In C++ I Can Read The MAC Address Of The NIC and Use It To Generate A Unique Identifier For Each Computer That Interacts With My Web Service. Even If The User Deletes Their Cookies, And Temporary Internet Files, Reformats Their HardDrive And Installs A Different Version Of Windows, That Computer Still Generates The Same Unique ID.
How Can I Create Such A Unique Key Using Flex Or Air? The Number Has To Be Either Hardware Based Or Similarly Tamper Resistant.
Thanks In Advance.
In Air 2 you can spawn a native process and get a result back. You'll need to use that to get access to low level info like this.
Related
I am looking for a way to programmatically get the name of the vendor that owns a MAC address within a block/range that they purchased. Preferably by querying some API or database, language agnostic. Or if there is some other way that applications do it that I am unaware of.
For example, running nmap -sn 192.168.1.0/24 with root privileges yields
...
Nmap scan report for 192.168.1.111
Host is up (0.35s latency).
MAC Address: B8:27:EB:96:E0:0E (Raspberry Pi Foundation)
...
... and that tells me that the Raspberry Pi Foundation "owns" that MAC Address, within the prefix range that they own: B8:27:EB.
However, I am not sure how nmap knows this, nor how I could find this out myself. Parsing nmap output is not an ideal solution for me. Here's what I found from digging online:
This stackoverflow question references a site that appears to do this, however it appears to not have been updated since 2013, nor does it expose any API endpoints. Most notably, it does not have the newer block of MAC Addresses that the Raspberry Pi Foundation reserved for their newer models (under Raspberry Pi Team, or something along those lines).
I found that the IEEE handles these registrations through their site, however it appears to be for their customers and I could not find an exposed endpoint for their search function.
On that same IEEE page linked above, it looks like I can get a CSV file of their entire database. However that seems large, and would have to be actively kept up-to-date. Does nmap come with an updated database generated from those files locally?
If a public-facing API like I'm envisioning doesn't exist, I'll make one myself for fun. I'd first like to know if I'm thinking about this wrong and if there is an official, "canonical" way that I have not found. Any help would be appreciated, and thank you.
The maintainers of nmap keep a list of prefixes as part of the tool. You can see it here:
https://github.com/nmap/nmap/blob/master/nmap-mac-prefixes
They keep this up to date by periodically importing the public registry on this site:
https://regauth.standards.ieee.org/standards-ra-web/pub/view.html#registries
Note that those files are rate-limited so you should not be querying those csv files ad hoc as part of a software package; rather you should do what nmap does and keep an internal list that you synchronize periodically.
I'm not aware of a publicly available tool to query them as an API; however, creating one that works the same way that nmap does would be fairly trivial. nmap does not update that file more than once or twice a year which makes me suspect that the list doesn't significantly change often enough that keeping your own list would be too onerous (you could even download nmap's list every so often).
It's possible to use one twain driver to manage concurrent request to two different multifunction printer?
I mean, if I have two MFPs , can I do two scan request in paralel using the same twain driver?
It depends on if your driver supports it.
From the TWAIN Spec page 125:
If an application attempts to connect to a Source that only supports a single connection when the source is already opened, the Source should respond with TWRC_FAILURE and TWCC_MAXCONNECTIONS.
Also from the spec on page 212:
The Source is responsible for managing this, not the Source Manager (the Source Manager does not know in advance how many connections the Source will support).
I tested this with a Fujitsu fi-7260 scanner and got the TWCC_MAXCONNECTIONS error with Twacker:
It could be possible. The reason being TWAIN just sits between the application and the images fed to it.
Imagine a scenario something on the below lines:
1) User clicked on the scan button.
2) You initiate the network layer calls to start the scan job.
3) Now instead to one printer you start scan jobs on two printers from two threads.
4) Let's say each of those threads populate the raw BMP data to a single data structure that is shared.
5) Once both threads are complete iterate over that shared data structure to pass the images to the application via the XFERIMAGE call.
Basic idea is to create an abstraction of two printers behind the scene.
Please let me know if my understanding of your question was not correct or you need other clarification.
If you implement it in the described way, it usually works only with two different MFP's as the majority of TWAIN drivers do not support two different USB devicves at the same time.
I'm using limited data size broadband connections. So I want to disable all programmes (applications) to accessing internet in windows 8 other than browsers. so that I can save data usage by unwanted application.
The WinRT applications are sandboxed, which means they have a limited range of operations within the system and those operations interact with the application itself, only.
You cannot dictate to close an existing app which is running from a WinRT app. Only the user can do this.
At most, you should try to get the status of the network usage and if it is high, show the user a specific message, something like : At the moment, the data usage is relatively high, for better experience, try to close some the apps which cause this.
Is it possible to prove to the remote party that the application I am running in my system is the same as I am claiming that I am running using DRTM or SRTM? If yes then How?
Theoretically: yes. The concept is called remote attestation.
The basic idea is: First you have a sound chain of trust built on your platform, like:
BIOS ==> Boot loader ==> OS ==> Applications
The resulting measurements are stored in the PCRs.
Now you can let the TPM sign this set of PCRs, that's called quote.
You can submit this quote to a remote entity. Here the problems start:
How can you proof that the quote was signed by a hardware TPM and not an emulator?
Possible solutions: pre-shared keys or some kind of CA.
How can you be sure that the PCR values represent a trusted system state?
That's not so easy. If you have SRTM, you have to consider every possible combination of
how your system load the components. E.g. in BIOS-phase, in which order are the
option-ROMs loaded?
Here DRTM comes for the rescue, but it makes the matter just slightly easier. With DRTM
you can forget about all the pre-DRTM stuff. If you have a small trusted environment,
say like flicker, then you'll have a manageable set of trusted configurations.
If you have a full-featured OS, than it's hard.
First, you have to find an OS that measures everything. IBM's IMA for the Linux
kernel is one example.
Then, the slightest difference in the order of loaded components will lead to
different PCR values. Furthermore consider all the combinations of states the
different installed software packages might be in.
Possible solutions are to restrict the possible set of PCR values that represent a
valid configuration. For example you can measure a whole OS image instead of each
binary. An example is the acTvSM platform published a few years ago.
Conclusion: There is no easy, off-the-shelf solution, but you can design a system such that it fits your requirements.
i want to read MAC address of machine from Adobe AIR. I am using flex 3 and AIR 2.
how can i do this
the main purpose is i want to install that product in only one machine
var ni:NetworkInfo = NetworkInfo.networkInfo;
var interfaceVector:Vector.<NetworkInterface> = ni.findInterfaces();
Taken from the Network Info sample in the desktop version of Tour de Flex.
As far as I can tell, you cannot do it with Flex/AIR alone - you can however use the NativeProcess API to communicate with a Java/C program that can do this for you.
If you want to limit your application to just one machine, why don't you just install it manually without giving away the setup file - is it a remote machine? Even in that case you should be able to do a remote installation, right?
The answer "track the combination of IP address and user ID" won't satisfy my (very similar) needs. If the (laptop) computer is moved across WiFi domains, its IP address will change. If the computer is on a commerical IP provider, the IP address can often change without warning or notice.
My users don't want to deal with such problems. They don't even want to know that these problems exist!
The binding of MAC address and user ID can be done at installation time. It's not perfect, but it's pretty good.
Of course what we need is an implementation of public-private key...
Oz