Geolocation service for mobile device - web-services

Is there any reliable geolocation service which could provide me with the latitude and longitude of a mobile device.
I need something like Google Gears(which is unfortunately discontinued) where I can give various data about the carriers cell the device is currently in etc. and get the latitude and longitude.

If the device you have does not support the Location API in HTML5, then you can use the IP address to get the location of the device. Have a look at services like www.maxmind.com. They have a basic free service that does location lookup basedon IP. The free service is accurate to city level. Beware that:
You'll need to implement this server side
It's accuracy is limited, and can be confused by people connecting over corporate networks, or proxies like Opera Mobile Browser.

HTML5 includes a geolocation method: see http://html5demos.com/geo

So it turns out that for a GSM Blackberry device with OS 5 there is no good alternative for getting the location to the standard satellite lock.
WIFI and Cellsite services are not available and unless you have a very good server with huge database with locations of carrier cells all over the world you cannot do anything effective.

Related

Collecting card data PCI level

We want to integrate a 3rd party service, regarding payments, their API waiting PAN & expiration date, and we need to determinate what PCI level do we need?
So, we just collect this data on client, send them to our server which will send data to them, we do not store it in database.
If your server can see this data, you need PCI SAQ-D, end of story. It doesn’t matter if you’re storing it or not, what matters is that someone who compromises your server can see it in transit. And if you’re asking this question, you do not want to be responsible for all the requirements of D.
To qualify for SAQ-A, or SAQ-A-EP, which are the only other two valid for websites, the card data needs to never come to your server in a readable form. That could mean redirecting the user to a page hosted by your payment processor to enter their data, embedding an iframe they provide, posting it directly to them from the front end (i.e. JavaScript POST), or (maybe) encrypting it with a key that only they can decrypt.
More information can be found in the official summary document

C++ application: discover other IPs on LAN

I want to create a C++ application that can be used (in part) to communicate between users on a local area network using UDP. Each instance of the application will have a thread dedicated to listening for other instances of the application and broadcasting its presence to other instances.
Is there a reliable way to perform this type of broadcast/listening on the LAN using pure C++ and POSIX system calls? I know there's no generally reliable way to find all IPs on a LAN, but I assume this is only because other devices are not willing to respond to pings.
Don't re-invent the wheel. There are two existing technologies, that, when combined, solve your problem in a standardized, well-designed, proven manner:
RFC6762 mDNS (Multicast DNS) is a protocol that works almost exactly like DNS, except it works using IP multicast. Instead of sending your DNS request to a unicast address, you send your DNS request to a multicast group, and any member of that group can answer your request (so you may get multiple answers).
RFC6763 DNS-SD (DNS-based Service Discovery) is a way to encode Services as DNS entries, which allows you then to retrieve Services from DNS using specially encoded hostnames. (For example, looking up the hostname _ipp._tcp.example.com would return a list of all printers that support the Internet Printing Protocol over TCP within the domain example.com)
So, we have one protocol that allows us to ask DNS about Services, and we have one protocol that allows us to ask a group of hosts to answer DNS queries … when we put the two together, we get a way of asking hosts for services! The combination of those two protocols is sometimes called Zeroconf networking, and is already implemented in macOS, iOS, tvOS, and watchOS (where it is called Bonjour), Android, most Unices (via Avahi, a portable implementation of those two protocols), and many home devices such as TVs. E.g. Spotify Connect, ChromeCast, Philips Hue and many others are also based on it. It's how iTunes devices find each other on the local network, for example.
Unfortunately, support in Windows is still limited, at the moment it seems to only exist for Windows 10 apps implemented in ECMAScript. (However, nothing stops you from shipping your own implementation with your app, and AFAIK, both Avahi and Apple's mDNSResponder work on Windows.)
So, what you would basically do is to send an mDNS query to the mDNS multicast group and ask for _myprotocol._udp.local. Then, assuming that your application registers itself with the OS's mDNS service (i.e. Bonjour on macOS, Avahi on Unices, …), you would get back a list of all hosts on the local network that support your protocol.

