Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I'm developing an android chat client, I decided to use XMPP and I started studying from the official XMPP RFC.
The 7th chapter is about Resource Binding.
Now, for me it's clear the way that Resource Binding is technically realized but I really can't understand for what it could be useful.
To be more clear and straightforward:
what usefulness can it have on the chat client?
why should a chat client use this feature?
what usefulness can it have on the chat server?
why should a chat server use this feature?
I read the guidelines of stackoverflow. I'm not asking for an opinion. I would like to have an explanation of how and why this feature could/should be implemented in an application.
Resources are used to distinguish different sessions of the same account, in particular on different devices. It would be very unhelpful if half of your file goes to a different device if that device signs on in the middle of a file transfer.
So to answer your questions:
So your client can distinguish between different sessions of the user's contacts and make sure the stanzas end up at the correct one.
Because servers (almost) always require it.
So the server can allow multiple sessions on the same account and can distinguish what session a stanza is for.
Because people want to be able to sign on to their account from multiple devices.
Any server will assign a random and unique resource for you if the client doesn't specify one. There isn't really a clear "best solution" here:
The resource may be a hint for your contacts about where or what that device is, such as "home", "office", "laptop", "phone".
However, specifying an easy to guess resource will make it possible for others to determine whether you are online or not (only the people you have allowed to do that should be able to determine that).
Two clients that are trying to use the same resource often lead to loops where they keep kicking the other off.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
I'm trying to describe the architecture (or understand existing patterns) for a (trusted/self made) Mobile Application that needs to hold private keys to sign some information presented on the screen (let say it's finally presented as barcode). Let's asume we cannot avoid it and need to store private keys (RSA or ECDSA) securely as possibly.
I haven't found any standards for TEE that or Hardware Security Module that would for sure work on the "normal" Smartphones out there?
I'm wrong here and Hardware+OS(Android/IOS) support this somehow meanwhile?
I'm aware of White-Box-Cryptography
But how far can i go with White-Box-Cryptography? How to estimate it cryptoresistance? Any examples of the implementations?
P.S.
Additionally the supporting backend can be designed as needed here. So e.g. exchanging of secure information onbehalf of the user (OAuth is used) can be done flexibly if it would improve the security...
So let say, i we can exchange Keys in the app monthly or so (more often would be problematic). However getting any information from server is possible, but the solution has to work some offline time too
Typical case: NO Internet for 10, 15 Minutes should be supported as far as possible.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
So I am creating a project with a couple of buddies and I need to create an API. This is my first time creating a big project and creating my own API. I don't know where to start. The project that we're working on will have a website, an app for Android and IOS, and use PostgreSQL. We will be using Javascript and Node.js as well. If there are any tips about creating API's for Android, IOS, and Web please let me know.
I would strongly recommend you read "RESTful Web Services" by Richardson
The book gives a thorough grounding in the "why?" behind organizing resources restfully. Also provides a good outline of different RESTful authentication mechanisms and the pros and cons of each - vital for a mobile app talking to a web-based back-end.
Then, sit back and outline the resources that will be necessary to run your app and have at it!
First of all take paper and pen to start design the architecture and write down all use cases. Also define the way data will be access.
While creating an API for mobile apps we should keep some important things in mind. First what type of API it should be JSON based or XML. And I will prefer JSON for mobile app as its lightweight and will take less time to parse. Also it will be fast to transmit. While XML bit costly.
One of most important thing you should design the api as secure as it could be. Because sensitive information can be sniff by some one. better to use SSL hand shake to make it secure.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
I am going to implement a "game lobby" for my game (which is a new topic for me). The game works the following way:
Users chooses "random game".
The device connects to a specific URL where I will implement some game logic (like name of players in the session, name of the game session itself and so on).
The URL returns values to the device so the game can load them and start.
My question is: What is "the best" way to do this? Should I have a database with different game sessions that contains all the information for each game session.
Or should I start a script on the server (one script equals on game session) for each game that starts that holds the information that is necessary?
I was on the thoughts to have this as a socket to socket game. But I think it will be easier with the client-server approach since the server then will take care of most of the logic and the devices only needs to concentrate on one single connection at a time.
Any help or advice is appreciated!
The cleanest approach for this would be a client server model as you guessed.
This simplifies client code a lot, as compared to database approach, but you need to setup and maintain a server.
You will anyways need a centralized entity (as a matchmaking service provider) if you want to let the user choose a random game. So I would suggest to go for setting up a server.
Following libraries might be helpful.
Netty (low level but versatile)
KryoNet (easy, high level features but limited (more than enough
for games))
jWebSockets (Very good real time performance with long lived TCP
connections)
Photon (Realtime, scalable, cloud, high performance but NOT
FREE)
There are many more... just search
Hope this helps.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I have been doing some research to create an IM application. I saw many sample codes and still trying to decide which method to use. Before starting development I want to ask your opinion if anybody knows how popular IM applications such as Kakao Talk, Line, We Chat, WhatsApp work.
I saw some articles saying to use Google Cloud, and some articles about using XMPP.
I am a kinda new for Android development and before starting development I want to see all my possibilities and choose best method for that.
Thanks for your time.
Well, I would presume they don't all work the same way. There are different techniques one can use to implement a chat client. Each of these companies might have their own proprietory technologies depending on their scale, user base, finances etc.
2 popular options you can check out are :
XMPP - It's supported by most major chat clients and is used by the likes of Facebook (a customized version of it anyway). asmack is a popular XMPP library for Android which might be useful to you.
A Backend-As-A-Service (BAAS) provider like Parse. This will save you a lot of server side heavy lifting and writing backend code like you would have to do if you were considering something like AWS
If this is a learning project, I would suggest implementing a very simple client and writing both the server and client-side code so that you know how the whole stack works. Hope that helps!
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I am looking to find the most efficient way to create an application that has a 30 day trial and then forces the user to buy the full paid version if they like the demo's features.
I was looking for suggestions as the best way to implement a license for the app. Here were some thoughts I had:
-Sharedprefs - This would work until the user uninstalled and reinstalled the app. The trial period would essentially start over.
-Use Device ID - I thought I could get a device serial number and upload the data to a server. Then I came accross http://android-developers.blogspot.com/2011/03/identifying-app-installations.html that showed the issues with trying to get a user id for a device.
UUID- It seemed like this was the best option. However, would someone be able to give me an overview of how to implement this and how it works. Also what are the limitations.
A sample implementation is already presented in the blog that you have cited.
Limitations: For your case, UUID won't work. Since, the user can actually delete whatever file/UUID you use for tracking (not easy, but doable)
Your requirement is to track devices. So, perhaps, go for telephony ID, Mac ID or a combination of both.