Where to store signing key in TPM

I’m using TPM 2.0 to do a remote attestation for a computer. In order to do that you have to generate a signing key from a primary key. This generate a public key and an encrypted private key. As per the official documentation it says “Preservation of the returned data is the responsibility of the caller”. So I’m wondering what the best thing to do from a security perspective ? store the private part in NVRAM ? and if I store both on disk, what are the scenarios that the key will be compromised ? And computing power necessary (for brute force for example) thanks

App Store won’t install free app

My wife and I arrived in Spain but we’re still on the US store. We installed WhatsApp on her iPhone 6 and used it a lot with our workgroup. When the iPhone 6 was damaged, we bought an iPhone 7 and put in her SIM card but my Apple ID. (Apple turned on two-factor without asking and won’t let us into her account until we enter the code from the SMS they sent to the broken phone!)

Restored from an iPad backup but the WhatsApp for iPad is not the same app and was not registered to install.

Find the correct one for the iPhone in the store, click “GET” and enter my password. “Ding” “Done” and then the download spinner turns for half a second and says “GET” again. The app is not installed. No pop-ups, messages, or diagnostics of any kind.

Previous phone was 16GB, this one is 32GB and less than half full.

Both had all updates installed promptly.

What is this and what can we do about it?

What is the best place to store resource files [duplicate]

This question already has an answer here:

  • Site Assets vs. Style Library 3 answers

What is the best place to store resource files like css, images & Javascript files.

At the moment i am storing them in layouts folder, but we can store the same in Style Library as well…

So is there any difference in terms of overall performance of the site?

How to store dynamic “select” values and names in a object for onchange event

I have a table of dynamic data which is echo’ed out on the webpage in a table format as shown in the picture

LINK FOR THE IMAGE: https://ibb.co/RCYwchv

so the table will have a lot of select tags with different names and values depending upon how much (applications are there ) iteration takes place!

     foreach($  data['applicationList'] as $  applications)                 {                       echo '<td><select name='.$  applications['aid'].'>                         <option value=000>Reject All<option>                         <option value=111>Accept All<option>                         <option value=100>Accept 1st Choise<option>                         <option value=010>Accept 2nd Choise<option>                         <option value=001>Accept 3rd Choise<option>                         <option value=110>Accept 1st and 2nd Choise<option>                         <option value=011>Accept 2nd and 3rd Choise<option>                         <option value=101>Accept 1st and 3rd Choise<option>                         </select></td> 

}

Is there any way i could capture all the different selected values and names which are changed and bind them to an object of key value pair to send it to the controller using javascript or jquery ajax? Could someone help me on this!

I can’t get rid of the page URL key in my store homepage

Concisely, my store homepage shows the URL key “/home” and I can’t get rid of it. If I browse the store root “www.website.tld/” I get an error “Too many redirects”.

I have laready checked almost everything I could think about:

  • Magento settings: Configuration > Web > Secure URL & Unsecure URL
  • htaccess rules
  • apache server settings
  • PHP redirects inside exisisting index.php files

All other URLs work fine, like www.website.tld/category_name/product

What else I should check to fix this issue?

DynamoDB – Event Store on AWS

I’m designing an Event Store on AWS and I chose DynamoDB because it seemed the best option. My desing seems to be quite good, but I’m facing some issues that I can’t solve.

The Desing

Events

Events are uniquely identified by the pair (StreamId, EventId):

  • StreamId: it’s the same of the aggregateId, which means one Event Stream for one Aggregate.
  • EventId: an incremental number that helps keeping the ordering inside the same Event Stream

Events are persisted on DynamoDb. Each event maps to a single record in a table where the mandatory fields are StreamId, EventId, EventName, Payload (more fields can be added easily). The partitionKey is the StreamId, the sortKey is the EventId.

Optimistic Locking is used while writing an event to an Event Stream. To achieve this, I’m using the DynamoDb conditional writes. If an event with the same (StreamId, EventId) already exists, I need to recompute the aggregate, recheck business conditions and finally write again if business conditions pass.

Event Streams

Each Event Stream is identified by the partitionKey. Query a stream for all events equals to query for partitionKey=$ {streamId} and sortKey between 0 and MAX_INT. Each Event Stream identifies one and only one aggregate. This helps to handle concurrent writes on the same aggregate using optimistic locking as explained before. This also grants great performance while recomputing an aggregate.

Publication of Events

Events are published exploiting the combination of DynamoDB Streams + Lambda.

Replay events

Here’s where the issues start. Having each event stream mapped with only one aggregate (which leads to having a great number of event streams), there’s no easy way to know which event streams from which I need to query for all events.

I was thinking of using an additional record, somewhere in DynamoDB that stores in an array all StreamIds. I can then query for it and start quering for the events, but if a new stream is created while i’m replaying, I’ll lose it.

Am I missing something? Or, is my desing simply wrong?

I just created a Store System using Electron, React, Material-UI, Redux, Redux-Saga, MySQL and Sequelize, and here is the result

This project is part of my personal portfolio, so, I’ll be happy if you could provide me any feedback about the project, code, structure or anything that you can report that could make me a better developer!

Also, you can use this Project as you wish, be for study, be for make improvements or earn money with it!

https://github.com/steniowagner/store-system

const whenShouldHelpCommunity = () => {     const when = 'always';      return when; } 

How to store message content in a webservice

I am building a service responsible for sending email/sms communications. The service receives a request that contains information necessary to build an email/sms template and the recipient information of where to send it.

Example CURL request:

    curl -X POST \   http://service.local/api/finance/payment-reminder \   -H 'Postman-Token: ec32d436-8eef-4660-8424-600bfca6a3fb' \   -H 'X-API-KEY: secret' \   -H 'cache-control: no-cache' \   -H 'content-type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW' \   -F method=email \   -F name=dave \   -F email=dave@dave.com \   -F amount=100 \   -F due_date=now \   -F phone_number=8957598696 

Now from here I load the relevant class, send the template via the specified method to the recipient.

From here I need to persist the information I have sent to the customer in order to be able to show consumers of the system what communications have been sent to any given customer.

Thinking about it I have two options:

  1. I can store the request data and the class path used to generate the template and rebuild it if required.

The issue with this is the template may very well be changed in the future. If this happens then my representation of the communication sent is not accurate. Also at some time in the future a template could be moved/deleted and this would cause rebuilding to be impossible.

  1. Store the entire generated output of the template file (HTML for email, text for SMS)

This doesn’t feel ‘clean’ for me as I don’t necessarily like the idea of storing HTML in a database table.

Am I overthinking the storing of HTML and in this scenario it is fine to do. Obviously there will be no need to edit the information once the content has been persisted.