We have a web application that occasionally receives web request that we detect as attempts to inject SQL code, from Google virtual servers (Compute Engine).
I was asked to find a way to identify who is responsible for said machines, so that we can take the corresponding legal actions on our part, or at least, confirm that Google shut down those servers.
What I need is to find a way to communicate with Google, by email or chat, but I haven't found information about it.
EDIT 1:
I have tried to communicate with Google to indicate the information I am looking for, but the only contact available in my case is with the billing department, which could not confirm that they will give me that information if I buy a technical assistance package. On the other hand, I understand that this package is to review requirements of the applications that you own, but in my case I am looking for legal information.
What was recommended to me was to enter the corresponding application in
https://support.google.com/code/contact/cloud_platform_report?hl=en
but I have not received a response for weeks.
I am disappointed in Google, especially because of the importance of computer security.
I will keep searching information.
You can find all information concerning Tech support, phone support and Chat support in your Google Cloud console. Also, this doc shows different supports based on your support role or package.
Related
Project background: Building an API driven Learning Management System. The back-end system will be receiving data from multiple systems and interfaces: web, mobile, VR.
Looking at API Gateways to front our APIs. Preferably an Open Source API gateway but need to be sure that the support and service is available. Tried out Tyk.io and it feels like it might be the way to go. Been reading other StackOverflow threads around this and looks like TYK's gateway fairs quite well against the likes of Kong and WSO2.
Main areas of consideration for us are:
Rate-limiting
Open ID Connect authentication
Analytics
Scalability
Hybrid model of hosting - combination of on-prem and cloud depending on compliance requirements of educational institutes (Probably rules of AWS' gateway)
It would be really helpful if anyone who is using or has used TYK.io for their production projects can share their experience, especially for enterprise clients/projects.
Full disclosure: I work for Tyk, so of course think that Tyk is the best fit for your project ;)
Seriously, though - Tyk can do all those things you’re after. Here are some links to the documentation for each item that is big on your list:
Rate-limiting
Open ID Connect authentication
Analytics
Scalability
Hybrid model of hosting
You can also post on the Tyk community for help, if you haven’t already, or search to see what else others have said.
The Tyk Open Source API Gateway will do everything you need, even outputting analytics to difference sources, like ElasticSearch, Mongo or just CSV.
In addition, you can also use our API Management Platform to control your open source gateway. The Tyk API Management platform includes a Dashboard with analytics and out-of-the-box developer portal. Tyk is free to use, under a developer license, to manage a single gateway node, ideal if you are doing a POC.
Hope this helps and please keep in touch to let us know more about your use case.
I'm confused by the preliminary documentation on the OneNote dev blog. Does it mean that a Native App accessing has to use (compile in) a Client ID specific to an individual O365 subscription?
The implication being that an Commercial App would need recompiling for each different O365 customer. Is this the intention?
If so then this severely limits the utility of OneNote Api in O365.
I'm hoping that I've misunderstood, can anyone advise please?
Paul,
Apologies if we confused you with our initial preliminary docs. Definitely not the case. The app ID is relative to the O365 tenant that publishes the app, but you just flip over the switch to say it is a multi-tenant app for it to be able to be consumed by any tenant.
I received this email and due to my lack of experience in google drive, I am unsure of how to go about troubleshooting this.
Google
IMPORTANT: Steps to migrate from discontinued Documents List API
Hello administrators,
We recently posted a reminder that Documents List API will be discontinued on April 20, 2015. This change means that service calls for this API will no longer be supported, and any Google Apps features that are implemented using this API will no longer function.
Our records indicate that you may have an application that uses Documents List API, and we recommend that you migrate to Drive API, which has comparable functionality, as soon as possible.
Here's what you need to do:
Determine if you have an application that makes requests to these types of URLs:
(took out urls since this format did not allow me to send more than two)
Migrate the applications to Drive API.
If you have questions about migration, please contact Google Apps for Work Support.
Sincerely,
The Google Apps for Work Team
How do I determine, which, if any, docs are going to cease to function post 4/20? Is there a way to organize my current list of docs (I have many) to see how many I need to pay attention to? In terms of migrating, is there a migrating tool available online?
From what I have read, I feel like this doesn't even pertain to my current drive. My understanding is that this is for developers not casual users such as myself. Am I wrong in that assumption?
Thank you for all your help in this matter. If I am not explaining everything to the level you need, please let me know. I am just confused by the email and want to make sure I stay ahead of this.
Best,
Nathan
The key part of the email is Our records indicate that you may have an application that uses Documents List API
If you have such an app (you should know since by implication, you wrote it), then you have a lot of work to do over the next two weeks. If you don't, then relax. Your documents are not affected by this announcement, only the app that Google thinks you once wrote.
It's possible it's referring to an app you have installed, in which case there is nothing you can do other than hope the developer has a new version.
In my case Google Apps Sync for Microsoft Outlook and Google Drive Windows seem to be the 2 applications that are requesting access to these depecrated scopes ... Come on Google, spread the word internally !
