Security/Encryption Support in 1.4

Similar Messages

• Since the most recent Firefox update 3.6.8 by banking institution no longer shows as having a secure encrypted connection, however, my bank assures me all is well with their certificates and that is a problem with the new Firefox browser update, can you g

  Since the most recent Firefox update 3.6.8 my banking institution no longer shows as having a secure encrypted connection, however, my bank assures me all is well with their certificates and that is a problem with the new Firefox browser update, can you give me some idea why it is doing this?
  == This happened ==
  Every time Firefox opened
  == Right after the new Firefox update

  Hello Anne.
  Can you please try it in a new (temporary) Firefox profile and see if the issue is still present? See [http://support.mozilla.com/en-US/kb/Managing+profiles this article] to know how to create a new Firefox profile. Please report back the results.

• Firefox is up to date. need 128 bit security encryption

  My firefox is up to date. In order to get paperless statements from credit cards I need to have 128 bit security encryption. Card company checked browser and did not continue to make the change to paperless, due to the fact that 128 bit security encryption was not found; also read that: you need to update your browser.
  How do I get this encryption? thank you

  Can't you bypass that test?<br />
  There is usually a link on the page to continue anyway and ignore the check for the encryption check.
  If websites complain about 128 bit encryption not available then that can be caused by the "U;" that is no longer present in the user agent of Firefox 4+ versions.
  * https://developer.mozilla.org/en/User_Agent_Strings_Reference
  * http://en.wikipedia.org/wiki/User_agent#Encryption_strength_notations
  *[https://bugzilla.mozilla.org/show_bug.cgi?id=572668 bug 572668] - Remove the crypto strength token from the UA string
  Firefox supports 256 bit encryption ciphers (AES-256) since 2003 in Firebird 0.6, so all Firefox versions have 128 bit and 256 bit encryption.
  * https://www.fortify.net/sslcheck.html

• In trying to set up an online account, a diagnostic informed me that I should update my browser to accept 128 bit security encryption. How do I accomplish this? I already have Firefox 4.

  I can't understand why my browser would not be compatible with 128 bit security encryption. Have set up several other accts with no issues. What are possible problems related to this non-compatibility?

  Firefox 4 supports AES-256 (256 bit) encryption in addition to 128 bit since Firefox 2 in 2002.
  * https://www.fortify.net/cgi/ssl_2.pl
  Can you post a link to that page?

• Is the security encryption in Mozilla browser 128 bit or higher? I have a site that requires confirmation before I can use it.

  Just an information question, not a problem. A site that I want to use on line securely to transfer funds requires that I confirm that my browser supports or has 128 bit security encryption. The site offers to check my browser, which I did and it comes up saying that I don't meet 128-bit security encryption standard or something to that effect. I believe I have the latest version of Firefox/Mozilla installed -- updated just last week (Sept 8th, 2011).
  Does this browser have 128-bit security encryption?

  Firefox versions since Firefox 2 in in 2002 support AES-256 as you can see used on this forum.
  *https://developer.mozilla.org/en/Security_in_Firefox_2
  *https://www.fortify.net/sslcheck.html

• PGP Encryption support in SOA Suite 11g

  Hi,
  Looking for PGP encryption support in SOA Suite 11g as we have a requirement to encrypt the file using PGP encryption and send over SFTP.
  I already went through some of the forums posts but they are date back to 2007, so just wanted to confirm if there is anything in recent releases of SOA Suite.
  - FTP adapter support or
  - OWSM suppport.
  As far as i know, we have to install some PGP tool and write a script to encrypt/decrypt and call the script from BPEL. this conclusion is based on a stmt given in the OWSM 10g book by sitaraman.
  Please provide your insights on this.
  Thanks
  Siva

  Hi Siva,
  I don't think still there is any support for PGP in Oracle SOA. You may use java for PGP encryption/decryption and transfer externally encoded messages over SFTP.
  Please refer -
  Re: PGP Encryption/Decryption
  PGP Encryption in B2B
  Regards,
  Anuj

• Weblogic.security.Encrypt

  Have been a long time user of weblogic security So far it always used 3DES
  Recently with 11gR1 (we are using Weblogic Portal which internally uses weblogic Server Securiy)
  I went into the domain directory
  typed
  java weblogic.security.Encrypt mypass
  Got back a encrypted string which is AES encrypted
  type the same command Again after 1 minute
  Got back a different string which is AES encrypted
  In previous release I never saw this. We are using bundled jrockit on Red hat 5.3 as the OS here
  I was expecting the utility to always return the same encrypted password every time I run it ? Not sure if this is a bug or just the way AES encryption behaves
  Which encrypted password should I use in the jdbc config.xml ?
  Is there a way to use 3DES versus AES (some switch which controls this behavior at server level)
  Thanks
  Yesh

  its an expected behavior that you dont see the same encrypted string as a dynamic vector is used as the hash value.
  Since hash is different all the time, encrypted string is different.
  You can use both AES/DES without a problem.