M2M vs Web service

What is the difference between the term Machine to Machine (M2M) communication and a Web service?
The W3C defines a Web service as
a software system designed to support interoperable machine-to-machine interaction over a network.
Wiki defines M2M communication as a
technologie that allow both wireless and wired systems to communicate with other devices of the same type
That sounds to me like different terms of the same thing.
SOAP, REST etc. are possibilities to implement both, Web services and M2M communication.
But what is the difference between M2M and Web service? Is it just like M2M is used in the context of an industry environment and for everything else (consumer-/financial applications) it's a Web service?
In my opinion, M2M implies lower level of communication and, if I may, 'lower level' of data.
I think formal distinction comes later in the definition:
... It has an interface described in a machine-processable format (specifically WSDL). Other systems interact with the Web service in a manner prescribed by its description using SOAP messages, typically conveyed using HTTP with an XML serialization in conjunction with other Web-related standards.
It is a service on the Web.
So a typical web service operates over HTTP, assumes a machine-processable description and implies use of certain technologies.
M2M, on the other hand, operates over wide range of protocols, that are lower-level than HTTP, and is a subject to restrictions other than those in web services, e.g. low energy consumption, constant data feed (instead of on-demand) etc.
Also, to me web services include human component: somewhere down the road there is a person consuming the data obtained from a web service, while in the case of M2M a human consumer is less expected. A goal of M2M communication might be to sync up an array of machines or have a machine make a decision based on the data it obtained from another machine.
Most of M2M devices rely on pure java or SIM cards to send/receive data to each others or backend systems. MNO SIM cards provide more convenient communication services with mobile data option. SIM cards provided by MNO do not come with big memory sizes and due to nature of SIM, SIM applets running on them must be minimalist.
If OTA related specifications defining remote management of SIM and SIM applications are investigated, you will see that there is always message command header and payload area as TLV byte streams(aka APDU). Each message is responded by received peer with positive or negative acknowledge. M2M applications since they mostly integrated to mobile network through SIM they also apply the same policy and defines their own raw communication protocol over SMS or TCP/IP bearer.

