Question regarding security of "applets"

Similar Messages

• Bit of a strange question regarding security and internet connection

  This is a bit of an odd question so bear with me for a moment.
  I sold my old G4 to someone I didn't know yesterday. While he was looking at it to make sure it was working I allowed him to plug my ethernet cable in (connected to both a netgear router and a cable modem) and go online to install an application on the computer he was buying. It did't take long and I didn't actually see what he installed but after he left and I plugged back in to my mac pro, my internet connection started suffering. It started by being very slow and then timing out with servers. I reset the modem and even bypassed the router but the connection did not improve and eventually I could only get a self assigned IP address with no internet, although the modem appeared to be fine.
  Aside from finding my I.P. address at my location, is there anything else he could have compomised security wise, either in the name of harvesting some kind of info or just creating a problem in the cable network when I let him use my connection on the g4?
  I think that most likely I'm being a little paranoid but the timing of this is a bit strange. It literally went down hill just after he left.
  Today the cable company is reporting a wider internet outage than just me but I just though I'd throw it out there to see if there are any security wholes exploitable when someone uses your internet connection (I would think and hope that there are not).
  thanks a bunch

  Well, in the closing the stable door approach it is a good idea to do a complete erase and install when selling any computer. There's lots of references to this and even one about removing a certain file so when they start up they get the brand new Mac greeting window. If you do not erase the drive using the secure erase feature in Disk Utility then with an $80 investment plus an empty spare drive the purchaser can likely recover any files you had on the computer recently if they consider it worth the effort.
  I suspect the internet issue is not related to this, especially since your ISP commented about problems.

• Please help me regarding Secure RMI Applet Application

  Hi Friends..
  Currently i use Java Card 2.2.1..
  I'm learning about SecureRMIDemo application that shipped with JCDK 2.2.1..
  Assume that i've loaded the SecureRMIApplet.cap successfully, and i've created the Secure RMI Client using SmartCardIO..
  And then i tried to do any process provided by Purse interface, such as debit, credit, setAccountNumber, etc..
  But i got this error message :
  java.rmi.RemoteException: Signature mismatch
       at com.sun.javacard.javax.smartcard.rmiclient.CardObjectFactory.throwError(Unknown Source)
       at com.sun.javacard.javax.smartcard.rmiclient.CardObjectFactory.throwException(Unknown Source)
       at com.sun.javacard.javax.smartcard.rmiclient.CardObjectFactory.getObject(Unknown Source)
       at com.sun.javacard.ocfrmiclientimpl.JCRemoteRefImpl.parseAPDU(Unknown Source)
       at com.sun.javacard.ocfrmiclientimpl.JCRemoteRefImpl.invoke(Unknown Source)
       at com.sun.javacard.samples.SecureRMIDemo.SecurePurseImpl_Stub.setAccountNumber(Unknown Source)
       at testRMIClient.SecureRMIClienrt.main(SecureRMIClienrt.java:27)Yes, i know that, that error message required to ensure that the application run in the Security context..
  But for me, who just getting started to Java Card Security, it becomes a problem... :(
  The message error tells that the Signature is mismatch..
  And then how to set this Signature before do any process in the SecureRMI Client application?..
  Since there's no way to set the Signature through Purse interface..
  Please help me regarding this..
  Thanks in advance..

  Thanks Shane for your reply..
  does it mean i've to send APDU?.. Because in the MySecurityService class code there's method that checks the CLA and INS byte..
  Or can i send an APDU Object while we're using the Java Card RMI Application mode?..
  Actually, in my opinion, i would say that if we use RMI mode, we don't need APDU Command anymore..
  Please correct me if i'm wrong..
  Thanks in advance..

