Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I want to set up a honeypot type trap to catch out and secretly record a tech support scam firm that conned my Grandparents out of a lot of money for a non issue on their computer. Like many such scam firms, they occasionally change their web address and phone numbers and are partially based in India.
I was thinking about running Windows 7 inside a virtual machine and using a SOCKS proxy for the VM's internet connection to hide my true Static IP.
I am then planning to make a video about the scammers and put it on YouTube.
The thing is though, I am doubting whether that I can legally record a conversation in a covert manner and then put it on YT. (In UK)
What I really want to know is whether the scammers will be able to get my private license key, or any other identifiable information from the VM when they have control of it? Also does them having the product ID (including them going through Microsoft) put my license/copy of Windows in jeopardy?
I ideally want to bring them to justice and spread the word about them so that they get closed down. In other words, I want to get my own back on them.
Side Note: If this forum is not appropriate for this question, where would be?
Regards: Elliott
they can easily know that you run on a VM. Just with simple command about your hardware. But, I am sure they will not check if it is a honey pot.I dont know how you are planning to record them. I dont believe that you can record something interesting visually.The first step for them is to have a rootkit on your pc. After that is just about command line. There will be nothing good to record visually other that text line in your honey pot software. And You dont know when the attack you will come. Your Vm must be up all the time and the Ip and Mac address the same. Like the others say dont waste your time.No one in history a been put in jail for hacking a honey pot.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I resigstered a new domain visitsoonvalley.com but now I can see that there is a sub-domain support.visitsoonvalley.com which I didn't create and I can't find in the cpanel too. This page is showing ads and the first advertisement is of the company that I registered my domain with. Is it possible that they created this sub domain? Are they allowed to do this without notifying me?
UPDATE: I just checked going to help.visitsoonvalley.com and same result. Why are these sub domains existing?!
You cannot register subdomains. You cannot really create them. You can only use them.
Most likely there is a "wildcard DNS resolution" for your domain. That would be something your provider has done and it actually does make some sense, since most people want that. Why don't you simply ask them? They will probably remove it from your DNS settings if you ask them.
A "wildcard DNS resolution" means that all DNS resolution requests to hostnames within your domain are resolved to the same IP address, without any specific rule existing. So it is a kind of "fallback".
Why there are ads shown in your page is nothing we can say. Might be some default content your provider puts in as a placeholder until you create content. Or they simply created a DNS resolution as a palceholder until you name an IP address the domain should be resolved to. Again: why don't you ask your provider? You pay them for their service, so usually that means the have to give support...
Certainly that is not exactly a "nice" behavior if that really is not mentioned anywhere in their policy. But on the other hand it does no harm and is only temporary...
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
I am new to IOS development.
I am going to make a Bilingual Dictionary App for IOS. I have two options in front of me for choosing database. SQLlite and MySQL.
If I choose SQLLite then I believe I will have to pack the database with the app. Every user who will use this app the database will be downloaded to his device.
is it a good approach ?
or I should use MySQL ? that stays on the server and app will connect back and forth to get data from it.
Please guide which database should I use for Bilingual Dictionary Mobile app ?
Or If there is anything else I am missing ?
Thanks in advance !!
There are advantages and disadvantages to each, depending on the functionality and user experience you prefer. Unless you plan to update the content frequently, you wouldn't expect it to change constantly, so there isn't an essential need to provide dynamic content. However, hosting the content online can save a lot of space, which for some mobile users may be limited.
However, to me the most important factor to consider is that as a bilingual dictionary, you may have a substantial market of people who are travelling. People who are travelling often don't have data service, and thus must rely on wifi if they want to access this dictionary. As someone who travels with my cellphone, having a dictionary which does not require a data connection is a major functional advantage, and as a designer I would want to provide this functionality, even if just as an option. This may change if you expect that the greater part of your market is not going to use it while travelling.
Agree with Mitch Goshorn's answer. I don't know if you're worrying about the "security" of your database or you just want to save space on device. But I suggest the local one (SQLite). In case that you don't want user to steel your database by hijacking the application folder, you may want to think about encryption. Sorry if this is not considered to be an answer cause I don't have enough reputation to comment.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 4 years ago.
Improve this question
Currently I'm working in a team creating a custom POS solution. We came to a point were we'd like to integrate with a IC/Credit Card terminal (like VeriFone which we have, i.e. Vx510). I think the simplest mode is to allow Cashier to manually enter into the terminal the amount a client has to pay. In more advanced (the desired) way our POS will send to the terminal the amount to be payed.
Regardless of the "mode" we'd like to get the information from VeriFone if the transaction was successful or not. Here's the dead end we've reached. AFAIK, to program VeriFone terminals or integrate with it you have to become a certified VeriFone developer. If it is so, then I know where to start. If not, please let me know.
