Problems & Solution Windows 10 Home Version 1803

Problem:

1. On Taskbar right side – showing connected to network. But, on browser – it   says – Not connected to Internet.
2. On Settings – Network & Internet Option is blocked and will not open

Solution:

1. Open Windows Power shell
2. Execute Following Commands One after another
3. After each Command Execution Reset Windows

  • netsh int ip reset
  • netsh winsock reset all
  • netsh int tcp reset all
  • netsh int ip4 reset all
  • netsh int ip6 reset all
  • netsh int httpstunnel reset all
  • ipconfig /flushdns

 

Google Map Blank Screen Problems & Solution on Windows 10 & Firefox

1. I use Windows 10 Home Version 1803 and Firefox 69.0 (32 bit)
2. Suddenly I observed that Google Maps opened on browser is always showing a blank screen
3. On Windows Notification Area – it says Application Firefox.exe has been blocked from accessing Graphics Hardware
4. I tried to change Firefox Options like [Performance] etc. But nothing worked
5. Then, I opened CMD with Administrator rights and,
6. Executed 3 Commands like:

  • sfc /scannow
  • DISM.exe /Online /Cleanup-image /Scanhealth
  • DISM.exe /Online /Cleanup-image /Restorehealth

7. Then rebooted the PC
8. Everything is fine now

How to make your Authorize.Net e-commerce website PCI Compliance

What is PCI Compliance?

The Payment Card Industry Data Security Standard (PCI DSS) is a set of comprehensive requirements developed by the major card brands to facilitate the adoption of consistent data security measures. Each year Authorize.Net renew their PCI DSS compliance.

Authorize.Net maintains the core of the PCI DSS which is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized:

1. Build and Maintain a Secure Network
2. Protect Cardholder Data
3. Maintain a Vulnerability Management Program
4. Implement Strong Access Control Measures
5. Regularly Monitor and Test Networks
6. Maintain an Information Security Policy

Software Developers Role for PCI Compliance

Most of PCI DSS requirements that affect software development fall within requirements 3, 4, and 6 of the standard. Requirements 3 and 4 concern the protection of cardholder data, in that any developed application that processes, stores, and transmits cardholder data, must meet PCI DSS functional security requirements. This protection includes elements like access control and encryption of cardholder data. Application functional PCI requirements are expected to be instructed by the organization to developers, as part of the application’s requirement definition. They can therefore be regarded as not a direct development PCI responsibility. Developers are directly responsible for compliance with PCI DSS requirement 6, since this section of PCI DSS concerns application development.

For the PCI DSS requirement 6 – Developer will maintain an Information Security Policy

Developer responsibility lies as follows:

1. Establish a process to identify security vulnerabilities, by using reputable outside sources for security vulnerability information, and assign a risk ranking (for example, as ‘high,’ ‘medium,’ or ‘low’) to newly discovered security vulnerabilities.

2. Ensure that all system components and software are protected from known vulnerabilities by installing applicable vendor-supplied security patches. Install critical security patches within one month of release.

3. Develop internal and external software applications (including web-based administrative access to applications) securely, as follows:

• In accordance with PCI DSS (for example, secure authentication and logging)
• Based on industry standards and best practices
• Incorporating information security throughout the software-development life cycle

Which helps ensure that applications are developed in a structured manner, by using development processes that adhere to known secure best practices.

PCI Myth Busting: Which applies to applications developed by external third parties on behalf of the organization.

4. Remove development, test and custom application accounts, user IDs, and passwords before applications become active or are released to customers.

5. Review custom code prior to release to production or customers to identify any potential coding vulnerability (using either manual or automated processes).

Developers should receive secure code training upon hire and at least annually. It is recommended to have developers sign an agreement or ideally pass an exam to demonstrate compliance with requirement 6 are directly based on the current OWASP Top Ten guidance. The OWASP Top Ten is regarded as industry best practice for secure application development. Requirements 6 norms are subject to change outside the PCI DSS three-year update cycle. When OWASP releases an updated top ten, be aware that PCI DSS requirements 6 instantly changes to reflect the latest best practice.

OWASP (Open Web Application Security Project) Top Ten:

OWASP (Open Web Application Security Project) is an organization that provides unbiased and practical, cost-effective information about computer and Internet applications. Project members include a variety of security experts from around the world who share their knowledge of vulnerabilities, threats, attacks and countermeasures.