• Question regarding security on this forum please

  I am new here (am assuming label 'Newbie' is related to posts etc?) - can anybody help with this please?  When I click on my user ID when I'm signed in I can see my email address under 'Public Statistics' - yet I can't see anybody else's. Is it only me that can see it? I ask because I really don't want my email address visible in case spam robots read it - this might be a silly question to an experienced user of this forum but do I need to worry? Thanks! Dave T.
  Solved!
  Go to Solution.

  No probs
  Ah, beginner status already - you could have a quick read of http://community.bt.com/t5/Forum-Guidance-Ideas/Ranking-structure/td-p/145 for a bit (12 pages!) of info regarding the ranking structure.
  -+-No longer a forum member-+-

• Question Regarding Security Updates 2006-005 and 2006-006?

  Okay I just noticed Apple Security Update 2006-005 and 2006-006 are available for download. Has anyone had any problems with these updates? I remember the Security Update 2006-001 was a nightmare for me -- Safari was broken after that update I had to do a complete OS reinstall then re-update to Mac OSZ 10.3.9 Panther and I only want to update if the likelihood of any problems occuring is very slim. Anyone running Mac OS X on PowerPC chips (i.e. using a PowerBook, an older iMac, Mac Mini, PowerMac etc) or on Intel chips (i.e. MacBook Pro, the new iMacs, new Mac Mini's etc) with Mac OS X Panther, Mac OS X Tiger etc having any problems with either update?

  (10.3.9 Client) seems to have broken my CS2 Version Cue after loading Security Update 2006-006 via Software Update - 27MB or something.
  Though afterwards all apps (Illustrator 12.0.1, Acrobat 7.0.8, PS 9.0.1 and InDesign 4.0.4) open and run fine, Version Cue disappeared from the Desktop Menu and System Preferences and says it's no longer installed, all this immediately after loading the Update and restarting.
  Two restarts and a Repair Permissions haven't resolved the issue. I've downloaded the stand alone Update and have run that but without any luck. I'd had no history of any trouble with any Security Update prior to this, and have run good maintenance schedules.
  I've not seen any other posts or related issues to mine, so maybe it's just my isolated event?

• Question on security in ABAP. Please help!

  Hi Experts,
          I have a question on security in ABAP program.
  I have a ABAP program which has a transaction attached.
  I have added authorization check in ABAP program(Progran level security).
  I have also attached the authorization object to the transaction.(Transaction level security)
  If an end user runs the transactionm, then which authorization check will fire first? Will it be transaction level?
  If I have web enabled my ABAP program via SICF (in other words, ITS). Then when I try to run my ITS service in the browser will the transaction level authorization fire? or Will the program level authorization fire?
  Please help me understand this security aspect.
  Thanks
  Gopal

  Hi gopalkrishna,
  1. if an end user runs the transactionm, then which authorization check will fire first? Will it be transaction level?
  Yes, transaction level first !
  2. In ITS scenario also,
    a) first tcode level,
    b) then, program level
  regards,
  amit m.

• Question on security in ABAP program with ITS. Please help!

  Hi Experts,
          I have a question on security in ABAP program.
  I have a ABAP program which has a transaction attached.
  I have added authorization check in ABAP program(Progran level security).
  I have also attached the authorization object to the transaction.(Transaction level security)
  If an end user runs the transactionm, then which authorization check will fire first? Will it be transaction level?
  If I have web enabled my ABAP program via SICF (in other words, ITS). Then when I try to run my ITS service in the browser will the transaction level authorization fire? or Will the program level authorization fire?
  Please help me understand this security aspect.
  Thanks
  Gopal

  <i>I have added authorization check in ABAP program(Progran level security).</i>
  i assume you have coded call authority within the program.
  <i>If an end user runs the transactionm, then which authorization check will fire first?</i>
  if he calls the transaction, then first authorization attached to the transaction will be checked.
  but if he executes the program attached to the transaction, then the authorization attached to the transaction dosent help here, the one coded in side the program is checked.
  <i>If I have web enabled my ABAP program via SICF (in other words, ITS).</i>
  it depends,
  if you are calling your transaction like
  webgui/?~transaction=<tcode> then first tcode level authorization.
  if you generate the templates for the program and callign the same, then i guess its progam level. (i need to check this)
  Regards
  Raja

