So I've successfully written a metaclass that gives python the functionality of private attributes in classes. Q: But what about `inst.__private`? A: >>> class A(object): __slots__ = ['__private'] def __new__(cls): inst = object.__new__(cls) inst.__private = 10 return inst def showprivate(inst): return inst.__private >>> inst = A() >>> inst.showprivate() 10 >>> inst._A__private = 20 # security through obscurity never works >>> inst.showprivate() # sorry not private 20 With my metaclass, private attributes are inaccessible outside native and super-native namespaces: class A(object, metaclass=privatetype): __slots__ = ['A'] __private__ = ['B'] # NOTE: __slots__ is enforced for security regardless of local definition def __new__(cls): …

Member Avatar
Member Avatar
+0 forum 22

My question is there are thousands of websites which are pursuing candidates that they have 100% real guaranteed exam questions and dumps like; * [ExamsTrainer](https://www.examstrainer.com/) * [DumpsAcademy](https://www.dumpsacademy.com/) If they are true in this regard, these certifications have lost their worth?

Member Avatar
Member Avatar
+0 forum 2

> Last month, Facebook admitted to storing million of Facebook passwords in plaintext. The Verge Apr 18, 2019 We see students being taught login systems here and a recurring mistake is passwords being stored in databases. It appears that CompSci courses teach bad practices early and as we know it's hard to unlearn what you learn earlier. Further reading seems to indicate these passwords may have collected via logging. "But as Krebs on Security first reported, various errors seem to have caused Facebook’s systems to log some passwords in plain text since as early as 2012." I'm been chided for …

Member Avatar
Member Avatar
+3 forum 3

For those very new to this area, please google SIM SWAP and discover a very nasty security issue with all phones we use today. At first glance the new security researcher might think I'm exaggerating. Do your own research and tell me you don't find this to be one of the most foul, nasty exploits I've seen in years. This exploit was recently used to highjack a writer's phone at https://www.zdnet.com/article/sim-swap-horror-story-ive-lost-decades-of-data-and-google-wont-lift-a-finger/ His case is still developing with loss of accounts, tax returns he stored on the Clouds, and a 25,000USD Bitcoin purchase. And we're not talking thousands of dollars in …

Member Avatar
+0 forum 0

A survey of attendees at Infosecurity Europe earlier this month showed 70 percent in favour of the dictionary definition (in this case the Cambridge Dictionary) of a hacker being amended. The amendment in question being to remove 'illegality' from the definition. The current definition of a hacker is "a person who is skilled in the use of computer systems, often one who illegally obtains access to private computer systems". So what do you reckon, DaniWebbers? Is it time that hacker was reclaimed entirely (rather than relying upon black and white labels) and if so what word should replace it as …

Member Avatar
Member Avatar
+0 forum 8

Ok, So I sell some online services basically there is no need for my clients to put in their shipping address but paypal still asks for shipping address on the checkout page they are taken to from the payapl button. Is there a way to remove that option? I I'm sorry if I am asking this at the wrong place I am kind of a newbie here. Thanks

Member Avatar
Member Avatar
+0 forum 1

I try to mark content from a web-page (with pictures, hyperlinks etc) to clipboard and then paste it into Microsoft Word (belonging to the Office 365 Home suite). Then I discover problems starting with the following warning: "A potential vulnerability has been identified in Microsoft Office. This document contains fields that can share data with external files and Web sites. It is important that this file comes from a reliable source." (I do not use English as my working language, and this warning is translated to English using Google Translate... :-)) The screen is often flickering two or three times …

Member Avatar
Member Avatar
+0 forum 1

I've encountered an unknown user appear in my calls log and its had a 16mins airtime videocall to this person in messenger. I'm just suprised, it was appear in my call logs even though I didn't do anything Can anyone help me to track this code or identify who is owner of this account in facebook. I attached the screenshot for your reference and Here's the code that I saw in the contact information of this person. Btw, I'm using IPhone 7 , Idk if this is only a glitch or not. **EIBTUHQ9AHSwSWDqeuw9N3J2dD7KpAcTKxBTZuk8M3LkDRao2HxOnjmGeRylF5RGYOOboRGtRVrDAG** I hope someone on this group will …

Member Avatar
Member Avatar
+0 forum 2

It is with deep regret that I inform everyone that it just very recently came to my attention that the DaniWeb database was breached in December 2015. Over a million user profiles, including email addresses and IP addresses, were stolen. Logins and passwords were protected through an additional security layer and were **NOT** able to be stolen. While encrypted versions of passwords were stolen, without access to the old version of DaniWeb's code base, there is no way for a hacker to figure out the very unique encryption method, which included multiple unique salts, which we used. Please note this …