I'm using a Google Chrome Portable browser for my offline app. But I'm not sure if I can use it for commercial purposes. Please can anybody give advise if there's such a browser, that is completely free. Or is there really simple way how to create my own.. What I want is to show a html file in that browser. It doesn't need to have any address bar, etc. I've already searched how to create a browser, but I am not really good in programming languages, I only manage web pages, so I don't know which would be the best way.
Thank you for your answer.
You can use it for commercial purpose as per their EULA. See point 21.
Additional Terms for Enterprise Use
If you are a business entity, then the individual accepting on behalf of the entity (for the avoidance of doubt, for business entities, in these Terms, "you" means the entity) represents and warrants that he or she has the authority to act on your behalf, that you represent that you are duly authorized to do business in the country or countries where you operate, and that your employees, officers, representatives, and other agents accessing the Service are duly authorized to access Google Chrome and to legally bind you to these Terms.
Subject to the Terms, and in addition to the license grant in Section 9, Google grants you a non-exclusive, non-transferable license to reproduce, distribute, install, and use Google Chrome solely on machines intended for use by your employees, officers, representatives, and agents in connection with your business entity, and provided that their use of Google Chrome will be subject to the Terms.
August 12, 2010
You are not the only one searching for an answer https://productforums.google.com/forum/#!topic/chrome/xuyg5tSad08
This is the first answer I got when I searched a bit
"Google Chrome is totally free for commercial and personal use." I found this on http://www.technibble.com/google-chrome-portable-internet-browser/
I have to architect a commercial vehicle fleet tracking system.
Each vehicle (a few 100, max a few 1,000) will have a GPS and satellite transmitter and will periodically report its position. Positions will be stored in a database and used to create a Google Map.
There will of course be other functionalities. Security, log in, etc and probably lots of interaction with other corporate databses (drivers start/stop time for salary purposes, etc).
Question: pure GoogleMaps is probably best implemented as a browser based app (Php & MySql?), but with the additional functionality of a commercial vehicle fleet tracking system, would it be better doing something PC based (Windows/Linux)?
Any other advice? Thanks
I think with the capabilities of modern browsers, along with various mature client-side frameworks, we are witnessing an always thinning distinction between web and desktop interfaces.
You may want to take into consideration that a web application automatically solves some important problems for you:
Distribution: No need to distribute your application. Simply provide a URL.
Updates: Upgrading and fixing problems in your software will be easier and quicker if you distribute it through a web interface.
Security: Deriving from the above, you are able to fix security vulnerabilities more promptly.
Compatibility: Your application will be able to work on any operating system that can launch a web browser.
Last but not least, remember that the Google Maps API is not free for this type of application. Article 10.9.C of Google Maps API Terms and Conditions explicitly restrict using the standard Google Maps API for fleet management and asset tracking. You would need the Google Maps API Premier to legally use Google Maps for your application.
According to one unofficial source (dated April 2008), this would cost USD 10,000 per year, which entitles you to track 100 vehicles. If you exceed the 100 vehicles, you would need to add USD 24 per additional vehicle per year.
Implement solution for the domain problems first. It means data storage, data transmission between vehicles and your system, methods of data analysis, aggregation and visualisation.
These will likely to sit as a head-less system on a server and provide access to it remotely, in both directions: to input data and to query data.
Now, PC or Web is more related to presentation on a client side. You can make both if you like. Web client as well as desktop application can serve as a client to remote data and operational server.
Don't forget that you can always host a web control in a thick client app. This is actually trivial with .Net on the Windows platform with the IE control. You can also access the browser's DOM this way and do some neat things. So just because there's a strong web component to what you're doing you're not necessarily "stuck" writing a pure web app.
One big question is what kind of hardware you'll be able to put in the vehicles. Will they be laptops or small PCs with full fledged OSs or something more mobile like CE or a pared-down Linux distro?
Google Maps is JavaScript based so you can do most things with it, e.g browser based, widgets, etc. However due to the licensing Google won't allow you to use it in anything other than an Internet environment unless you use there Enterprise License.
In terms of integrating it into other systems, its really difficult to say what's best without knowing what other software you are using, what protocols they use, are web services available, etc. I agree with Daniel though in that any distributed system not implemented in a browser better have some good reasons not to, simply because the benefits are substantial. You'll need to weight them up though with a full break down of all the different systems you will need to interact with and work out what fits best.
The great thing is that with it being JavaScript based you have a lot of flexibility in what you can do with it.
This is more an extension to #Daniel Vassallo's answer. Although a web based application would solve most problems there may be the small potential issue of bandwidth usage and reception for internet access. This may or may not be an issue for the fleet management, depending on how that is tackled on the hardware side of things.
An offline solution may assist with this issue but then a clever architect could find a way to create an initial web based solution which can be accessed with an offline application which can pick up the slack and/or provide predictive reasoning until a connection is re-established.