• How to get security verified applet?

  please help me..
  how to implement applet which can get computer and network information securely? (security verified applet)
  thanks!

  rockster14 wrote:
  how to implement applet which can get computer and network information securely? (security verified applet)Now, you're not going to claim this has something to do with "..[sell printer related products|http://forums.sun.com/thread.jspa?messageID=10764588#10764588]" are you? ;-)
  What is it you are trying to do? Or rather, my same question in that original thread, what is the "user feature"?
  And while I am here, what is causing the problem? Is it ..
  a) Deploying an applet so that it is trusted?
  b) Obtaining this 'computer and network' information?

• Several questions regarding File Vault

  Hi!
  I have several questions regarding File Vault - right now I'm using Mac OS 10.4.8
  1.: The battery lock of my iBook is defect thus it happens from time to time that while transporting it the battery drops out while the laptop is sleeping. What happens with the File Vault-disk image?
  2.: I want to (have to ) set up my Intel iMac again. The installer-CD I have will bring it back to 10.4.6
  AFAIK the data format used for File Vault since 10.4.7 is version 2. What happens if I encrypt my stuff now (10.4.8 - thus version 2), back it up to my backup disc, install a new system (10.4.6 - therefore version 1) and want to access my data via Migration Manager (don't want to use archive and install)?
  3.: How do I actually do a backup of my data while the system is running? The backup should be encrypted as well.
  I use the demo-version of SuperDuper for backing up my system because with it I can ensure that I have a complete bootable backup of my running system.
  Thanks for your answers in advance
  ibook g4 12" 1.2 GHz 768 MB RAM / Intel iMac Core 2 Duo 17" 2.0 GHz 2GB RAM   Mac OS X (10.4.8)  

  Parker,
  You said:1. If it did, Apple would not use FileVault, as everyones computer will have a battery problem once in their life, and Apple would lose buisness from angry people who lost all of their data.I have seen enough reports of data loss with FileVault that I feel compelled to dispute your statement.
  In Data corruption and loss: causes and avoidance, Dr. Smoke writes...If your data-security needs demand FileVault, you should backup your encrypted Home folder regularly, preferably daily. Like any hard drive or disk image, a Home folder protected by FileVault — an encrypted, sparse disk image — does not respond well to the causes of data corruption...Loss of power definitely is a cause of data corruption.
  For Niels....,
  An Unencrypted Look at FileVault, by François Joseph de Kermadec is an excellent discussion of the features, pitfalls, and cautions regarding Filevault.
  Although the article discusses Panther and is dated 12/19/2003, the concepts as they apply Tiger have not changed.
  The cautions and warnings are prominent in any of the Apple Knowledge Base articles referring to the use of FileVault. If a user is unfamiliar with any aspect of FileVault, it should not in my opinion be activated.
  As good as FileVault is in protecting your sensitive data, it also presents the danger of locking up your files in an irretrievable ball of one's and zero's. Backups are critical. You must ensure that you have a comprehensive backup plan. Backup and Recovery, by Dr. Smoke is a fine example of what you need to consider.
  ;~)

• Provider Security Domain applet on JCOP

  hi, All
  I use the Eclipse plugin JCOP 3.0 tools, try to install myself Security Domain applet to OP.
  Is the JCOP card simulator support the Provider Security Domain ?
  If not, which JCOP real card can I use to upload & install my Security Domain ?
  thanks for advance!
  Andy Hua.

