I built an auto-update feature to my program. It polling an xml in some http url, and in case there is new version is notifies the user and downloading the new files.
I want to allow redistributing of those updates in closed networks without internet connections. The administrators can download all update files and host in some HTTP server in the network.
The problem is that the xml URL will not be the same, so I want to allow change this URL in the program's config file. This is openning the door to malware publishers: they can redistribute my program with other URL in the config file, and then distribute some form of malware through the auto-update system of my program, then the people will say my program is a virus.
I want to block the chance to change the original auto-update xml to block this kind of malware distribution. How do I do that?
I think I understood your problem. But this problem is not yours to handle. The users should only download your application from a trusted source. You cannot stop a user from downloading malware, its their problem if they do so. Also, it is the users that will add/change a URL to the config file and you cannot stop them from adding a malicious URL to the config file. And even if you have the original update URL hard coded in your application, it wouldn't be hard for a user with malicious intent to change it and recompile your application and distribute it. Or else you can use cryptography to ensure that the original URL is unchanged.
Related
In my web application, user can download a zip file, I want to extract that zip file automatically after downloaded.
I want create a batch file and want to execute that after download is complete in client machine, that will extract zip file automatically.
How to achieve in ASP.Net...
It's almost impossible AMAIK. Because let's see what happens behind the scene. When you send a zip file to your client (User Agent, which in this case is browser), you simply send an HTTP response. From that point onward, you have no control over what happens.
Imagine it was possible. I would wrap up a virus in a zip file. Then I would persuade many victims to click a link for their free gift download, and after downloading I would make it unzip, then run and delete all your favorite songs. It's a security concern.
In general, HTTP and JavaScript are not allowed to do much with file system and host OS. Because you don't know what website you might step on while surfing the Internet.
Often times a program requires a file that happens to be on a network location. Take for instance Outlook. If I where to place an outlooks database (.pst file) in a network location then windows will make that "transparent" to the user and outlook will still be able to work. Another example could be quickbooks and many more. (as long as you have permissions to write and read)
For this example let's use Microsoft Word. If I would want to open a file in some other computer in the network I would be able to navigate to it as:
and open the file that I want because we are on the same network.
Now my question is how will I be able to simulate that? I want to have a virtual directory on the internet where I can place lets say my .pst file and then select it from windows explorer as:
(this example obviously does not work)
Will it be possible to do that? I believe windows uses a tcp connection with the host computer and then the host responds with he files that it shares. I will like to implement a program that does that so that I could avoid having to create a vpn. Also it will be nice if I could have my pst (outlook database file) on the internet so that all my computers open the same outlook database.
Note my purpose of this question is to open an outlook database file on a network location. I will like to be able to select a file on the internet from windows open file dialog. Also in todays world everything pretty much exists. I will like to create it lol
Windows provides a network redirector for CIFS (Common Internet File System, formerly SMB Server Message Block) resources. Writing a CIFS server is the easiest approach.
But you can also use one of the other existing redirectors, such as NFS, WebDAV, or Netware. And it's also possible to write new redirectors (though that requires kernel mode code, there are some development kits that provide the kernel code for you, similar to a Linux FUSE filesystem).
If you want to avoid writing code, WebDAV over HTTPS will provide you secure access (no need for a VPN layer) and software already exists.
It depends on how the server on the internet is set up to make its files available. Most often tcpip is not the protocol used for this - it is FTP, SFTP, HTTP or something similar. I believe Windows Explorer uses RPC calls over a local network to accomplish this. I don't think you will be able to use the Open File Dialog, you will have to write something similar that works over the protocol you need to use.
I am creating a WPF project, and deploying it using ClickOnce. Since the .xbap file is downloaded to the client, and run it from the client machine the client can edit the file and do anyting they wants. That is, if the App.Config file of my WPF appliaction is downloaded along with the .xbap file, and I use some settings to control the behaviour of the application, or use some info like my service detauls, and the user goes to the downloaded location and edits those details they can do anything with it. I have tested this, and this can be done. I have singed my assebmly and manifest with a .pfx certiciate
Since I have signed my assemsbly/manifest, if I perform the same action in the server, the application shows an HashVerification error. Why doesnt this happen in the client side. I think, this is far more important to work in client side then on the server side.