Member Avatar
Member Avatar
+3 forum 20

I would like to inform the people here on this site (Daniwebs) community know that my account here with Daniweb was not only accessed and found to have been accessed on the Darkweb, it was hacked. I have yet figured out exactly what they were using my account for, or to do while on my account yet and from where, what IP address or hopefully who. When I do figure this out, I will update as I make progress. A note to those that are quickly thinking "I must have used an unsecure password like password, 1234, admin, etc." well …

Member Avatar
Member Avatar
+0 forum 8

Hi I am talking GDPR and Data Protection Act 2018. Can an organisation in the UK have its sales staff wearing name tags/badges with the employees' full name displayed on them? Thanks

Member Avatar
Member Avatar
+0 forum 2

I could easily buy a liquid cooler and call it a day, but unfortunately this is going into a 4U rack server chassis. it has a double 120mm fan but its covered by drive bays. the only other fan is 80mm, and i dont know any liquid coolers with a radiator that small. I am thinking air cooler. It is a i7-7800X so im concerned about temps. Ideas for cooling?

Member Avatar
Member Avatar
+0 forum 1

I download some music songs from a website. The website gets the requests from users and then it searches through WWW and lists you hundreds of URL that may have fulfilled your requests. I got what I want, but when I doubled clicks the music files, which are of RM format, a webpage immediately popped out. Do you think if the downloaded music files had been infected by spywares?

Member Avatar
Member Avatar
+0 forum 1

Hello, After searching over the internet how to secure a web application(forms) in PHP, in most of the cases were just suggestions not a short and real example. In some cases is suggested to use strip_tags( trim( $_POST['PARAMETER'] ) ); but when you have some special inputs like comments field htmlentities ( trim ( $_POST[ ‘comment’ ] ) , ENT_NOQUOTES ); is suggest. Maybe there is a useful example (custom made function) to achieve standard safe methods without introducing complicated libraries like HTMLPurifier into the application. Thank you for your time!

Member Avatar
Member Avatar
+0 forum 5

Hello friends, I am facing problem related to my email service. I just want to know that How do I recover my RoadRunner email password. If anyone have good knowledge about this. Then please share with me. Thank you

Member Avatar
Member Avatar
+0 forum 2

Dear folks Simple task can't get it work https://www.askdavetaylor.com/enable-parental-controls-linksys-wi-fi-router/ Tried to block internet access for one of my iPhone for testing purpose (it has dummy SIM means no cellular data) Enable Parental Controls (i.e it is ON) Choose a specific home device that I want to block then choose option : "Always" ,,,,,,,,,,,,my router screenshot same as the link above Click Apply But it didn't work !!!! Tried another iphone same issue I have latest firmware and I did restart the router as well Am I missing something ? Thanks

Member Avatar
Member Avatar
+0 forum 1

Hello, One type of SQLIA is UNION Query and I still do not completely understand what is the point. SELECT Name, Address FROM Users WHERE Id=$id by injecting the following- Id value: $id=1 UNION ALL SELECT creditCardNumber,1 FROM CreditCarTable. We will have the following query: - SELECT Name, Address FROM Users WHERE Id=1 UNION ALL SELECT creditCardNumber, 1 FROM CreditCarTable What is the point of uniting the sqlia with another table which values are being kept secret? Are main point is to be able to login to the admin for example.

Member Avatar
Member Avatar
+0 forum 4

How to prevent Illegel/ Logically Incorrect Queries? Illegal/Logically Incorrect Queries 1)Original URL:http://www.arch.polimi.it/eventi/?id_nav=886 2)SQLInjection: http:/`/www.arch.polimi.it/eventi/?id_nav=8864' 3) Error message showed: SELECT name FROM Employee WHERE id =8864' from the message error we can find out name of table and fields: name; Employee; id. By the gained information attacker can arrange more strict attacks Should I hide the error message into 404 - Error instead of showing all of them? or is there any other method to prevent this?