Transport layer Services and Application Layer services

I am working with web services right now. We have two types of services, one over HTTP and other over TCP. when Trying to understand the difference between these two, as per my understanding, services over TCP work at the transport layer i.e they transmit data over two ends. So in that case services over TCP will directly transfer data between two ends. But i am not so much clear on services over HTTP. I know we have a Client server model, REST, SOAP and HTTP is the protocol that transmits data but i am not able to properly relate the concept of services over HTTP!
Can anyone please help with an analogy which explains the difference between the two ?
As John Saunders is trying to allude to, I would agree that it is more important to understand the abstractions these protocols provide, rather than specific "Layer" they may be called in certain model (OSI). While the general model helps and applies, it doesn't provide specific details for actual protocols.
Having said that, the difference between so called Transport Layer Services using TCP vs Application Layer Services using HTTP, IMHO boils down to the comparisons between TCP and HTTP itself.
I'll start be saying that I hope it is known to anyone even vaguely familiar with these protocols, that HTTP is higher level abstraction than TCP and in fact it relies on TCP/IP itself. Hence HTTP clearly inherits certain feature like reliability from TCP/IP.
Now the contrast -
TCP Service
Design your own application level protocol - You design your own application level protocol.. For example, how will Client request operation to add an employee? How will Client request to find a given employee? etc... How do you indicate the format in which data can be exchanged between client and server? How will you even distinguish metadata (like request information) from data?
Efficiency - Can be efficient and compact in transmission of data. Since you define your own application layer protocol, Can be anything from binary to string to XML to anything else you can dream of.
HTTP for example, is built on top of TCP, in layman terms, mostly using Key Value pair style request headers.. vs SOAP, where much of information is passed as message envelope and message body (Which is why SOAP can be over HTTP as well as other protocols like Message Queues)
Performance - Given the possibility of having very compact application layer protocol, it can be relatively fast as well. For really high throughput, high performance, latency sensitive intranet applications, this can be a deciding factor.
Development Effort - Along with the flexibility, you certainly end up writing more code, as you attempt to define and implement your own application layer protocol.
HTTP Service
Larger parts of application protocol are defined for you - You design your application over well defined HTTP protocol. Typically HTTP Get would mean querying for a resource. Query filters in request url can be used for searches. HTTP POST, PUT and DELETE similarly have specific, well defined semantics.
Error / Fault handling - Even error are indicated using standards defined in HTTP protocol.. Like Status Code 200 (Success) vs 400 (BadRequest).
Efficiency - Can be quite verbose. Protocols defines almost every aspect of how the request must be defined.. and is typically text based..
Development and Tools support - HTTP can make it easier to use existing, vast variety of tools to send, receive and debug requests (Fiddler or Charles Proxy are famous HTTP debugging tools).
Internet / Firewall Friendly - HTTP is typically used at port 80 (although in theory can be other port as well). Which makes it more suitable not only for intranet applications, where you may have more control over firewalls and ports you open.. but also for accessing those services over Internet, because port 80 is typically open on almost every machine in the world...
Co-existence of multiple services - HTTP is so widely used, that it is expected multiple applications / services on a given machine to use it.. OS typically have special support built into the OS to handle this (http.sys on Windows) and you don't have to worry about one application / service stepping on another, by accidentally using the same port (one will fail in such case). Port negotiation between client and server is typically not an issue in this case, because HTTP is expected to be at port 80.
Securing the communication channel - When it comes to securing the communication, again there is well defined way to establish the same.. i.e. HTTPS. Unlike TCP/IP based service, you don't have to invent your own scheme to encrypt the communication between client and server.
Hosting the service - In theory, there are more ways to host an HTTP service, than a TCP service, again due to HTTP web applications already being a common scenario, which web servers like IIS already cater to. Your HTTP service can take advantage of countless out of the box features which web servers like IIS already have.. Recycling, Authentication, Resource Management, Request Filtering, Caching, Dynamic Compression and Logging etc etc etc.. you get for free with HTTP services hosted on any of the mature web server products.
Interoperability Across Platforms / Technology stacks - With HTTP, it would be far easier to use a mix of any technology stack, again because the implementation of the Protocol will be typically supported on various platforms.. from Linux / Unix to Windows.. or from .Net to Java to Ruby.. You'll get benefit from existing tools and technologies present on these platforms which support HTTP.. Hence Http can be the de facto choice, if, for example, you expect server to be in .Net on Windows, but clients to be in Java on Unix.
I could go on.. This is by no means an exhaustive list, and I am sure that many others could add plenty more to this.. But hopefully this gives you a good idea for what you were looking.. One can clearly see, that this can be a very deep topic.. Based on your response and time, I may edit this answer in future.. or encourage others to update it, as they see fit.
Side note - It is interesting to note, that even though HTTP adds plenty over TCP/IP to make it a great and ubiquitous choice for application protocol.. There is always scope for more / higher level abstraction.. So much so that, there are other, newer service protocols, which are built on top of HTTP. For example - Odata. Look at OData if you are curious..
And of course, in todays world of services, the discussion will not be complete without the mention of REST.
EDIT: Another interesting side note - If you are building on Windows platform, and using .Net framework, there are frameworks like Windows Communication Foundation a.k.a. WCF, which try to provide such abstractions, that you can swap out your choice of communication protocol (Client and Server choice must still match), from HTTP to TCP to MSMQ to IPC etc, with mere configuration changes, or host same service over multiple communication protocols by creating multiple endpoints. Refer to Understanding various types of WCF bindings for high level overview and comparison of various, out of the box, options WCF provides.
When working with TCP/IP and protocols layered on top of it, I would take the 7-layer model with a grain of salt. The true number of layers will differ, and will not match up with the classic OSI model.
For instance, HTTP is built on top of the TELNET protocol, which is layered on top of TCP. Does that make TELNET a Presentation-layer protocol? No, it's an Application-layer protocol that happens to have another Application-layer protocol built on top of it.
And then we run SOAP over HTTP. Or, if we want, we can run SOAP over TCP/IP. So what layer is SOAP? Is that layer 8 or is that layer 9?
As You asked, I'll try to explain by analogy, while not repeating previous answers too much.
Let's say we have helpdesk (service) reachable by phone call (TCP) and by SMS (HTTP). From Your (application) point of view You should get the same information independent of which communication method You chose. But there are differencies how this communication will be going, because phone call (TCP) is statefull channel, while SMS (HTTP) is stateless:
once phone call is established, information exchange will continue until hang'up;
SMS message must contain all relevant information to get a usefull response.
To introduce state into SMS channel, additional steps at helpdesk level are required, for example, You'll be assigned ticket number, which You must send with each related SMS (HTTP cookie/session) - this won't be handled authomatically by GSM network. This state is handled by helpdesk's and Your (service and application) logic.
Both service types have advantages and pitfalls. And both should work - preferance depends on actual use-case.
There is no too much difference what means are used to exchange data (You can even exchange mails using post office, if latency is acceptable). In practice it means You can use ping (ICMP) or DNS queries, or emails to exchange data - as long as Your application knows how to use/decode such channel.
I think John Saunders in his answer refered to 7 layer OSI model, an I think his point is correct.
This analogy is not 100% correct, I tried to explain the idea: the difference is how the state is preserved (by protocol itself, or by application/framework).

Qt. How to view other computers on the network using QtNetwork?

I need to get all PCs IP-adresses in my local network. How should I properly do that if I can using QtNetwork?
I tired use
QNetworkInterface::allAddresses();
QNetworkInterface::allInterfaces();
but it's definently not what I need.
P.S.
I need get IP's to able connect to some Postgresql servers, is there some Postgresql driver features maybe to make things easier?
What you need is called "Network discovery". There's a lot of different approaches each dedicated to a specific subdomain. The approach of the lower level is called ARP, Address Resolution Protocol see a nice tutorial e.g. here http://tournasdimitrios1.wordpress.com/2011/01/26/discover-your-local-network-with-arp-scan-on-linux/ . If you need a service discovery then you probably should go with ZeroConf & friends http://doc.qt.digia.com/qq/qq23-bonjour.html