encryption – Tunnel between two applications, one of them is a 3rd party app

It sounds (from the comments) like you’re just launching another process and not interacting with it after that, right? In that case, there isn’t any direct communication between the processes at all! Instead, your process tells the OS “hey, I want to create a process, here are the details including args”, and then the OS creates a process including setting up its initial variables (environment variables and command-line arguments). The OS will also return some details to your process (notably the PID of the new process and a HANDLE to it, which a framework such as .NET wraps for you) but that’s sent back by the OS, not by the other process.

Talking about a “tunnel” doesn’t make any sense in this scenario, because at the time of the “communication”, the “recipient” doesn’t even exist yet! For it to make sense, you’d have to launch the new process in a way where it can communicate with your process once the new one is running. Sometimes this is an option – some programs can take data from stdin in place of command line args, or can read their arguments out of a file (which might theoretically be a pipe, although many won’t like that). However, that depends on how the program is written, and you said you don’t control that.

I assume your goal is protect the command line arguments from being captured by an attacker. I have good news and bad news.

The bad news is that command line args are generally not secret. You can see them in Task Manager, for example, if you enable the relevant column in Details view. Processes owned by other users won’t have readable command line args unless you’re an Administrator, but anything running as you-the-user will have access if it wants. Of course, it doesn’t even matter whether the args are directly exposed; any process running with the same privileges as any other process (or running as admin) can simply read the other process’ address space directly, pulling any desired secrets right out of memory (the relevant APIs are usually used for debuggers).

The good news is that, assuming you don’t have malicious software running on your machine (or at least not with sufficient privileges), the command line args aren’t exposed to interception anywhere. They might get stored in a Windows system log (depending on logging settings) but they aren’t transmitted over the network or anything like that. The creator process invokes a system call or two (NTCreateProcess on Windows, something like fork or clone followed by execve on *nix systems) which passes the parameters directly to the kernel. It is in theory possible to intercept this, but if your attacker can interfere with system calls you have Much Bigger Problems, as that means they have already taken over either your process or your entire kernel! The kernel then creates the new process and sets its memory such that it sees the arguments you passed it; this is only interceptable if the entire machine is already compromised.

Now, of course, what the new process does with those arguments is entirely up to it! You seem to be starting something that wants a remote host and credentials to access it, which suggests that the credentials will be sent over the network. That’s the part you should be worried about, unless you expect your user (the person running your software) to be malicious or to have malicious code running with their privileges… in which case there’s nothing to be done, game over.

applications – Screensavers for 200 tablets – accessed centrally from one computer – Is this possible?

Hi I’m involved in a project to deploy 200 tablets. All devices will be on different networks in various locations around Australia.

I would like all devices to access the one set of screen savers and be able to update them all on demand. Is there an easy way to do this?

Currently I am thinking of logging into all devices from one gmail account and assigning the screensavers to google photos, and changing the photos from this one location.

I understand that google may not allow to 200 devices to sign into from one account.

Does anybody have any better ideas? Many thanks, Anthony

certificates – Spoof publisher info on Windows applications

Let me start by acknowledging that I have absolutely no experience with Windows development and this is purely for academic purposes. I apologize for incorrect terminology and welcome corrections or good resources.

When we run a program from an uncertified vendor we get a security warning from Windows indicating that the software comes from an unverified publisher. (i.e. https://www.remosoftware.com/info/wp-content/uploads/2016/06/Unverified-Publisher.png)

Is it possible to set the publisher info displayed there? I don’t care whether or not windows displays warnings and alerts telling the user that it is unverified. I don’t mean to spoof a certificate or bypass the warnings. An example would be the user running the program and receiving the warning above with “Apple Inc.” instead of “Unknown Publisher”.

I have seen many different Stack Overflow posts on the topic but overall I am very confused by the Windows ecosystem and different types of projects/templates that can be used. I ended up creating a Winforms project and I am using Installer Projects. I tried setting the deployment project properties fields but it did not work. I created a temporary certificate and I am signing the ClickOnce manifests as well as the assembly on the Winforms project.

In the end, I just want to know whether or not it is possible.
Any help is appreciated!

applications – Apps killed by android

My phone is killing every apps when more than one apps are running.
Even when messaging apps are running like messenger…

Actually i couldn’t talk in messenger when apps is in background.
Android kill my apps every time…

I am bored literally.