Member Avatar
Member Avatar
+0 forum 1

Hello, I am trying to understand prepared statement and what it does. https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet#Defense_Option_1:_Prepared_Statements_.28Parameterized_Queries.29 "Prepared statements ensure that an attacker is not able to change the intent of a query, even if SQL commands are inserted by an attacker. In the safe example below, if an attacker were to enter the userID of tom' or '1'='1, the parameterized query would not be vulnerable and would instead look for a username which literally matched the entire string tom' or '1'='1. " If an attacker input: userID of tom' or '1'='1 what will prepared statement detect as a userID? userID: tom Is that …

Member Avatar
Member Avatar
+0 forum 3

I am inform every bady in bar codes

Member Avatar
Member Avatar
+0 forum 2

Hello, I am planning to do my Thesis on SQLIA and now I am trying to understand something about SQLrand. SQLrand - a system for preventing SQLIA against web servers. The main intuition is that by using a randomized SQL query language, specific to a particular CGI application, it is possible to detect and abort queries that include injected code. Now, I do not understand how to randomized the SQL query language? https://www.w3schools.com/sql/func_sqlserver_rand.asp is that how you randomize the SELECT SQL command ? Please gives me some guidelines. Thanks in advance.

Member Avatar
Member Avatar
+0 forum 3

Recently Thunderbird asked me to login again for Gmail. It presents me a form in which I have to insert the password. It is the same form as when I login to my Google account via my browser. Only the NEXT button does not work. Do you have an idea how to solve this?

Member Avatar
Member Avatar
+0 forum 4

hello everyone.. i am a final year student. we are asked to do a project in networking.. what kind of project in networking should i do.. i confuse what kind of project should i do.. i am in need of a project topic which is feasible and can be finished within 2 months duration.. i'll be very thankful if u can suggest me a good topic.. thanks in advance..

Member Avatar
Member Avatar
+0 forum 5

I was working on C# windows application as front end and SQL as back end I have display my sql table data in dtatgridview. [B]I want to display the data in textbox whatever row i select in datagridview.[/B] I have write some code but its not showing data in textboxes. here is my code: [B]the code is on datagridview cellcontentclick event[/B] [CODE] cn.ConnectionString = "Data Source=sam-AB59A9C19;Initial Catalog=master;Integrated Security=True"; cn.Open(); SqlCommand cmd = new SqlCommand(); SqlDataReader rdr; string cd = dataGridView1.SelectedRows.ToString(); string CommandText = "select * from acc where id=@id"; cmd = new SqlCommand(CommandText); cmd.Connection = cn; cmd.Parameters.Add(new SqlParameter("@id", System.Data.SqlDbType.VarChar, 20, …

Member Avatar
Member Avatar
+0 forum 10

Here's the full notice -> https://arstechnica.com/information-technology/2018/05/fbi-tells-router-users-to-reboot-now-to-kill-malware-infecting-500k-devices/ You can read what happened if you wish but just a r̴e̴b̴o̴o̴t̴ ̴a̴n̴d̴ ̴i̴t̴'̴s̴ ̴g̴a̴m̴e̴ ̴o̴v̴e̴r̴ ̴f̴o̴r̴ ̴t̴h̴i̴s̴ ̴m̴a̴l̴w̴a̴r̴e̴.̴ **Update in new reply.**

Member Avatar
Member Avatar
+0 forum 1

Hello, I am in the middle of learning about IT Security. I wonder why sometimes people uses ASCII value for SQL injection attack? Do you know the reason why? Why not using normal ' mark.

Member Avatar
Member Avatar
+0 forum 3

Hello, I have a question about who uses https:// instead of http:// ? What is the point of encrypting the information if that is the point? Who normally uses it? Ecommerce? Bank? Who else? If am I right?

Member Avatar
Member Avatar
+0 forum 6

I think the community in general will benefit from this discussion. I have an IT horror story I would like to tell everybody about. Additionally I have discovered some solutions to some IT problems, which may have been faced by others in the community. A few years ago I started going to college, and got wholluped by a gang of social engineers in the omaha/bellevue area. Unbenounced to me they were actually preforming skits on me in order to preform black mail attacks at a later date. Now you may believe that if you aren't doing anything wrong you should …

Member Avatar
Member Avatar
+0 forum 3

In case you missed it Google has a serious problem with Symantec SSL certificates and is removing their Greenbar status in Chrome as well as rolling out "not trusted" notices for sites using mis-issued certs by Symantec. https://techcrunch.com/2017/03/27/google-is-fighting-with-symantec-over-encrypting-the-internet/ In response to the problems Namecheap is offering free replacement of the certificates - you get whatever time is left on your Symantec SSL certificate on a Comodo SSL for free. https://www.namecheap.com/security/symantec-ssl-certificate-free-replacement.aspx

Member Avatar
Member Avatar
+0 forum 3

what is SSL and HTTPS is there any major distance?

Member Avatar
Member Avatar
-1 forum 2

The End.