Best way to validate a WinCE OS image (.bin) file? - windows-ce

We have a Windows CE 6.0 based product that allows for firmware upgrades through a web interface. I want to perform a sanity check on the new firmware image to be sure that it is valid. How should I perform the validation?
I see in the BIOSLOADER code, there is support code for decoding a BIN file. I suppose I could massage that to perform the validation. Is there a better way?
Thanks!

The safest way is to wrap the firmware blob in a container format which supports some form of public key signatures.

Related

How to prevent direct use of third party library/dependency

I'm building a software using SDK provided by third party software. To secure the application that I build, I must set correct values in some attributes in the SDK. I'm thinking of building a wrapper around SDK which would ensure correct properties in the SDK are set. Only challenge with the approach is making sure other developers helping me to build the application would always use the wrapper as an abstraction layer rather than using the SDK directly downloaded from third-party repository.
I was initially thinking of using Software Composition Analysis (SCA) tool. But I couldn't find a SCA tool helps to block direct use of a third-party library instead of using SDK wrapper/abstraction layer.
What is the best way to solve this problem?
Thanks

Hololens Device Portal Kiosk Mode web api

I am building a tool in which I am using windows device portal wrapper in order to connect and access hololen's device portal.
I would like to be able to get/set kiosk mode from my tool so I dont need to go to device portal and do it manually.
Windows device portal wrapper doesnt give any functionality to access kiosk mode though.
Does anyone know the web api path for this?
Thanks in advance
So since it looks like you're building a tool for converting HoloLens into Kiosks, you need to do this at scale. If you are looking to create a different method of converting your HoloLens into Kiosks, I think you should go provisiong packages.
Provisioning packages will let you make a package you can keep applying to multiple HoloLens. Also some companies don't like enabling developer mode, and this is a method that doesn't have a security risk. Also device portal only allows a single app Kiosk, where as you could create a Multi app Kiosk if you wanted using other methods.
https://learn.microsoft.com/en-us/hololens/hololens-kiosk#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803
Do this help things? I know it's not actually what you were looking for, but hopefully it helps. It it doesn't let me know, I might have a different potential solution.
Kiosk Mode can be set via Device Portal’s REST API by doing a POST to /api/holographic/kioskmode/settings with one required query string parameter (“kioskModeEnabled” with a value of “true” or “false”) and one optional parameter (“startupApp” with a value of a package name). Please keep in mind that Device Portal is intended for developers only and should not be enabled on non-developer devices. The REST API is subject to change in future updates/releases.

Do I need any iCloud settings before using Ensembles for CoreData & iCloud syncing?

I'm developing an app which uses CoreData and is already released. I'm trying to add syncing feature using iCloud and Ensembles 1.x. I added codes which are told in the readme, but syncing doesn't happen. The debug log says it can't leech to ensemble.
I enabled iCloud for the project, but only for Key-value storage which is used for another purpose. Do I need to enable other services such as iCloud Documents or CloudKit?
Also, I have this line like sample codes do, and wondering ubiquityContainerIdentifier shouldn't be nil. But I have no idea what I should pass. Could you please give me any advices?
cloudFileSystem = CDEICloudFileSystem(ubiquityContainerIdentifier: nil)
Thank you in advance.
You do need to have iCloud Documents enabled.
See the Simple Sync example app to see the things you have to setup.
I think passing nil should work. That will choose the default iCloud container for you (e.g. iCloud.com.mycompany.myapp). If you need a different container, just set that up in your capabilities for the target, and use that.
Note also there is a free book at http://leanpub.com/ensembles

Convert Objective C project to Xamarin

We have an app written in Objective C. It uses CoreData, RestKit, about 10 viewcontrollers.
We would like to migrate it to Xamarin (so we can target Android and Windows).
I was hoping there was a way to bind the current code to a Xamarin solution and kind of rewrite features step by step within Xamarin (eg: replacing a viewcontroller at a time, and at the end replacing RestKit+CoreData, by SQLite + ServiceStack).
I am aware of the binding to Objective C option that they provide, however, it doesn't look to be the appropriate fit for this (way too complex, probably easier to rewrite the app from scratch).
Is there a way to migrate our current project to Xamarin so we can convert? or do we start from scratch?
Thanks.
Options:
Migrate full project - no;
Automatically create binding for libraries, rewrite business-code, UI-code - yes;
Rewrite from scratch using .Net/Mono classes - yes.
If code size is relatively small, you should rewrite the whole app. Moreover, thus you could have a chance to separate business-logic from UI code and tools libraries (RestKit, CoreData). In perspective, that code will be more reliable and cross-platformish.
This tool can help. It does Obj-c to C# translation (some manual cleanup required):
Automagical
Quite probably, a re-write, from scratch. One thing to keep in mind, if your back-end is .net.. and you are using DTO's.. like with AutoMapper from Entity Framework objects.. you'll be able to re-use those DTO objects on your mobile side with Xamarin. If you are using OData, I'm not sure if this is still a problem, but Xamarin studio wasn't generating OData service clients. So you had to generate them in Visual Studio, then take the generated client code and throw them into your Mobile projects.
sqllite-net is awesome. I've never had any problems with it.
https://github.com/praeclarum/sqlite-net
I currently have a project, with DTO Objects from an Azure WCF service, that I push directly down into SQLLite objects on IOS and Android with Xamarin. I use RestSharp, rather than Service Stack. I should probably go learn the difference.
If you are looking to use SQLCipher from the Component store, to encrypt your sqllite db locally on your device (Good advice to do so), you should be aware that there is an issue in android.. going to 2.2 or 2.3 with SQLCipher. Works for ICS and above though, if I remember right.
Just be careful on your security implementation for allowing clients to connect. I want to say.. don't take too much advice.. and don't take too little either. : )

Programmatic iPod Backup on Linux

Are there any publicly available libraries or APIs out there on Ubuntu that allow me to programmatically archive the contents of my iPod? If no library or API exists, what alternative options do I have for saving the contents of my iPod?
Looks like gtkpod can do it. Looking over its source code might give you what you're looking for.

Resources