Is there any way of getting out of this.

Phone model : Redmi s2
Ram : 3 GB

Task manager always shows 1.3-1.5 GB free memory

So, i think that this is not happens because of low memory.

applications – Physical Bluetooth Keyboard is not able to access to chats (Whatsapp, Telegram) in Android 10

I have a very strange situation that I have not found yet something in the internet that could lead me to solve this issue.

I paired my physical bluetooth keyboard (Keychron K2) with my phone (Huawei P30 Lite with Android EMUI Version 10.0.0 which I think is Android 10) and I have found the way to control almost everything, but when I access to a chat application like WhatsApp, I am able to select the available chats in the application but when I type Enter to go into selected chat, it does not go to that chat, it highlights the chat like it was selected but not with the intention to go into it…

If I leave the enter pressed, this will show me available options/actions that I could use with that specific chat like delete the conversation, pin message, etc. This behavior occurs also with Telegram.

Is there any body with some hints regarding how I could be able to access to an specific chat selected to start chatting with my keyboard without having to use the native touchscreen control to start using the application?

Thank you!

web applications – Understanding of a webclient architecture (vue and electron)

I am currently planning a web app that can be accessed via a desktop app and browser. The application consists mainly of complex forms which can be created, edited and deleted by the user. The evaluation of the forms, therefore the actual logic, is done by the backend. The desktop app should be the main variant, the browser variant may be a slimmed down version. At least in the desktop app the user should have the possibility to print forms and evaluations directly on a connected printer.

Since I already have Spring knowledge and come from the Java environment I would prefer Spring as backend. I’m pretty new to the client world (except for a few turorials) so I didn’t know exactly which technologies are suitable at the beginning. After some research I would like to use Vue as my Javascript framework. To make it as easy as possible to put it into a desktop app I decided to use Electron. Furthermore the backend will run in the GCloud.

So let me give you a rough sketch for an overview: (If there is something wrong with the sketch please tell me)
enter image description here

Now to my questions:

  1. Since I could hardly or not at all find this technology stack during my research, I wonder if I am missing something? Is this approach recommendable?

  2. During my research I came across nativefier. Could I create my Electron app this way with my Vue application only? Could I also install an interface to a printer?

  3. I also found electron-vue. I think this is the more “normal” way. Here I don’t quite understand where Vue runs. Is it deployed to the client with the electron app? Or does Vue still run as a WebClient as in my sketch?

I think I’m generally very unsure about webclients as I have no experience in this area. Therefore I am grateful for every advice!

Page not found – Web Applications Stack Exchange

Stack Exchange Network


Stack Exchange network consists of 176 Q&A communities including Stack Overflow, the largest, most trusted online community for developers to learn, share their knowledge, and build their careers.

Visit Stack Exchange

applications – Custom audio slider On React native

I am trying to implement a slider for an audio player, the design is shown in the picture. Required functions: displaying the progress of the audio track and the ability to rewind beyond a certain invisible area “enter image description here

farm – Access denied to Service Applications page in Central Administration

I have farm admin permissions to a dev farm of on premises SP 2019 installation. The problem is that while I can access most of the features of Central Administration, whenever I access the Manage Service Applications feature (/_admin/ServiceApplications.aspx), I’m getting Access Denied message. Any idea what that might be?

Server Error in '/' Application.

Access is denied. 
  Description: An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL. 

 Error message 401.2.: Unauthorized: Logon failed due to server configuration.  Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server.  Contact the Web server's administrator for additional assistance.

applications – Can I mount /data/data/(app_name)/ on external sd card?

Can I mount /data/data/com.termux/ folder on external sd card? My phone is rooted Android 10 and running low of internal storage.

As I read from How to bind mount a folder inside /sdcard with correct permissions? mounting to /sdcard requires permission to mount because /sdcard is emulated from /data/media/0 and /data/data/ is not.

And from Can the Termux environment be put on an external SD card? it can mount /data/data/com.termux/ using ln -s because ext4 support links while fat doesn’t.

I don’t know how /data/data/ directory works but is it possible to mount /data/data/com.termux/files/home/ directory to external sd card without formatting it as adoptable storage or making ext4 partition?