So I want to create some sort of anonymous chat application. The model includes a single server (centralized) and multiple clients.
The server takes no records of the chat and also no records of who has connected amd such to maximise privacy the messages are also encrypted. You get the idea.
Now, my question was: say someone sent a link to a warez site or something deemed somewhat questionable or outright illegal. Who would get into trouble? The server owner or the client? Take into account that the server only provides a means to communicate between clients and holds no information other than the brief time it needs to receive and send.
Same thing with bots connecting to the server and using it for a communication portal for a botnet.
Thanks in advance.
Related
Does anyone know how to get the information about user device that access the bot deployed in S4B channel and built using MS Bot Framework (C#).
I need to know about the options to detect the user device (Device type and OS) accessing the Skype For Business Bot. If there's a way to know whether user device is desktop or mobile. In bot framework the User-Agent header formatted similar to the string below:
SFBUserAgent (Microsoft-BotFramework/3.1+https://botframework.com/ua)
(The user agent from Connector returns the following:
fxversion/4.7.2563.0 osname/windowsserver2016datacenter osversion/6.3.14393 microsoft.bot.connector.connectorclient/3.14.1.1)
I want to know if UCWA can be used to detect the device type accessing Skype For Business bot.
UCWA is not able to do so, actually no client or client-facing api can provide such information. It's because User-Agent information is not part of the presence so the client doesn't publish it to other clients. The main purpose of this User-Agent information is for monitoring reporting purpose.
However there is still some space from server side to allow us to do something. If you have access to the Skype for Business server, you have several workarounds.
Get-CsConnections.ps1 is a well-known script to pull current logged in user from Lync server side. It was written in 2011 while we only had Lync 2010, but good news is it works fine with new version of Lync like Lync Server 2013, Skype for Business server 2015. This script needs to be run in Lync/Skype management shell or a Powershell session with Lync/Skype modules imported. It needs to run by using an Lync/Skype admin account.
To retrieve user agent for a particular user by using sip uri.
$UserHomePool = (Get-CsUser -Identity [sip address]).RegistrarPool
Get-CsConnections.ps1 -SipAddress [sip address] -Pool $UserHomePool
Connections.ps1 is the prototype script of the above Get-CsConnections.ps1, it's simpler but doesn't provide advanced features. You can look at it and decide which one you need.
Do it yourself. If you don't want to use 3rd party script or just want to do it in a simplest and pure way, it's possible to do it by querying it from server database. Lync/Skype server stores this user agent information in the dynamic database in Front End server. It's in the table dbo.RegistrarEndpoint of the database rtcdyn of the instance rtclocal.
Please notice that there is no public document about the database schema so you need to do a little guess and hacking yourself. Good news is all data in the database is strored in readable format so it shouldn't be a big issue.
In a very rare chance that you are not wanting this information in real-time, the monitoring report and database can be the best approach. It's not real-time data, the data is generated within 10 mins after a conversation is ended.
If you want to get it from monitoring database, you should look at SessionDetails view for P2P conversation and ConferenceSessionDetails for conference conversation. There are straighforward fields in the views called something like UserClientType to point out the user agent information for the certain session.
At last one thing I would like to remind is Skype allows user to logged in multiple clients simultaneously, so no matter how you make it work you still need to face the question which logged in client really matters to you if the user has multiple clients logged in.
I am new to Twilio and tasked with evaluating whether to switch from our current service which is CDyne.
We have an application that uses SMS to interact with clients on behalf of staff using two-way SMS. The app automatically launches SMSs at certain trigger events and based upon the responses from clients decides what to do next - including asking further questions of the client. The SMS gateway I use currently allows me to include a reference id in outgoing messages. This id is returned when someone replies to the message. This makes it dead easy to look up everything related to the incoming message and form a decision and reply. Twilio does not seem to have anything similar. In fact, it does not even return the SMS ID of the original message which seems to make it a pain to determine the relation. I understand you could potentially look up the FROM and TO and trace it back, but with multiple phone numbers being used for the same client (staff can send messages directly too using a different phone number and there are several numbers being used for mass text messages), this is potentially (very) hazardous.
Question 1: Is there any (good) solution to this issue in Twilio, and
Question 2: If not, why not??? (It seems pretty obvious and simple to include a reference to the initiating SMS in the reply)
This is one of the many features that CDYNE offers at no cost to their customers.
To my knowledge, Twilio doesn't offer this feature.
For additional information on SMS Notify!'s additional free features, check out CDYNE's wiki.
I am developing a feature in my app where I need to store the state of a particular series of actions between 2 users, just like an ajax based chat service.
