c# - How can I certify the client? -

-

i have following scenario: client connects on tcp server. client sends credentials server (password, username, mac address). server validates credentials , handles client if data correct.

but right? want ensure 1 (on user profile registered) computer can use client. means client , computer must identified. i'm sure suggestion above pretty wrong. how can better?

this tricky problem, comments pointed out, users may fake machine information pretend computer.

what recommend hash machine information (e.g. sha-256), isn't obvious what information use identify computer. of course can learned attackers in multiple ways (monitoring, disassembly, etc).

here tips on data use uniquely identify machine. pick several characteristics, put them , hash them. of course means if user changes e.g. hard drive (and use serial identify computer), cannot connect anymore. suppose need offer "re-create key" function anyway in case users switch or modify computer.

this approach makes harder trick system, using multiple pieces of information , hashing them, forcing users a) figure out information use , b) how hash (definitely use salt). however, still possible that. question is: how high requirements? typical user won't able bypass this, if that's want should sufficient.

i'm not sure whether there can "perfect" solution problem, want protect system user. means encryption keys, certificates or whatever use known , available user. on top of that, users have access client application , analyze it. can modify computer in ways cannot prevent of forsee. in all, think best can make huge pain in backside bypass guards, nobody want bother / can minimize number of users may so.

the other thing can think of fancy logging , monitoring on server, e.g. detect user connected multiple times 1 machine, alerting or aborting 1 connection. again, can reduce abuse, not prevent it.


Comments

Post a Comment

Popular posts from this blog

java - Plugin org.apache.maven.plugins:maven-install-plugin:2.4 or one of its dependencies could not be resolved -

-
i getting error message , further 1 here: failed read artifact descriptor org.apache.maven.plugins:maven-install-plugin:jar:2.4: even though when go .m2 repository path c:\users\a591024.m2\repository\org\apache\maven\plugins\maven-resources-plugin\2.4 the maven-resources-plugin-2.4.jar file there , maven-resources-plugin-2.4.pom there. have tried delete .m2 repository no luck. far maven not build project desperately need to. any ideas? it seems proxy issue please aad following in setting.xml grabbing lan setting , proxy information. <proxies> <proxy> <id>proxy</id> <active>true</active> <protocol>http</protocol> <host>hostname</host> <port>port</port> </proxy> </proxies> this frequent issue, please see below link well. plugin org.apache.maven.plugins:maven-clean-plugin:2.5 or 1 of dependencies not resolved maven: failed ret...
Read more

Round ImageView Android -

-
Image
i working on android application in doing rounded image view. working fine images, images 160x120 resolution shows oval shaped. code custom imageview given below, please me out here: public class roundimage extends drawable { private final bitmap mbitmap; private final paint mpaint; private final rectf mrectf; private final int mbitmapwidth; private final int mbitmapheight; public roundimage(bitmap bitmap) { mbitmap = bitmap; mrectf = new rectf(); mpaint = new paint(); mpaint.setantialias(true); mpaint.setdither(true); final bitmapshader shader = new bitmapshader(bitmap, shader.tilemode.clamp, shader.tilemode.clamp); mpaint.setshader(shader); mbitmapwidth = mbitmap.getwidth(); mbitmapheight = mbitmap.getheight(); } @override public void draw(canvas canvas) { canvas.drawoval(mrectf, mpaint); } @override protected void onboundschange(rect bound...
Read more

How can I utilize Yahoo Weather API in android -

-
Image
i want develop app using yahoo weather api android. want current , forecast weather details. i have tried different sources (e.g.: https://github.com/survivingwithandroid/weatherlib , getting error weatherlib api android , unable execute activity in android weatherlib ) , getting different errors m unable resplve. there can proper tutorial or guide! error: -17 08:50:48.961 3168-3168/com.survivingwithandroid.weather e/androidruntime﹕ fatal exception: main process: com.survivingwithandroid.weather, pid: 3168 java.lang.runtimeexception: unable start activity componentinfo{com.survivingwithandroid.weather/com.survivingwithandroid.weather.mainactivity}: java.lang.nullpointerexception: attempt invoke interface method 'boolean java.util.list.isempty()' on null object reference @ android.app.activitythread.performlaunchactivity(activitythread.java:2298) @ android.app.activitythread.handlelaunchactivity(activitythread.java:2360) @ android.app.activi...
Read more