Are there any other ways to get information for a terminal that the payment was successful? Are there any 3rd party libraries to communicate with this kind of devices? The most relevant to my problem SO thread I could find is this but it wasn't much of help for me. We don't want to process any confidential data, therefore we don't want to integrate with Authorize.NET
Ok, things got clear a bit... It turns out that if you buy a device from a manufacturer (e.g. VeriFone) it comes "clean", so you have to program it all by your own and satisfy PCI Compliance. Therefore, you have to be certified developer... at least for VeriFone devices.
However if you order a terminal from some kind of 3rd party provider, for example SIX, or Polskie ePłatności (one of the providers in Poland), it comes with some kind of, let call it "firmware". This "firmware" will, or at least should provide you an application for performing cashless transactions. It also should come with handy communication protocol. Of course you'll have to sign some kind of NDA.
In short:
If you want to integrate with a credit card terminal just call a local credit card payment service and ask them to send you a terminal you want to integrate with. Keep in mind that every country has its own transactions centers so your solution will be country-wide.
payworks offers a SDK to integrate a credit card reader within an iOS/Android app. They manage the connection from the card reader to the merchant's bank. You never have to touch confidential data.
Regarding Verifone terminals, they support the Verifone e105, e315, and e335. You can see the full hardware list here.
Disclosure: I am a software engineer at payworks.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
This is not something I want to do myself, but it's a question/problem I can't get out of my head.
If you distribute open source-program/classes/libraries, how can you make sure the user has purchased a license? Would it not be very easy for programmers to just remove the license-part of the product and distribute it or use a pirate-version?
Take Invision Power Board for instance. It is written in PHP (i.e completely open and editable) and you have to buy a license to be able to use it. How can they make this limit? Do they authenticate the forum towards their servers? If they do, would it not be easy to simply remove this function?
Another example that I have even more problem understanding is HighCharts, a JS library to draw graphs. They offer a free version with their name on each graph. If you purchase the product, the label is gone. How do they do this?
I know this question is a bit wide and open, but I am just asking for a way to prevent people from simply editing out the license/blockade? What is the essence in this?
There are no license purchases for true "open source" libraries or programs, because the essence of open source is that the code is free and you can build/deploy it yourself at will.
What you're talking about is commercial software that might use a codebase that is easily visible/editable. It's not marketed as "open source," but the source code is easily accessible and potentially easily modified.
There are various mechanisms for obfuscating or hiding the content of the code that some products would choose to use, which make modifying the code more difficult. For example, there are various ways of pre-compiling PHP code rather than distributing the raw files (see this question for examples).
However, the biggest thing that you lose out on with most software of this sort is support. If you're a serious user of a complex piece of software, especially a business user, you would typically want to know that you have a commercial support plan in place for any critical software. The kind of user that would crack/pirate such software (that is, individuals or small companies) aren't likely to be as significant to the vendor.
On the internet there's a further obvious avenue: if a significant public site were using Invision Power Board, they would soon notice and could demand suitable license (or take legal action).
Ultimately, this kind of abuse is very difficult to prevent if someone is determined enough: you are very much at the whim of your users.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 9 years ago.
Improve this question
I have been task with the mission of creating a phone solution where clients call a number and using the phone keypad they enter a product ID and base on that ID they should hear the product description that is stored as text in MySQL (text to voice). If they are happy with the product or products they will get an email with all the list of product and their details.
Can anyone point me into the right direction on what to use for this phone server?
Note: maybe I just don't know what to call each service, but that is what needs to be accomplish. I am going crazy reading about trunks, pbx and Asterix
What you are looking for is an Interactive Voice Response system (IVR). There are existing systems that can be programmed for individual applications.
The W3C even has a standard called VoiceXML, which is a standard for interaction between voice systems and computers.
Unfortionately, that is the extent of my knowledge on the topic.
Honestly, Asterisk is not very difficult to set up and get running for something like this. Get an inexpensive and unlimited inbound SIP channel from Callcentric or another trunk provider, and write your IVR as the default extension in the dialplan.
Don't let yourself get overwhelmed. You only need to define your trunk as a SIP peer in sip.conf to get the box talking to your provider, and the dialplan syntax is very, very simple. You don't really need any other configuration for Asterisk itself, unless you have to use a land line, which would require a digium or sangoma board with fxo ports on it, and configuration of the zaptel drivers within asterisk.
Text to speech isn't likely to be as great as you'd like, but it may not be feasible to record all of the audio files that you'd need. The problem is that cloud IVR providers may not be cost effective for your application.
Any other questions, please don't hesitate to ask.
If you don't want to deal with Asterisk, there are other web-based options as well. The one I know the best (because I work there) is Twilio which lets you build phone applications the same way you build web applications. It's much simpler than setting up and hosting your own Asterisk instance and dealing with carrier connections. There are other similar services out there as well.