GCM seems to be too good to be free.
I mean, there are messaging/notification functionality, XMPP functionality etc. And it all requires internet bandwidth / server capacity / storage etc..
Moreover, even iOS platforms can use the GCM ( XMPP ) and it's all for free.
It seems a bit weird for me, so I try to find a catch ( especially, taking into account, that there are some similar paid services in the internet ).
Did anyone try to create a big setup ( with lots of clients ) on GCM/XMPP?
Did you succeed? Or maybe there is somewhere a limit/threshold and you have to pay if you reach it?
Any advice/considerations would be highly appreciated.
Thank you in advance.
Best Regards,
Maksim
No catch, GCM is a free service to developers. Many large applications use GCM to deliver messages.
Related
Every application that generates dynamic content must have a server whose address is embedded inside the application to enable communication with server.
Now in the case of WhatsApp definitely they have also embed the server's address inside the WhatsApp application. For example someone reverse engineer the WhatsApp apk and found the address of the server, as well as he also found the parameters and all the stuff that the application sends to the server (i-e session, token, authentication key etc etc) for successful communication, so is that mean he can use these same parameters structure and the server address in different third party app to play/communicate with the WhatsApp server? Because server is just an electronic device that works on the digital signals and thats it. Server don't know that these parameters are coming from the authorized WhatsApp apk or from third party apk.
If yes, then don't you guys think that there should be solution to that problem?
If no, then what are the techniques and algorithms they are using to stop requests from unauthorized/fake apps.
I believe not any employee from WhatsApp will answer here to share the algorithm, but i know SOF is full of geeks, if someone knows how WhatsApp stops these kind of issues please share, otherwise i will be still glad to know about the advice and ideas that you guys have in your mind for the best security practices.
How banking, paypal etc and messaging apps including WhatsApp works in that scenario and how they stop the issue that i described above?
Important:
I am not going to reverse engineer the WhatsApp, i am just creating a server and fighting with this issue to be solved to secure my server and only accept request from my app but stop requests from unauthorized/fake apps.
Thanks & respect to all in advance who will contribute.
There is no way to prevent malicious reverse-engineering, resulting in a fake app pretending to be the real thing. While you are working on your server, you need to do defensive programming, that is, your server shouldn't assume that the request was sent via the app. So, if you protect your server against all kinds of malicious and deliberate misuses, then your server is safe.
However, that's easier said than done, because your project is developed by a finite amount of people and - if it becomes successful then - the audience contains a swarm of smart bad people.
You will therefore need to detect a subset of features that you need to absolutely protect against misuses and prioritize testing and improving those, by thinking with the mind of a fictional hacker, who would like to either gain unearned profits or do harm to your project. Schizophrenic, I know, but you need to do that on the server. You also need to improve the security of less than critical features, but at a lower priority and log the requests you get, so if SHTF, then you will have at least a chance to deduce what caused it and how.
If the phone app is in your hands as well, then you might implement some additional authentication for each version, like generating a version token for each user that downloads your app. Since the version token generator algorithm would not be in the hands of hackers, they would have to solve that on a per user basis, which is extremely laborius to solve this for several users if done by hand and if they work it out in a way to make it automatic, their solution would be viable only for a version.
So, there is no 100% accuracy in this area, but you can make life very hard and miserable for people payed to hack through your application.
These are what I am talking about:
https://github.com/meetecho/janus-gateway
https://github.com/jitsi/jitsi-videobridge
The scalability I am looking for is say 1 to 10k users in a single live stream.
None of those are going to scale to 10k streams out of the box. If all you want is for 1 participant to be seen by 10k people, that is, a one direction broadcast, YouTube or Twitch are better suited for this purpose.
Disclaimer: I'm a developer on the Jitsi team.
"None of those are going to scale to 10k streams out of the box."
The question wasn't "which one of these can do it out-of-the-box", it was "which one would be cheaper".
I've been fiddling around for months with both Janus and Jitsi trying to get them to work on a server and I've had no luck, so I can't exactly tell you which one would be cheaper, but I imagine they are roughly similar if you are just relaying the video/audio feed without doing any additional transcoding on the server.
I think what it comes down to cost-wise is probably your setup and configuration. Will you run it on a PaaS like AWS or GCP, or will you set up on some hosted servers and configure the cluster yourself? Which PaaS or server host will you use? How much work are you or your team willing to put into the setup and configuration? Do you even know what you're doing?
Going through a PaaS would save you a ton of work and probably be much more reliable and robust, but will probably be much more expensive. And there are different price ranges among different platforms and services and hosts.
I think the cost will be much more affected by these factors than by the differences between Janus Gateway and Jitsi Videobridge.
But what do I know, I can't even get the ***king things to work on one simple server.
Question says it all. All the examples I can find are for server<-->android.
I'm looking for Javascript-->android
Paid version, try PubNub (Push to Android Example) or Pusher API tools.
For open source solution, you might try PushSharp
Note the real trick is obtaining the RegID from your device. See the answers in this posting to understand better what is going on...
I have a rails-based restful server-side api.
I want to know what services are called the most, their response time, etc.
So this is sort of web analytics, but it's for server-side operation.
Is there any free service out there that can help out( google analytics is a good analogy)?
Did you try to analyze your logs?
It is a very good way to get the statistics you are looking for without using an external service
Here is a link: Rails log analyzer
try Apigee http://www.apigee.com/ it's free and could give you what you want.
I've had the same problem. A lot of services are for web analytics, this means they super general, and it's hard to configure it properly.
What I can suggest you is to use some kind of APM. There is one especially for Rails - https://appsignal.com/. But it's not free, price starts from 15 euro / month for 250K of requests.
I've got an application that does some work then hits an URI callback once the work is done.
For testing, I'd like to send an SMS to my cellphone.
Something like http://www.jonskeetistheman.com/SMSSend.aspx?phone=4255555555&msg=supdawg
Are there any REST based SMS services (free) that ya'll can recommend?
It's not free, but it is cheap: http://www.twilio.com/sms/
Apparently it's all the rage lately.
The only free one I know is from Zeep Mobile.
This post from killerapi explains the catch. Basically it embeds ads, and is more troublesome to use.
Paid SMS APIs are plenty: Nexmo, Hoiio, Twilio.
Zeep Mobile offers a free SMS service with a Short Code
I'm not sure about free one.
the one I use is clickatell which has the exact same interface (although on an ever so slightly different domain), and costs a few cents per sms.
www.voxox.com -
Free and offers a wide variety of services, SMS is just one of them.