia("Disconnect : diagnostics "+client.getInetAddress().toString());
  out.flush();
  else {       
  broadCastDia("Disconnect : client "+client.getInetAddress().toString());
       out.flush();
  // close the buffers and connection;
  in.close();
  out.close();
  client.close();
  // System.out.println("out");
  // remove from list
  removeThreadQueue(this);
  alive = false;
  catch(Exception e){
  // System.out.println("ERROR: Client Connection reset failure");
  JOptionPane.showMessageDialog(null, (e.toString()),"ERROR: Client Connection reset failure", JOptionPane.ERROR_MESSAGE);     
  }// end while
  } // end method run
  * method run - Generates io stream for communicating with the server and
  * starts the client gui. Run also parses the input commands from the server.
  public void run(){
  boolean alive = true;
  try{
  // begin to life the gui
  // aGuiClient = new ClientGui(hostName.getHostName(), hostPort, loginName, this);
  // aGuiClient.show();
  in = new BufferedReader(new InputStreamReader(hostSocket.getInputStream()));
  out = new PrintWriter(new OutputStreamWriter(hostSocket.getOutputStream()));
  while (alive && hostSocket.isConnected()){
  String line;
  while(((line = in.readLine())!= null)){
  System.out.println(line);
  broadCast(line);
  } // end while
  } // end while
  catch(Exception e){
  //     System.out.println("ERRORa Connection to host reset");
  JOptionPane.showMessageDialog(null, (e.toString()),"ERROR: Connection to nPort reset", JOptionPane.ERROR_MESSAGE);
  try{
  hostSocket.close();
       }catch(Exception a){
       JOptionPane.showMessageDialog(null, (a.toString()),"ERROR: Exception", JOptionPane.ERROR_MESSAGE);
  alive = false;
  System.exit(1);
  } // end method run

• Problem with threads and camera.

  Hi everybody!
  I've a problem with taking snapshot.
  I would like to display a loading screen after it take snapshot ( sometimes i
  have to wait few seconds after i took snapshot. Propably photo is being taken in time where i have to wait).
  I was trying to use threads but i didn't succeed.
  I made this code:
  display.setCurrent(perform);               
          new Thread(new Runnable(){
              public void run() {               
                  while((!performing.isShown()) && (backgroundCamera.isShown())){
                      Thread.yield();
                  notifyAll();
          }).start();
          new Thread(new Runnable(){
              public void run() {
                  try {
                      this.wait();                   
                  } catch(Exception e) {
                      exceptionHandler(e);
                  photo = camera.snapshot();                               
                  display.setCurrent(displayPhoto);
          }).start();This code is sometimes showing performing screen but sometimes no.
  I don't know why. In my opinion performing.isShown() method isn't working correctly.
  Does anyone have some idea how to use threads here?

  Hi,
  I've finally managed to work this fine.
  The code:
         Object o = new Object();
         display.setCurrent(perform);               
          new Thread(new Runnable(){
              public void run() {               
                  while(!performing.isShown()){
                      Thread.yield();
                 synchronized(o) {
                    o.notify();
          }).start();
          new Thread(new Runnable(){
              public void run() {
                  try {
                      synchronized(o) {
                         o.wait(1);
                  } catch(Exception e) {
                      exceptionHandler(e);
                  photo = camera.snapshot();                               
                  display.setCurrent(displayPhoto);
          }).start();