Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Submission + - Secure Application Password Management

JPyObjC Dude writes: When designing any system that requires automated privileged access to databases or services, developers often rely on hard coding (embedding) passwords within the source code. This is obviously a bad practice as the password is then made available to anybody who has access to the source code (eg. software source control). Putting the passwords in configuration files is another practice but it is still quite insecure as cracking hashed passwords from a text file is still a trivial exercise.

[Q] What do you do to manage your application passwords so that your system can stil run completely automated and yet make it as difficult for hackers to get their hands on this precious information?

Submission + - Welcome to the controversy - MS wants laptops back

newscloud writes: "Snap. Apparently, after yesterday's Slashdot post on Microsoft giving bloggers $2,200 laptops, the company reversed itself. GeekNews says:
Someone at Microsoft has lost their minds! Well first Microsoft gives bloggers laptops with Vista loaded on it for review and they are told they can do whatever they want with the laptop as in keep it, give it away when they were done with the review. But shockingly today Microsoft has asked that the laptops be returned after the people get done doing the reviews.
Hey Microsoft, where's my laptop? Could I have one of these? I hear it runs Windows."

I have a theory that it's impossible to prove anything, but I can't prove it.