1. Invalidated input: Information from web requests is not validated before being used by a web application. Attackers can use these flaws to attack backend components through a web application.

2. Broken access control: Restrictions on what authenticated users are allowed to do are not properly enforced. Attackers can exploit these flaws to access other users’ accounts, view sensitive files, or use unauthorized functions.

3. Broken authentication and session management: Account credentials and session tokens are not properly protected. Attackers that can compromise passwords, keys, session cookies, or other tokens can defeat authentication restrictions and assume other users’ identities.

4. Cross site scripting (XSS) flaws: The web application can be used as a mechanism to transport an attack to an end user’s browser. A successful attack can disclose the end user’s session token, attack the local machine, or spoof content to fool the user.

5. Buffer overflows: Web application components in some languages that do not properly validate input can be crashed and, in some cases, used to take control of a process. These components can include CGI, libraries, drivers, and web application server components.

6. Injection flaws: Web applications pass parameters when they access external systems or the local operating system. If an attacker can embed malicious commands in these parameters, the external system may execute those commands on behalf of the web application.

7. Improper handling: Error conditions that occur during normal operation are not handled properly. If an attacker can cause errors to occur that the web application does not handle, they can gain detailed system information, deny service, cause security mechanisms to fail, or crash the server.

8. Insecure storage: Web applications frequently use cryptographic functions to protect information and credentials. These functions and the code to integrate them have proven difficult to code properly, frequently resulting in weak protection.

9. Denial of service (DoS): Attackers can consume Web application resources to a point where other legitimate users can no longer access or use the application. Attackers can also lock users out of their accounts or even cause the entire application to fail.

10. Insecure configuration management: Having a strong server configuration standard is critical to a secure web application. These servers have many configuration options that affect security and are not secure out of the box.

Observation on PCI Compliance in perspective of Authorize.Net

1. Authorize.net absolutely says AIM is recommended and most secure. Check it out here: http://developer.authorize.net/api/aim/

2. That any method can be bad if the developer doesn’t use proper methods.

3. But, even if a developer uses https for the check out form, purchases an SSL, and scans their site daily, that is NOT enough to be PCI compliant (according to the PCI self-assessment questionnaire)

4. And, those are the only things that Authorize.Net seems to be saying are necessary

5. If you read the questionnaire (or do a search for PCI compliant servers), you will see that it takes a lot of work to have a PCI compliant server

6. http://www.rackspace.com can offer a PCI compliance hosting server

7. A properly coded site never records the CC in the site’s database.

8. The CC is passed along from page to page as a form POST parameter over a SSL encrypted connection.

9. It will be in the server’s memory for a time,

10. But not in any place that an attacker could get at without a great deal of difficulty, and if they could do that, you’re toast anyway

https://www.secureserver.net/?prog_id=531583

Create your mobile compatible web site with www.dudamobile.com

Today – I came across a site called http://www.dudamobile.com

Functionality wise it is:

1. Accepting one URL and,

2. Creating one new HTML site with
a. Option: Basic (Free)
b. Option: Premium (Paid)

3. Storing the new HTML site – within an URL like: http://mobile.dudamobile.com/site/ProjectName

4. Allowing following features for the new HTML site as follows:

a. Preview on emulators like: iPhone, Android, Windows Phone and BlackBerry
– Here you can Log-in and access the sites features.
Data is being fetched from the sites Database

b. Edit the new HTML site for Layout, Style, Header and Navigation and Re-Publish
c. Share the new HTML site on: facebook, twitter, google plus etc.
d. Show Visit Statistics: Date Range wise – Total Visits, Visited Pages, Traffic Sources
(Direct or from Search etc.), Source Devices (OS/Browser), Geo Location
e. You can also Delete the new HTML site

5. Providing a script To re-direct the site to the above URL for Mobile User

Eight rules for creating the right conditions for a Software Company

Very recently – I came across one article on the Internet.
I liked this article and therefore – I am posting the same with little changes as follows:-

Here are eight rules for creating the right conditions for a Software Company Culture:

1. Hire the right people

Hire for passion and commitment first,
experience second, and
credentials third.
There is no shortage of impressive CVs out there, but you should try to find people who are interested in the same things you are.

You don’t want to be simply a stepping stone on an employee’s journey toward his or her own (very different) passion.