• Weblogic.security.Encrypt  -and-  Not enough space

  This post has two questions.
  I have a simple application on wls9.2 that is a web front end to the weblogic.security.Encrypt command line utility. It seems to work fine, but after a little bit of use I am seeing the following:
  java.io.IOException: Not enough space
  at java.lang.UNIXProcess.forkAndExec(Native Method)
  at java.lang.UNIXProcess.<init>(UNIXProcess.java:53)
  at java.lang.ProcessImpl.start(ProcessImpl.java:65)
  at java.lang.ProcessBuilder.start(ProcessBuilder.java:451)
  at java.lang.Runtime.exec(Runtime.java:591)
  at java.lang.Runtime.exec(Runtime.java:429)
  at java.lang.Runtime.exec(Runtime.java:326)
  at encrypt.wls92Encrypt(Unknown Source)
  at encrypt.doGet(Unknown Source)
  at encrypt.doPost(Unknown Source)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
  at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:223)
  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
  at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3245)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
  at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2003)
  at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1909)
  at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1359)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
  1) Here is the forking code:
  try {
  proc = Runtime.getRuntime().exec("java -Dweblogic.RootDirectory="+rootDir+" weblogic.security.Encrypt "+password);
  BufferedReader bf=new BufferedReader(new InputStreamReader(proc.getInputStream()));
  line=bf.readLine();
  bf.close();
  } catch (IOException e) {
  Is there a better way to do this, without forking? Seems odd to execute a java call, in java, just to get the encrypted string. I'd like to call weblogic.security.Encrypt inline, but have been unable to do so.
  2) Why would the Not enough space error creep up? Researching it, it seems like it is a swap problem, but that does not seem to be the case on our system. A top shows:
  Memory: 8192M phys mem, 2769M free mem, 5004M swap, 5004M free swap
  at the time of failure. Disk usage is looking great as well. The JVM heapsize is around 80% free. An lsof on the system shows about 150 open files on the managed server.
  Any ideas on how to troubleshoot this would be appreciated.
  Thanks

  I use CCleaner from the AppStore to delete the 'useless' stuff. It's free and works great for me

• How NOT to do security & customer support

  Our Skype account was suspended, for reasons unknown to me - but understandable, since security is important.
  (And no, it was not one of those pesky scam emails, and OF COURSE I tried to log in directly via Skype (on both my Mac and my iPad) and not via the provided link and proceeded from there)
  The problem is that, in order to unlock my account, I have to answer questions that I never knew I was going to be asked:
  For us to lift the restriction on your account, please provide us with the following information:
  1) In what year did you create your account?
  WTF? That was AGES ago! Somewhere between 2004 and 2008 I think.
  2) In which country/region did you create your account?
  WTF? Can't remember if I started using Skype when I worked in New Zealand, Scotland, or Germany. I still mostly use iChat and FaceTime.
  3) What payment method did you use?
  WTF? I think PayPal but I'm not sure - too long ago. And the credit card I might have used has expired years ago.
  4) Tell us the details of up to three of your Skype contacts. You can use their actual name or Skype Name if you know it.
  Is that ANY of your business??? Isn't that kind of information supposed to be private??? That’s pretty much an admission that they snoop through all your stuff …
  Please be aware that if the information you will provide us are missing or incorrect, we are unable to verify your identity and process your request.
  So after 10 (?) years we lost our Skype account and contacts in it.
  I can't even contact their support or the forum because - you guessed it - YOU HAVE TO LOG INTO YOUR SKYPE ACCOUNT FIRST!!!
  IMBECILES!
  The SOFTWARE isn't very good, but the COMPANY behind it is simply atrocious! But what can you expect from Microsoft?!
  What is really annoying is that nowhere, absolutely nowhere, am I being told what "unusual activity" is taking place. To be honest, I doubt there even IS any unusual activity - otherwise a simple password reset would have done it.
  The ONLY way I was able to contact them was by logging in with my Hotmail account (which I did not really want to do as they are separate accounts). Thanks Microsoft - I guess that was the aim of this little exercise … still can't get into our Skype account but now I can contact their “help” …
  I got to “chat” with “Dan A.” who says “sorry” a lot and explains that management sets the bar for “security” very high. Asking obscure questions which users can't answer isn’t “high standards”, that’s INCOMPETENCE!
  After going through all kind of hoops we arrive at:
  "I really want to help you on this since it is clearly your account, But since I have to follow our process with regards to account's security, I really recommend you to go through this verification. I am sorry, I am just following orders. I am very very sorry."
  Unbelievable. There is a VERY lonely brain cell at the other end of the line …
  So I ask for the problem to be escalated up the ladder. Answer:
  "I hope I can escalate this, but since your account is blocked we need to verify your account first."
  I think that brain cell just self-destructed.
  The sheer INCOMPETENCE at Microsoft is mind-blowing!
  So what am I supposed to do? Guess all possible combinations until I hit the right one so that their "high security standards" are fulfilled?
  Years of contact details and some money down the drain because Microsoft **bleep**ed up as usual. Bad security, incompetent support, out of this world arrogance. I just KNEW they would **bleep** up Skype when they took over - 2.8 was the last decent version (and I hope you all are aware that the ONLY reason to force people onto the newer versions and make it incompatible with the old one was so that they and the NSA can listen in).

