I know it looks like I haven't done my research but... I don't seem to be able to find any reliable papers/websites explaining in detail the tracking techniques used by the internet advertisers. (and believe me, I've been looking for good sources for 5 months now). Has anyone done any similar research / project in the past? Can you suggest any reading?
Just in case if my post is not clear, this was one of many questions i had:
How Do Internet Advertisers Use Third-Party Cookies?
Here are a few research studies:
Persistent Cookies
Folly of Detecting Tracking from Cookies
Related
I already did similar search terms for this topic in this forum.
https://stackoverflow.com/questions/6151668/alternative-to-google-translate-api
But that post is a bit old.. Things may have changed for about a year. And I wonder does anybody know if there's any better REST-based API service that I can use out there since that post was last posted.
Thanks.
I guess Bing translator could be the substitute that u are looking for.
I was looking for alternatives as well and came across a npm package called google-translate-api-browser which does work for my small project, but I can't assure big data translations or requests not being throttled
I am currently working with CAVE systems and I'm looking into hooking up a pre-exisiting game engine in one. I know this is possible through Unity and the Unreal Engine as there is already research out there showcasing that it has been done.
Right now, I have not decided upon one game engine to use and I'm currently looking around and researching if it is possible with the likes of CryEngine and Valve's Source Engine. The one issue that I am going to face, however, is getting the image to correctly render across all four of the monitors / screens.
Thusly, as a result I have two questions:
1.Does anyone know of any good research / books on distrubuted rendering? It doesn't need to be specificly for games, just the topic in general would be very useful
2.Does anyone know if other developers have managed to get Source and the CryEngine to run in a CAVE system? Through all my research I haven't been able to find anything on this, but then my google skills aren't the greatest.
If anyone could spare the time to answer these questions, I'd be extremely greatful.
Thanks.
too late for an answer, but still, you might want to have a look at
Equalizer: http://www.equalizergraphics.com
IceT: http://icet.sandia.gov
Chromium
(and a few more referenced in related publications, websites)
I work on a project known as the Security Development Lifecycle (SDL) project at Microsoft (http://microsoft.com/sdl) - in short it's a set of practices that must be used by product groups before they ship products to help improve security.
Over the last couple of years, we have published a great deal of SDL documentation, as customers ask for more information about what we're doing.
But what I'd like to know is:
What are you doing within your organization to help improve the security of your product?
What works? What doesn't work?
How did you get management to agree to this work?
Thanks.
Honestly, Reading your book was a good start. :-)
Responding to your questions:
Crypto is a hobby of mine that I sometimes blog about (e.g. on TLS and AES). After writing my own implementation of AES, I learned enough to know beyond a reasonable doubt that I should never use my own implementation but rather use the ones written by the CryptoAPI and OpenSSL guys.
Code reviews where people that are good at security issues are marked as required.
Having a class on-site with labs to raise awareness of issues mentioned in your book as well internal mailing lists discussing new issues.
Several folks listen to the Security Now podcast to keep current on what types of issues are out there and what is getting attacked. This indirectly affects design.
Except for an on-site course and buying the code review tool, none of these require management approval.
I'm an indie mac developer, but also a platform security evangelist: I'm the author of Pro Cocoa Application Security published by Wrox. In that book I champion the secure dev technique I use myself: it's based on the Swiderski and Snyder threat modeling, but with two changes. I make it lighter weight by considering which entry points access which assets without using DFDs. I also put more focus on identifying users and misusers, which I think makes it more applicable to shrinkwrap software.
As far as tool support is concerned, I use the Xcode static analyzer (based on clang), but have found it doesn't detect some common vulnerabilities. I did file bugs though :-). I also always use the gcc _FORTIFY_SOURCE macro. There aren't good Mac risk analysis tools but I'm working on that... ;-)
I've spoken on security to Mac devs at conferences and in podcasts and gotten plenty of feedback, if you want me to clarify anything I've said or are interested in the community feedback please ask in comments. Private questions are welcome to (though I'd prefer to stay on the forum): iamleeg at securemacprogramming dot
com.
We think before we code. Strangely enough, it avoids many bugs, including those which are exploitable by adverse parties and henceforth known as "security holes".
Part of the trick is not letting anyone near a keyboard unless he has a solid amount of experience and expertise.
I'm very impressed with my initial tests with db4o. However, i'm wondering just how many enterprise class websites are out there powered by db4o, i couldn't see any on the main website?
I can't see any reason why db4o should not be used. There appears to be decent enough support for transactions and ways to handle concurrency for example.
Anyone got a list of websites i could look at?
See:
http://developer.db4o.com/Projects/html/projectspaces/gaabormarkt.html
A particular search engine used to be powered by db4o (I say "used to" because I haven't talked to the author about this since a long time).
http://www.rel8r.com/
The author is Travis Reeder.
Although I cannot see websites specifically, here is a list of Open Source Projects from the db4o website:
http://developer.db4o.com/ProjectSpaces/view.aspx/Open_Source_Products
we're developing a web app to cover all aspects of a printing company from finances, to payroll, to job costing. Its important to be able to control who can access what parts of these applications. Don't want a line employee giving himself a raise, etc...
I've heard of the concept of ACL & ACO, but haven't found a good example that we could adapt to our project.
Anyone know where I can find good information to work from?
A brief rundown on ACLs, where they should be used and how they should be structured and implemented for various applications and user levels can be found here:
LINK
I've had to implement that type of security a couple of times. Unfortunately I don't know of any really good articles that provide examples. My implementations were mainly piecing together the parts through trial and error.
However, I did come across this link on MSDN:
http://msdn.microsoft.com/en-us/library/52kd59t0(VS.71).aspx
It has some of the concepts.
After my original post, I did some more research. I found this article:
http://www.aspfree.com/c/a/C-Sharp/Implementing-Role-Based-Security-using-CSharp/
it seems pretty promising, I didn't go through all the details, but it at least guides you through the high-level topics.
If you're using .NET/Windows you might want to look into Windows Authorization Manager (AzMan). There are support for AzMan in Enterprise Library but there are other ways of using it as well.
http://msdn.microsoft.com/en-us/library/ms998336.aspx
http://alt.pluralsight.com/wiki/default.aspx/Keith.GuideBook/WhatIsAuthorizationManager.html