Asking the right questions is key: What do you love about your chosen career?
What inspires you?
What courses in school did you dread?
You want to get a sense of what the potential employee believes.

2. Communicate

Once you have the right people,
you need to sit down regularly with them and discuss what is going well and what isn’t.
It’s critical to take note of your victories, but it’s just as important to analyze your losses.
A fertile culture is one that recognizes when things don’t work and adjusts to rectify the problem.
As well, people need to feel safe and trusted, to understand that they can speak freely without fear of repercussion.

The art of communication tends to put the stress on talking,
but listening is equally important.
Great cultures grow around people who listen, not just to each other or to their clients and stakeholders.
It’s also important to listen to what’s happening outside your walls.
What is the market saying? What is the zeitgeist?
What developments, trends, and calamities are going on?

3. Tend to the weeds

A culture of passion capital can be compromised by the wrong people.
One of the most destructive corporate weeds is the whiner.
Whiners aren’t necessarily public with their complaints.
They don’t stand up in meetings and articulate everything they think is wrong with the company.
Instead, they move through the organization, speaking privately, sowing doubt, strangling passion.
Sometimes this is simply the nature of the beast: they whined at their last job and will whine at the next.
Sometimes these people simply aren’t a good fit. Your passion isn’t theirs.
Constructive criticism is healthy, but relentless complaining is toxic.
Identify these people and replace them.

4. Work hard, play hard

To obtain passion capital requires a work ethic.
It’s easy to do what you love.
In the global economy we can measure who has a superior work ethic,
who is leading in productivity.
Not many industries these days thrive on a forty-hour work week.
A culture where everyone understands that long hours are sometimes required will work if this sacrifice is recognized and rewarded.

5. Be ambitious

“Make no little plans: they have no magic to stir men’s blood.”
These words were uttered by Daniel Burnham, the Chicago architect whose vision recreated the city after the great fire of 1871.

The result of his ambition is an extraordinary American city that still has the magic to stir men’s blood.
Ambition is sometimes seen as a negative these days, but without it we would stagnate.
You need a culture that supports big steps and powerful beliefs.
You can see these qualities in cities that have transformed themselves. Cities are the most visible examples of successful and failed cultures.

Bilbao and Barcelona did so and became the envy of the world and prime tourist destinations.
Pittsburgh reinvented itself when the steel industry withered.
But Detroit wasn’t able to do the same when the auto industry took a dive.

6. Celebrate differences

When choosing students for a program, most universities consider more than just marks.
If you had a dozen straight-A students who were from the same socio-economic background and the same geographical area, you might not get much in the way of interesting debate or interaction.
Great cultures are built on a diversity of background, experience, and interests.
These differences generate energy, which is critical to any enterprise.

7. Create the space

Years ago, scientists working in laboratories were often in underground bunkers and rarely saw their colleagues; secrecy was prized.

Now innovation is prized.

In cutting-edge research and academic buildings, architects try to promote as much interaction as possible.

They design spaces where people from different disciplines will come together, whether in workspace or in common leisure space. Their reasoning is simple: it is this interaction that helps breed revolutionary ideas.

Creative and engineering chat over coffee.

HR and marketing bump into one another in the fitness center.

Culture is made in the physical space.

Look at your space and ask, “Does it promote interaction and connectivity?”

8. Take the long view

If your culture is dependent on this quarter’s earnings or this month’s sales targets, then it is handicapped by short-term thinking.

Passion capitalists take the long view.

We tend to overestimate what we can do in a year, but underestimate what we can do in five years.

The culture needs to look ahead, not just in months but in years and even decades.

Visit www.entrusted.in – Asoke’s New Project

from Oliver Abel
to Asoke Mukherjee , sarvjeet singh
date Sat, Jan 14, 2012 at 9:35 PM
subject Re: http://www.EnTrusted.in Calculator
mailed-by gmail.com
signed-by gmail.com

Asoke,

Great job!

Thanks for all your help. The calculator pages came out much better than expected.

There is an article below that you might find interesting. I just came across this article. I think that the 5 calculator pages are way ahead of the others mentioned in the article. In fact, I have visited the sites mentioned in the article and the calculator pages are far more advanced.

http://www.consumerreports.org/cro/magazine-archive/2011/february/money/financial-planning/online-retirement-planning/index.htm

It is good to know that we are on the cutting edge.

Oliver