The scenario is as follows:
A user can is able to see which other users are online and then challenge one of them. The other user receives the challenge and accepts it. Now both the users are given 5 questions each and the match starts simultaneously for them (almost simultaneously) Then as a user navigates thru the question or solves it, the state is updated on the other user screen as well.
Essentially this is very similar to a chat system like say facebook chat. I am able to see who all are online. I send a chat msg to my friend who can then respond to that and that response is seen on my chat window.
I believe all this can be achieved by using ajax. I can easily make ajax calls to .asmx webservices and retrieve objects for a particular user as Session can be accessed there. However, I am wondering where to maintain state because session is for a particular user and I want my particular object to be accessible for two particular users.
Where do I store the state? Or taking the example of Ajax based chat, where should I store what message User1 entered and when Uer1 entered how is it shown to user2?
I was thinking application object but read it is not recmmended.
What do you recommend for such a thing?
If you're trying to do "near real-time" message passing you might want to take a look at HTTP polling (a.k.a. long polling). I won't use SQL for temporal message passing and short-term state transitions like I've seen in the past. If running on a single web server just keep the state in session or in the ASP.NET Cache. If running on multiple web servers take a look at distributed caches like memcached, Velocity (Win 2008), or NCache. Then serve the cached data to the AJAX requests which are sitting and waiting (because of long-polling). The key design issue is the design of the cache keys (no pun intended), which would need to include the user's ID for user-specific event data.
P.S. There are frameworks for large-scale, near real-time message distribution that solve scaling issues which are hit when hundreds of clients are participating in long-polling at the same time. The broad name for those frameworks are 'Comet', and they are most useful when broadcasting the same messages to many clients.
(Also asked over on ServerFault, where I was advised to post it here too)
We have a requirement to send desktop alerts to various users (compliance, production) across a network when other users have submitted content online for a report.
At present we are using NET SEND but this has no guarantee of delivery and has proved unreliable from both client and server perspective (and I gather will be unsupported in later versions of Windows; we are currently running XP).
We are considering a Jabber-based solution but has anyone used a Jabber client to pop up alert messages on the screen like NET SEND does, as opposed to just bringing a chat window to the front or displaying a temporary 'toast' message near the system tray.
We need the alert message to be persistent and only dismissed by the user, indicating they have seen it. Toast-style pop-ups would be fine as long as it was not only for a limited time and again had to be dismissed by the user.
Any solutions?
Openfire is a java based Jabber server that seems to be targeted to a corporate/business environment and provides the "toast" message feature with their Spark client. They also offer several other useful business-focused features.
Offline message delivery is not guaranteed by XMPP specification. It depends on concrete server implementation. Moreover, it has cost in supporting user accounts.
As an out-of-box solution it is fine, but since we are in development community, I would
consider building alert system using MessageQueue for guaranteed delivery.
The message-delivery semantics of XMPP are liable to be a good fit for your application, since you're not talking about financial transactions that require fiduciary-level delivery guarantees. It will certainly be better than NET SEND by a lot.
Write a simple client that listens for messages and does the pop-ups in whatever format you want, and have the program run in the background, perhaps with a tray icon. Writing something like that with Jabber-Net would be the work of a few hours, for example.
What is the easiest way to set up an SMS alerting system so that I will receive notification if my server doesn't respond or a GET query doesn't return correct content?
You can completely outsource the monitoring and alerting, for example by subscribing to Pingdom. The most basic Pingdom plan will monitor up to 5 services (including using HTTP GETs with optional content pattern matching) and send an SMS after a configurable amount of downtime.
If you want to roll your own solution, the first thing to get right is the monitoring software. Many, many third party solutions exist for this, from the free to the outrageously expensive. Of course, rolling your own "try a GET and do something if it doesn't work" script is always an option, but as with all software, feature creep may mean that you're just re-implementing existing solutions soon...
For the SMS notification, using an e-mail-to-SMS gateway might work for you, if you're in a territory well-served by such services. Most US providers, for example, provide free gateways, whereas in Europe they tend to be run by third parties and pay-only. As already suggested, Google is your friend here. Also, your monitoring tool may support sending notifications directly using a cellphone/GSM modem attached to the monitoring server.
Often I've found that what you need is a SMS modem attached directly to your monitoring server. What if the problem is the network connection?
What you want is an SMS gateway. There are surely some service providers local to you. Unfortunately, they are a bit hard to find. Try asking Google...
You can get a service like http://www.serviceuptime.com/ and the send an email to your-number#a-domain-your-provider-gives They usually have the exact domains for the providers on their respective websites but you could just try #t-mobile.com if your provider is t-mobile for example.
If you want to write your own tool should be pretty straightforward - send GET request if you dont get the expected response send email. You should run it from 2 different locations from 2 different ISPs tho because if there are routing problems and the request doesnt go through you'll get smsed