April 18, 2011
thawte: strange security recommendations
Got mail from Thawte (company is their customer) with the following recommendations:
--
Our NEW, in-depth white paper, "Securing Your Private Keys as Best Practice for Code Signing Certificates," shows how to make your organization too difficult for cyber-criminals to target. Learn how to:
• Minimize access to source code
• Formalize processes with test and release signing
• Deploy a test root certificate and server
• Use cryptographic hardware devices
--
I always thought that open-sourcing and through testing makes system much more security attack-resistive. I have not yet read the document, but this annotation sounds some strange.
--
Our NEW, in-depth white paper, "Securing Your Private Keys as Best Practice for Code Signing Certificates," shows how to make your organization too difficult for cyber-criminals to target. Learn how to:
• Minimize access to source code
• Formalize processes with test and release signing
• Deploy a test root certificate and server
• Use cryptographic hardware devices
--
I always thought that open-sourcing and through testing makes system much more security attack-resistive. I have not yet read the document, but this annotation sounds some strange.
April 13, 2011
cannot transfer photos to ipad
Why the hell isn't it possible just to ADD some new photos to ipad without deleting (via sync) the old ones?! Why the hell the program is being sold for that purpose for $30?! And why the hell the camera connecting kit shows me only the jpgs from camera and not exported jpgs from lightroom copied to same SD-card?!
UPD: still cannot sync photos, tried 3 different computers, itunes shows _different_ problems: hdd has low space, cannot backup your ipad and finally cannot transfer your purchases to this computer AND photos are not synced to ipad!
Seems apple had tested only operations in which user pays money to apple such as buying stuff in their appstore.
UPD: still cannot sync photos, tried 3 different computers, itunes shows _different_ problems: hdd has low space, cannot backup your ipad and finally cannot transfer your purchases to this computer AND photos are not synced to ipad!
Seems apple had tested only operations in which user pays money to apple such as buying stuff in their appstore.
April 10, 2011
WTK 2.5.? key FIRE repeat bug and workaround proposed
WTK2.5 emulator has an annoying bug of repeating FIRE key in some circumstances.
Bug: in Canvas after first FIRE press/release method keyRepeat(FIRE) is called after each other key press (for example, after DOWN). Seems it's bug in WTK, cause in WTK 2.3 there's no such effect.
Workaround: test in your canvas constructor or in static init for
Bug: in Canvas after first FIRE press/release method keyRepeat(FIRE) is called after each other key press (for example, after DOWN). Seems it's bug in WTK, cause in WTK 2.3 there's no such effect.
Workaround: test in your canvas constructor or in static init for
boolean wtk = System.getProperty(microedition.platform).toLowerCase().indexOf("wtk") != -1After that return from keyRepeat() if wtk = true.Labels: bug, bugfix, j2me, workaround, wtk
iphone extarnal accessory [bad] experience
Yesterday we spent some 8 hrs with Daniil Safonov trying to connect microcontroller-based circuit, no luck at all.
If you want not just connect to audio in/out, but to send/receive bits, you just cannot do that without being reviewed by apple as an applicant of MFI program.
So you even wanna send or receive several bits over connector, you have no simple way to do that! The protocol of accessory identification is closed by Apple (with NDA and so on), fast hacks did not give us any luck.
From my point of view if you need catch some small data from external accessory, the most simple way is to use camera as input device (using some error-correction code), although there's no output device that useful. Funny thing: when applying for MFI, second step after entering your email, is entering name/address of your lawer.
Apple does its business from the trenches, and the war is against standalone developers-innovators. Does Apple just fear of loosing initiative?
Upd: same thoughts here in 1st comment.
Upd: Photo of our research process by Alexey Papulovskiy who joined us for discussing that accessory idea:
Update: my art. Feel free to download and use it anyway you like.
If you want not just connect to audio in/out, but to send/receive bits, you just cannot do that without being reviewed by apple as an applicant of MFI program.
So you even wanna send or receive several bits over connector, you have no simple way to do that! The protocol of accessory identification is closed by Apple (with NDA and so on), fast hacks did not give us any luck.
From my point of view if you need catch some small data from external accessory, the most simple way is to use camera as input device (using some error-correction code), although there's no output device that useful. Funny thing: when applying for MFI, second step after entering your email, is entering name/address of your lawer.
Apple does its business from the trenches, and the war is against standalone developers-innovators. Does Apple just fear of loosing initiative?
Upd: same thoughts here in 1st comment.
Upd: Photo of our research process by Alexey Papulovskiy who joined us for discussing that accessory idea:
Update: my art. Feel free to download and use it anyway you like.
April 1, 2011
Java 5/6: Java thread priority problem and workaround
Endre Stølsvik has very detailed research and explanation along with workaround to a problem of broken thread priorities in linux in his blog:
Linux Java Thread Priorities workaround
The kind of situation when you'd like to have priority changed is accepting socket thread under high load (or, of course, a DoS attack ;-) ), or GUI dispatch thread.
BTW, my opinion for running java server-side is strictly solaris-based server, if you can afford it. At least you won't have OS LWP creation overhead for each java thread you start.
I had never tried opensolaris for java deployment, but it seems like just a different build of same beast. Did you?
Linux Java Thread Priorities workaround
The kind of situation when you'd like to have priority changed is accepting socket thread under high load (or, of course, a DoS attack ;-) ), or GUI dispatch thread.
BTW, my opinion for running java server-side is strictly solaris-based server, if you can afford it. At least you won't have OS LWP creation overhead for each java thread you start.
I had never tried opensolaris for java deployment, but it seems like just a different build of same beast. Did you?
