I have used dxdiag before, but I would prefer to point potential users to some tool that's a bit simpler, that they can just run and email me the output.
As well as obvious things like CPU, RAM, graphics, DirectX version and Windows version, I also need to know if ExpressCard (a laptop standard) is supported.
I know this isn't quite a programming question, but it's critical to establishing a way to tell users if their hardware supports our software before we deploy it.
System Information tool (msinfo32). Comes standard with the OS; supports bunch of command-line switches as well, allowing you to automate it.
In particular, you can tell the users to just run the following command and email you the resulting .txt file:
msinfo32 /report "%USERPROFILE%\desktop\configuration.txt"
Or if you want a subset, just filter it out based on the categories.
Not sure where is the info about the ExpressCard in it, but it should be in there somewhere.
All this information will be available through the Windows Management Instrumentation (WMI).
There are some microsoft provided examples available here.
Related
We all know situations when you cannot go open source and freely distribute software - and I am in one of these situations.
I have an app that consists of a number of binaries (compiled from C sources) and Python code that wraps it all into a system. This app used to work as a cloud solution so users had access to app functions via network but no chance to touch the actual server where binaries and code are stored.
Now we want to deliver the "local" version of our system. The app will be running on PCs that our users will physically own. We know that everything could be broken, but at least want to protect the app from possible copying and reverse-engineering as much as possible.
I know that Docker is a wonderful deployment tool so I wonder: is it possible to create encrypted Docker containers where no one can see any data stored in the container's filesystem? Is there a known solution to this problem?
Also, maybe there are well known solutions not based on Docker?
The root user on the host machine (where the docker daemon runs) has full access to all the processes running on the host. That means the person who controls the host machine can always get access to the RAM of the application as well as the file system. That makes it impossible to hide a key for decrypting the file system or protecting RAM from debugging.
Using obfuscation on a standard Linux box, you can make it harder to read the file system and RAM, but you can't make it impossible or the container cannot run.
If you can control the hardware running the operating system, then you might want to look at the Trusted Platform Module which starts system verification as soon as the system boots. You could then theoretically do things before the root user has access to the system to hide keys and strongly encrypt file systems. Even then, given physical access to the machine, a determined attacker can always get the decrypted data.
What you are asking about is called obfuscation. It has nothing to do with Docker and is a very language-specific problem; for data you can always do whatever mangling you want, but while you can hope to discourage the attacker it will never be secure. Even state-of-the-art encryption schemes can't help since the program (which you provide) has to contain the key.
C is usually hard enough to reverse engineer, for Python you can try pyobfuscate and similar.
For data, I found this question (keywords: encrypting files game).
If you want a completely secure solution, you're searching for the 'holy grail' of confidentiality: homomorphous encryption. In short, you want to encrypt your application and data, send them to a PC, and have this PC run them without its owner, OS, or anyone else being able to scoop at the data.
Doing so without a massive performance penalty is an active research project. There has been at least one project having managed this, but it still has limitations:
It's windows-only
The CPU has access to the key (ie, you have to trust Intel)
It's optimised for cloud scenarios. If you want to install this to multiple PCs, you need to provide the key in a secure way (ie just go there and type it yourself) to one of the PCs you're going to install your application, and this PC should be able to securely propagate the key to the other PCs.
Andy's suggestion on using the TPM has similar implications to points 2 and 3.
Sounds like Docker is not the right tool, because it was never intended to be used as a full-blown sandbox (at least based on what I've been reading). Why aren't you using a more full-blown VirtualBox approach? At least then you're able to lock up the virtual machine behind logins (as much as a physical installation on someone else's computer can be locked up) and run it isolated, encrypted filesystems and the whole nine yards.
You can either go lightweight and open, or fat and closed. I don't know that there's a "lightweight and closed" option.
I have exactly the same problem. Currently what I was able to discover is bellow.
A. Asylo(https://asylo.dev)
Asylo requires programs/algorithms to be written in C++.
Asylo library is integrated in docker and it seems to be feаsable to create custom dоcker image based on Asylo .