  MatiGdoc wrote:
  Hi,
  I'm newbie in JCOP programming, so I need help from "masters" ...
  Im using JCOP 10 v2.2 GP2.1.1 compliant with SCP02 support. I can compute sucesfully all neccessary session keys / cryptograms needed by initialize update / external authenticate commands.
  Original JCOP tools uses in external authenticate security mode "NO_SECURITY_LEVEL" - 84 82 00 00, so the load command contains plain Header, Directory, Import etc .cap files.
  But I want to load .cap in more secure way, using C_DECRYPTION mode. So, my questions are:
  - Is C_MAC mode mandatory with C_DECRYPTION ? In other way, can I use p1=0x02 instead of 0x03 in External Authenticate command ?C_DECRYPTION also mandates C_MAC. You can use for P1: 00, 01 and 03.
  - Which key must be used for Datafield encryption ? I suppose S_ENC key generated for secure channel, right ?Correct.
  - should datafield for Install_for_load command (80 E6 02) also be crypted with S_ENC ?Yes. Starting with C_MAC your class byte needs to be 84 though.
  - should the datafield also be padded before calculating the C_MAC ? You pad for C_MAC as first step, and then pad the data field as a second step, excluding C_MAC. Check out GP 2.1.1 card spec, figure E-6.

• Question Regarding MIDI and Sample Accuracy

  Hi,
  I have 2 questions regarding MIDI.
  1. MIDI is moved by ticks. In the arrange window however, you can move a region by samples. When doing this, you can move within values of the ticks (which you can see on your position box that pops up) Now, will this MIDI note actually be played back at that specific sample point, or will it round the event to the closest tick? (example, if I have a MIDI note directly on 1.1.1.1, and I move the REGION in the arrange... will that MIDI note now fall on the sample that I have moved the region to, or will it be rounded to the closest tick?)
  2. When making a midi template from an audio region, will the MIDI information land exactly on the sample of the transient, or will it be rounded to the closest tick?
  I've looked through the manual, and couldn't find any specific answer to these questions.
  Thanks!
  Message was edited by: Matthew Usnick

  Ok, I've done some experimenting, and here are my results.
  I believe those numbers ARE samples. I came to this conclusion by counting (for some reason it starts on 11) and cutting a region to be 33 samples long (so, minus 11, is 22 actual samples). I then went to the Audio Bin window, and chose to view region length as samples. And there it said it: 22 samples. So, you can in fact move MIDI regions by samples!
  Second, I wanted to see if the MIDI notes in the region itself would be quantized to the nearest tick. I cut a piece of audio, so it had a 1 sample attack (zoomed in asa far as I could in the sample editor, selected the smallest portion, and faded in, and made the start point, the region start position). I saved the region as a new audio file, and loaded it up in the exs sampler.
  I then made a MIDI region, with and triggered the sample on beat 1 (quantized, on the money). I then went into the arrange window, made a fixed cycle length, and bounced the audio. I then moved the MIDI region by one sample to the right. I did this 22 times (which is the number of samples in a tick, at 120, apparently). After bouncing all of these (cycle position remained fixed, only the MIDI region was moving) I imported all the audio into the arrange on new tracks, and YES!!! The sample start was cascaded by a sample each time!
  SO.
  Not only can you move MIDI regions by sample, but the positions are NOT quantized to Logics ticks!
  This is very good news, and glad I worked this out!
  (if anyone thinks this sounds wrong, please correct me, but I'm pretty sure I proved it, in my test)
  Message was edited by: Matthew Usnick

• Question regarding homehub and Open reach router -...

  Hi all,
    I had infinity installed earlier this month and am happy with it so far. I do have a few questions regarding the service and hardware though.
    I run both my BT openreach router and BT Home hub from the same power socket. The problem is, if I turn the plug on so both the Homehub and Openreach Router start up at the same time, the home hub will never get an Internet connection from the router. To solve this I have to turn the BT home hub on first and leave it for a minute, then start the router up and it all works fine. I'm just curious if this is the norm or do I have some faulty hardware?
    Secondly, I appreciate the estimated speed BT quote isn't always accurate, I was quoted 49mbits down but received 38mbits down - Which I was happy with. Recently though it has dropped to 30. I am worried this might continue to drop over time. and as of present I am 20mbits down on the estimate . For the record 30mbits is actually fine and probably more than I would ever need. If I could boost it some how though I would be interested to hear from you.
  Thanks, .