  As Costa Rica isn't on this page : http://support.apple.com/kb/HT5699
  then try contacting Support via this form and explain that you've forgotten your answers, don't have a rescue email address, and your country isn't on the HT5699 page and see how they reply : https://ssl.apple.com/emea/support/itunes/contact.html
  When they've been reset you can then use the steps half-way down this page to add a rescue email address for potential future use : http://support.apple.com/kb/HT5312 .

• WS-Security Encrypted Response

  Hi,
  When I call a WS-Security web service (in WLS 8.1 SP3), it works fine until I set it to encrypt the response. Then I get
  java.rmi.RemoteException: SOAP Fault:javax.xml.rpc.soap.SOAPFaultExc
  eption: Exception during processing: weblogic.utils.AssertionError: ***** ASSERT
  ION FAILED *****[ Unable to secure response ] - with nested exception:
  [java] [weblogic.xml.stream.XMLStreamException: Object not initialized. - w
  ith nested exception:
       [java] [weblogic.xml.security.encryption.EncryptionException: Object not in
  itialized. - with nested exception:
       [java] [com.rsa.jsafe.JSAFE_InvalidUseException: Object not initialized.]]]
  (see Fault Detail for stacktrace)
  [java] Detail:
  [java] <detail>
  [java] <bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers
  /wls70/webservice/fault/1.0.0">com.rsa.jsafe.JSAFE_InvalidUseException: Object n
  ot initialized.
  [java] at com.rsa.jsafe.JG_BlockCipher.encryptUpdate(JG_BlockCipher.jav
  a:652)
  [java] at weblogic.xml.security.encryption.CipherWrapper$JSafeCipherWra
  pper.update(CipherWrapper.java:277)
  etc.
  Any ideas ?
  Dave
  UK

  Looks like a problem in the key pair mis-matched. i.e: domestic strength key vs. foreign

• WL's WS-Security stack support

  Hi
  Sorry for crossposting. Just after publishing on "Java Technology & XML"topic I found a WL specific one.
  The original post is WL's WS-Security stack support
  To save your time I'll copy/paste it here..
  Hi
  3 questions regarding WL10 support of web service security spec's stack support.
  1. What are additional ws-sec specs supported by WL10 (no doubt, the basic, WS-Sec. is supported)? - what is about WS-Sec. conversation, WS-Trust, Federation etc?
  2. In case I need to handle verification of tokens by myself, what is the best way to be involved? Are there special hook ups of WL i have to implement, or I can add my JAAS LoginModule with some specific name and it will be used?
  3. Once the WS-Sec authentication was successfully performed, does WL10 execute the call in bounding to Subject?

  Thanks Patrick! That thread helped. I got the proxy service to use the customized WS-Policy.
  Do you know of any tool to create the password digest given a plain text password? Also, is there any particular algorithm that weblogic uses to store the digest in the authenticator? I am currently using soapUI to act as a client for unit testing purposes. I tried supplying the WSS header with the inbuilt feature of 'Add WSS Username Token' in soapUI. It adds the username, password digest, nonce and created date. However, I get the 'Failed to assert identity with UsernameToken' exception in the log. The request never gets through.
  Edited by: SOAer on Apr 8, 2011 9:07 AM

• No Security Encryption shown when purchasing onlin...