What is the work around to stop users? This could be a serious security issue for many apps. I think this can also be done with Silverlight apps, as it behaves same (not sure if I can paste my modified .xap file to Temporary Internet Folder).
Thanks
Never trust a client.
Whatever you are trying to prevent, expect the user to be an administrator and ready to hack your application.
If you have something to hide (password, connectionstring, ...) do not pass it to the client, keep it on the server.
What is the purpose of settings that cannot be changed by the user?
If you want these values to be constant in the deployed code, then I would consider making them constants or resources.
I need to save a text file on the client side possibly without permission. The case is that I need to save this text file in a shared folder in this or in another machine in the lan. This text file is going to be read automatically by the fiscal printer which will print the fiscal invoice. I have a asp .net web application and the server is not on the same lan with the fiscal printer, so I have to write it on the client-side. Any idea how to do this without asking to the user every time for the security issue.
I need a cross browser solution.
I can accept a solution like, the client is asked only one time a the first printing, but not every time he wants to print a bill. Some kind of asking permission to the client for allowing this website, in order to not repeat the permission asking.
Obviously - this would be a major security breach to download files to the user's computer without them knowing. All browsers have precautions in place to prevent this from happening.
No, you can not do this. Saving a file to a computer without permission in a public folder is not allowed.
You can, however, have your Client install your application which will have the ability to read and write where you want.
A common way that Trojan viruses to this is by giving the Client some goofy program to run that displays a fireworks show or something else quite trivial. While the Client is busy wondering what he's looking at, your virus is installing quietly in the background.
Now, you are probably saying to yourself, "But I am not installing a virus." However, there is no way for a Browser to know if your application is a virus or not. That is why it is not allowed and why you can not do it.
The more applicable scenario for me is:
1- Do your work inside your web application.
2- Get the information that you need to print.
3- Send it to another computer directly (or to a hosted web service) and this computer will act as a host for these files.
4- let your server access this shared folder, and print what you want
You could use a cookie, which won't ask permission. Of course that would only work when cookies are enabled and can store limited amounts of data.
Specifically, this is for a .NET 2.0 desktop application. Currently we require the user to manually go through the update process via our website.
What are the best ways of doing a silent or automatic upgrade of the client behind the scenes?
Thanks!
I would suggest a read of chapter 4 of Microsoft's .NET Applications Lifecycle Guide. The one I would promote is hooking up an Automatic Update system - you can write a small system to contact a web server that you own, check if there is an upgrade available, download and install the upgrade patch.
You may take a look at ClickOnce or Updater Application Block.
I'm not a big fan of ClickOnce. I like the concept, but not the specific implementation.
The way I have done an application update system in the past is to zip all the application's files into a container file and put it on my web server. To make things easier, I automated the creation of the container file. On the web server, I have a version info file that lists the current version and the container's url like this: 1.0.0.0|http://www.example.com/path/to/container.file. To parse the version info file, all the application needs to do is split the file contents using the pipe character '|'. The first array element will be the version number and the second element will be the container file path.
On startup and at an regular interval such as every 2 days (just in case the user leaves the application running for an extended period of time), I have the application check the version info file on the web server and determine if the version listed there comes after the running version. If there is an update, the application prompts the user. If the user wants the update, the application downloads the container from the url specified in the version info file and saves the contents in the application's folder, renaming the currently running exe to xxx.exe.old to allow the new exe to be saved as xxx.exe. Then the application restarts itself and the new exe deletes xxx.exe.old.
When you want to publish a new version of your application, all you need to do is increment the version number of your application, update the version info file with the new version number, and upload an updated container file to your web server.
I would rather not have an application doing silent updates without my knowledge.
In fact, I would prefer to be told that an update is required, a silent update would be perceived to be malicious, hiding something from the user and taking over the machine without my consent. What would happen if the silent update screwed up the machine without having knowledge of why the machine 'appears broken' due to a screwed up registry etc...
Yes it is debatable...
My 2cents