Asylo depends on many not so popular technologies like "proto buffers" and "bazel" etc. To me it seems that learning curve will be steep i.e. the person who is creating docker images/(programs) will need a lot of time to understand how to do it.
Asylo is free of charge
Asylo is bright new with all the advantages and disadvantages of being that.
Asylo is produced by Google but it is NOT an officially supported Google product according to the disclaimer on its page.
Asylo promises that data in trusted environment could be saved even from user with root privileges. However, there is lack of documentation and currently it is not clear how this could be implemented.
B. Scone(https://sconedocs.github.io)
It is binded to INTEL SGX technology but also there is Simulation mode(for development).
It is not free. It has just a small set of functionalities which are not paid.
Seems to support a lot of security functionalities.
Easy for use.
They seems to have more documentation and instructions how to build your own docker image with their technology.
For the Python part, you might consider using Pyinstaller, with appropriate options, it can pack your whole python app in a single executable file, which will not require python installation to be run by end users. It effectively runs a python interpreter on the packaged code, but it has a cipher option, which allows you to encrypt the bytecode.
Yes, the key will be somewhere around the executable, and a very savvy costumer might have the means to extract it, thus unraveling a not so readable code. It's up to you to know if your code contains some big secret you need to hide at all costs. I would probably not do it if I wanted to charge big money for any bug solving in the deployed product. I could use it if client has good compliance standards and is not a potential competitor, nor is expected to pay for more licenses.
While I've done this once, I honestly would avoid doing it again.
Regarding the C code, if you can compile it into executables and/or shared libraries can be included in the executable generated by Pyinstaller.
What options exist to query RMS files in OpenVMS? The context for the query/access would be for BI & reporting. Currently, a very old FOCUS (Infomation Builders, v. 6.9.8) is in use, and that only from within the native OpenVMS command line shell.
My challenge working within the VMS environment is that output is intended for off-platform consumption & analysis in Excel, R, and Business Objects/Crystal Reports, and Splunk/Hunk. On-platform, I'm limited in what I can use by whatever I can compile &/or run from within my own user space, and the CONNX & similar tools all look to require a server process in the VMS environment.
Edit: I have accepted a comprehensive answer which, given organizational constraints, may not be feasible. My likely path will be to write additional data extractions jobs in FOCUS, and incur the latency & maintenance overhead that goes along with that.
Do you want to the reporting to be on-platform, or off-platform (for example with Excel)?
On-platform, after 30+ years, I still really really like Datatrieve, as mentions in a comment.
This tool was created before SQL became all the rage, so its query language takes a little getting use. It knows show to used just about every RMS option (keys, RFA's for collections, joins, locks and sharing,...)
I'm sure there are multiple commercial tools like Focus you mention, and perhaps the IGH tool Vselect for data extraction, column shuffling, sorting. Some would even recommend OpenVMS native SORT but now you are still in Command Line space.
For a (green screen) windows approach, and command line, perhaps check out the freeware tool DIX: http://www.oooovms.dyndns.org/dix/
Off-platform google for "openVMS odbc" (jdbc). You'll find tools from Connx, Easysoft and "Connect" from the company I work for : Attunity.
Those will allow you to use (windows, linux) tools like DBvizualizer or Excell to get to the OpenVMS sourced data.
Perhaps an interesting hybrid could be Attunity's Connect ( "AIS" ) solution which allows for SQL language RMS file access, but on platform (NAV_UTIL) and off-platform, ("Studio, Nav_util, Oracle db-link, ODBC, JDBC, XML, ... )
For better help, please clearify the query still better. Notably the remark " only from within the native OpenVMS command line shell". What's wrong with that? :-). What alternative access did you envision? fake-gui, DECwindows? Native API? Remote API? ...
Hope this helps some already,
Hein
You could consider writing code in a native language such as C or Java. The company I work for uses Apache, DCL scripts in cgi-bin, and the Userbase 4GL to put an Intranet reporting front-end over an OpenVMS legacy system. As long as you wrap the output in HTML etc Apache will stream it back to a browser which will interpret it accordingly. However, with the impending move to Itanium we're faced with no support for porting Userbase. If anyone knows who holds the source code could they tag a reply onto the end of this. We're looking for a terminal (character mode) reporting solution for Itanium as not all users have PCs. If it weren't for this we'd just slap Crystal over CONNX and call it a day. Many thanks.