  I just decided to get a online telephone number in the US and it displayed the last 4 digits of my credit card but the encryption security logo was not displayed. I am running win7 with the latest updates so I do not understand why you do not display this security logo.
  Please tell us why?

  I went back and took a second look and i found the problem which is rather disturbing. The security logo is not displayed as it should be, instead you get a lock displayed as you go into you're account. That is pure rubbish. The security encryption logo should be displayed when you are in a secure encryption environment.
  Also equally disturbing is you have set up two pending purchases to my credit card for
  an online number which you say is being held for 19 days.
  There is no way to cancel this that is obvious.
  My whole outlook of Skype has changed.
  I want a way to remove these impending charges to my account.
  I have been shopping online for over ten years and never run into anything as sleazy as the way you do with this pending charges to credit cards with no way to cancel these pending charges.
  I would like someone who can correct this matter to contact me and explain this policy and remove these so called pending charges.

• HP Secure Encryption testing

  Hi,
  I'm interning this summer with HP and I just finished installing HP Secure Encryption on our HP Proliant DL380p gen8 server. I need to prove that encryption is working but can't find how to test that it's working. I can't find any guides for using HP Secure Encryption.
  Thanks in advance,
  Matthew

  I have been a part of a few Beta and Delta programs in the past.  Basically you sign up and then as opportunities come up you will get an email invite.  You then go apply for specific programs.  
  I will send you a PM with information on signing up.  
  Bob Headrick,  HP Expert
  I am not an employee of HP, I am a volunteer posting here on my own time.
  If your problem is solved please click the "Accept as Solution" button ------------V
  If my answer was helpful please click the "Thumbs Up" to say "Thank You"--V

• Does Cisco Cloud E-mail Security Solution Support IPv6?

  For the Cisco Cloud E-mail Security Solution - does it support both inbound and outbound IPv6?  Are there any limitations?  I know the IronPort E-mail Security Appliances supports IPv6 - but specifically interested in the cloud service.
  Thanks,
  --Jim

  arkhane wrote:
  Hi.
  Does anyone could explain me about SSL/TLS?
  Here is the situation:
  E72 allows in securîty settings to select SSL/TLS. I selected it for both accessing and sending mails and I can logon to my POP and send with SMTP.  So apparently no problem.
  But I asked my internet provider if they support SSL/TLS and they told me no they does not support it....so my question is does really SSL/TLS works in my situation and my provider has no clue on security settings or SSL/TLS does not work but it has no incidence on using my mails as I said I can receive mails and send mails even if those security settings are selected...?
  Thanks if anyone could explain me this.
  Some e-mail providers like Gmail use SSL/TLS.
  http://mail.google.com/support/bin/answer.py?answer=13287
  ‡Thank you for hitting the Blue/Green Star button‡
  N8-00 RM 596 V:111.030.0609; E71-1(05) RM 346 V: 500.21.009

• Security encryption for Original Airport Card?

  I recently purchased and installed an Apple Original Airport card(802.11b) for my iBook G3 running OSX Tiger(10.4.8). All available written documentation that I've obtained is telling me that the card is only 128 bit WEP encryption capable. However, I have been able to log onto my home network and access the internet via my router which is configured for WPA-PSK security encryption.
  Now, my question is? Do I have a problem with my home network security if I'm able to access it with a wireless card that is not supposed to be able to access it? Has anyone else encountered this?

  Hey Guys,
  I have a small problem with setting up our WIFI network!
  I have a G3 IBOOK Clemshell & a PC XP SP2 both on the WIFI Network. Right now i just removed the SSID and i enabled MAC filtering. But i want to secure our Network more, but how do i do that.
  How do i know, which WPA i need to take?
  I have a Belkin router/ Modem and i can choose WPA/WPA2-Personal (PSK)but than i have a field for "Authentication" what do i need to choose there? the options are: WPA-PSK, WPA2-PSK or WPA-PSK + WPA2-PSK. after that i have this field "Encryption Technique" and i can choose TKIP, AES or TKIP+AES! what to take???
  I know, so many questions,
  but first of all, i am quite new to APPLE and to WIFIs so a lot to learn, i really do hope, you can give me a hand!
  Best Regards,
  Jan