Data sent to card io servers [closed] - card.io

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
It is my understanding that no card data is ever sent out, to any server. All processing is happening on the device. Is this the case?
I did notice (via Charles Proxy) that one request is made to the host api.card.io
Are the card.io folks able to tell me what is being sent out?
Below is the request details:
CONNECT api.card.io:443 HTTP/1.1
Host: api.card.io
User-Agent: card.io/icc (3.6.5 [Apr.21.2014-30fe])
Connection: keep-alive
Proxy-Connection: keep-alive
≠©S[åVÜÃ∞È"≠/vΩœ§ãöΩœ–®ï∑Ñπ‹ÿ˜Jˇ¿$¿#¿
¿ ¿¿¿(¿'¿¿¿¿¿&¿%¿*¿)¿¿¿¿¿¿¿¿
=</5
gk396api.card.io
Nåÿú\–˚Ù≠}Îöª‘Vó¶∫ˆ'⁄î#»ŸÆ∆2ëfiÅÄË
Iè∏
˙
âB⁄B∫ø}CÈpE]ÜÂ9ÉΩ◊¨ƒ≠A¥48pO˛^ÿ†π ‹Ëñ5Á!fVeRêüŸ∂'¯Ÿˇj<©≈Ì[∏;.?m´ú°—Ë’,KπE_Íkˆt∑{ˇëgRºxDø^‰.Ù»§pm4Å_Ë‹UwѺy¸&-I∂é’œáfi:g≠“«óOπ«ù¸Á—•Ifi)ÉflWŒú¬ºº‰NC¢–sHÙ˙ÃÎqcÓÌ⁄∑o++ùOÂWD˚¸Å$á´|ë|90˙X)◊U≠›di9eí¡"yt°ÂÖ9hÊπ¬vu ys™∞ƒAÉ;Ê14óΩBÏv#sQ¬…T¿B˛ƒ\í°¢rÇ≥€≠c≥°]‚X0œ€’T]„ë"ñ,N#y¸H∫OSëAÇ⁄»df∑mLœÈ¥ÛW:˙1IQïÊ/اd˙fiNÑ=çqRz≥ö«X'4(:âX!fi<*Æ,}≈ËÎ{rÌ⁄ô∑µ+Åz'ÖsyÄ÷Xtjöf ÊËAJÿÜRÏÈ™ä’F|å!°Í›!kaå»—O˘˜9ÊϙÜ7ùxë5ËÒYËfipõ…—5XxÆòOÅÙÔÿc˘åZ‡˚W›ët∆ÌCê—mhy∞‘V>j-÷R8FÚd»¢ı≠_êx˙ÇSÏ≈Ù„"°Ë}‘∫m” “¡d#VêÖjöØÚºÓœø∑œ…~πMÂa5fiÙ:À6ò≠v“æ
®Òœõ”À ‰r¶¬£±#ú®˝q¬%^|b¡l: ÈÈ9KÊoç

card.io sends auth requests ("may this app scan cards?") and analytics data. None of that includes card data. I suspect you'll find that the wire data you captured is a binary plist.

Related

What is a good indicator of a request sent over a socket? [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
I am writing some codeql for web servers like apache and nginx. I have done some research and found that a good indicator of a request is ntohs or ntohl because the the data that is sent over a socket needs to be converted from network byte order to host byte order. Are there any other indicators which I should use for web servers?
"Are there any other indicators which I should use for web servers?"
Your post includes the C tag, so besides the byte order functions you include the select() function should be at least included in the conversation for its message traffic handling capabilities. It is available for both Linux and windows environments, as indicated by following links.
The select(). call is commonly used to manage socket traffic. Read about the concept here. (Link includes tutorial content with code snippets for illustration.)

AngularJS and SpringBoot secure communication [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
I am wondering how to make simple and secure rest communication between my backend and frontend. I need to send some POST request's to my backend and somehow i need to secure that. This is simple app without any users accounts.
Serve your app over HTTPS instead of HTTP. Any calls made from angularjs using $http will be secured, you don't have to do anything here.

What is HTTP Parser, where it is used, what does it do [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I was reading C code at:- https://github.com/joyent/http-parser
. But I don't know what is the meaning of the HTTP Parser . Can you please explain its meaning probably with example so I can contribute to this project.
I think the README.md already explained it very well:
https://github.com/joyent/http-parser/blob/master/README.md
HTTP Parser can be employed in the browser as well as in the server and it extracts the following information from HTTP messages:
1 Header fields and values
2 Content-Length
3 Request method
4 Response status code
5 Transfer-Encoding
6 HTTP version
7 Request URL
8 Message body

For sockets, which side does the majority of the work? [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
For sockets, which side does the majority of the work?
I've been given this question to answer and don't really understand what it means. I've browsed through the web to find answers. However, nothing. So can somebody guide me to what it's actually asking? What it means?
Thanks!
Client should know the details of the server it connects to. The connect call is instantaneous.
But on the other hand the server should be continuously listening to a port for any incoming connections in the accept call.
So technically a server would take more of the processor time.
Once the connection is established the client and server pretty much has the same work in terms of sending and receiving messages.

How NTP protocol works? [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
I try to find ant NTP documentation for "dummies", I don't understand how NTP works. I need to write an NTP client which should just print current local time. What should I send to the server? What will I receive?
If you want to implement your own client then you need the RFC 5905 - Network Time Protocol Version 4 which specifies the protocol and algorithms of NTP. This document describes exactly what you should send to the server and what you will receive.

Resources