Further to my previous answer I'm now evaluating R as a reporting solution, using the RODBC to interrogate the RMS database via CONNX using R's RODBC library.
I completely newbie in device drivers, so I hope my question is in place, but I need to develop a driver to control some equipment. I was thinking on using Linux as the host OS, but not sure if it is such good idea. I've heard some horror stories about the mess of developing device drivers under Linux. Is there a better alternative under the *Nix world? Or maybe should I check other OSes?
Linux documentation is basically non-existent (similar to other platforms). However, there are a few books which do cover enough information to get started, and the trickier kernel bits can borrowed from other drivers (yay for Open Source).
However, it is one of the easiest current platforms to develop drivers for. There are cleaner models, such as QNX, but that product is sadly near the end (and doesn't support 1/10th as much as hardware as Linux)
What type of device is the driver targetting? Many times you can avoid writing in-kernel drivers (for instance, using libusb in userspace, or the user space IO framework)
I want to develop an application that can retrieve information such as, DLL version, DLL build mode(debug or release), info. regarding OS, memory, processer, processes/threads, program version etc. I am developing this mainly for Windows, but it'd be good if the application supports Linux too(wherever applicable).
I am basically a java programmer, and I know C, C++ to some extent.
Which programming language should I go for, that'd make my job easy? i.e. which language has APIs to fetch these kind of information?
Well... APIs are available regardless of the language... But the easiest way to get at what you are trying to do is going to be a C or C++ app. That doesn't mean it'll be easy (getting a DLL version is easy, getting memory and processor type is easy. The other stuff is certainly possible, but you may have to roll up your sleeves and learn the win32 API).
You might want to take a look at an application that already does exactly what you are asking about (Process Explorer) before you try to develop this yourself... It's going to be a big undertaking - and the folks at Sys Internals are really, really good at this stuff, and have already done it.
You commented on Kevin Day's answer that you would prefer to use Java for this.
Java is not very well suited for this, because the information you want to get is very platform-specific, and since Java is designed to be platform-independent, there are not a lot of ways to get at this kind of information from Java.
There are some methods in classes java.lang.System and java.lang.Runtime to get information about the platform that your Java program is running on. For example, class Runtime has a method availableProcessors() that tells you how many processors are available to the Java virtual machine. Note that this is not the same as the number of processors (or cores) that exist in the computer; the documentation even says that the number may change while the program is running.
Lookup the documentation for java.lang.System and java.lang.Runtime for more information.
Most likely you're not going to get exactly the information that you need by using pure Java - C or C++ will be better suited to get this kind of platform-specific information. If you would need this information from a Java program, you could write a small DLL or shared library and use JNI to call into it from your Java program.
Since DLLs are mentioned I presume we are talking about Windows.
I would recommend using WMI queries. They look very much like SQL and give you access to many very useful classes.
e.g. all info about the OS can be found here - in W32_OperatingSystem:
http://msdn.microsoft.com/en-us/library/aa394239(VS.85).aspx
You can use WMI classes from any language including C++.
As a side note - if you start a new application from scratch consider using PowerShell - new scripting language from Microsoft.
I've developed a little screenshot application but I've heard that I should profile my code to see where it's using a lot of resources and stuff.
What is a profiler? what does it do? Where can i get it for free? and How do I use it?
A profiler is a software tool which intercepts and measures every executed code path in a certain run of an application. They store this information and later report graphically (or tabularly) where does your code spend most of the running time so you can optimize where it really matters.
About where to get one, it depends on your platform/language combination.
What language are you developing in? For C#, check this question.
Any decent C# profilers out there?
Here's one for C++
Decent profiler for Windows?
In fact, check the profiler tag to see all the questions tagged in connection with profilers.
https://stackoverflow.com/questions/tagged/profiler
See:
what-techniques-can-you-use-to-profile-your-code
You didn't say what language you use. For C/C++ (and probably others) a free ones are:
gcov
gprof