  Just a clarification: the two boxes are the HomeHub (router, black) and the modem (white).  The HomeHub has its own power switch, the modem doesn't.
  There is something wrong if the HomeHub needs to be turned on before the modem.  As others have said, in general best to leave the modem on all the time.  You should be able to connect them up in any order, or together.  (For example, I recently tripped the mains cutout, and when I restored power the modem and HomeHub went on together and everything was ok).
  Check if the router can connect/disconnect from the broadband using the web interface.  Leaving the modem and HomeHub on all the time, go to http://192.168.1.254/ on a browser on a connected computer, and see whether the Connect/Disconnect button works.

• Question regarding IWDTree and context Value Node naming

  Hi,
  I have a question regarding the IWDTree / IWDTreeNodeType components.
  I have a context looking like this:
  Context
    + ResponseNode
      + PersonNode (1..1)
        + PersonAddressNode                    (empty node, placeholder)
        | + AdresNode (0..n)
        + PersonChildNode                      (empty node, placeholder)
        | + PersonNode (0..n)
        |   + PersonAddressNode                (empty node, placeholder)
        |     + AddressNode (0..n)
        + PersonParentsNode                    (empty node, placeholder)
          + PersonNode (0..n)
            + PersonAddressNode                (empty node, placeholder)
              + AddressNode (0..n)
  The context represents a person, a person's address, and a person's children and parents with their respective addresses.
  As a result, on different branches, a PersonNode and AddressNode can appear.
  And for some strange reason, all PersonNodes and AddressNodes link to the same ResponseNode.PersonNode.PersonParentsNode.PersonNode and ResponseNode.PersonNode.PersonParentsNode.PersonNode.PersonAddressNode.AddressNode respectively, irregardless of their branch...
  Is it illegal to have multiple PersonNode and AddressNode node names, and should they be named uniquely?

  Generally, node names need to be unique inside the context, attributes in different nodes can have same names. I wonder if the context structure you described will result in code without compile errors.
  The WD Tree can only be used with recursive context nodes or with a hierarchy of non-singleton child nodes.
  Can you give an example how your tree should look like at runtime?

• Question regarding roaming and data usage

  I am currently out of my main country of service, and as such I have a question regarding roaming and data usage.
  I am told that the airplane mode is sufficient from keeping the phone off from roaming, but does this apply to any background data usage for applications and such?
  If the phone is in airplane mode, are all use of the phone including wifi and application use through the wifi outside of all extra charges from roaming?

  Ann154 wrote:
  If you are getting charged to use the wifi, then it is possible.  Otherwise no
  Just to elaborate here, Ann154 is referring to access charges for wifi, which is nothing to do with Verizon, so if you are using it in a plane, hotel, an internet cafe etc that charges for Wifi rather than being free .   Verizon does not charge you (or indeed know about!) wifi usage, or any other usage that is not on their cellular network (such as using a foreign SIM for example in global phones)  So these charges, if any, will not show up on the verizon bill app.  Having it in airplane mode prevents all cellular data traffic so you should be fine

• Question regarding MM and FI integration

  Hi Experts
  I have a question regarding MM and FI integration
  Is the transaction Key in OMJJ is same as OBYC transaction key?
  If yes, then why canu2019t I see transaction Key BSX in Movement type 101?
  Thanks

  No, they are not the same.  The movement type transaction (OMJJ) links the account key and account modifier to a specific movement types.  Transaction code (OBYC) contains the account assignments for all material document postings, whether they are movement type dependent or not.  Account key BSX is not movement type dependent.  Instead, BSX is dependent on the valuation class of the material, so it won't show in OMJJ.
  thanks,