Recherche avancée

Sur d’autres sites (7648)

• Announcing our latest open source project : DeviceDetector

  30 juillet 2014, par Stefan Giehl — Community, Development, Meta, DeviceDetector

  This blog post is an announcement for our latest open source project release : DeviceDetector ! The Universal Device Detection library will parse any User Agent and detect the browser, operating system, device used (desktop, tablet, mobile, tv, cars, console, etc.), brand and model.

  Read on to learn more about this exciting release.

  Why did we create DeviceDetector ?

  Our previous library UserAgentParser only had the possibility to detect operating systems and browsers. But as more and more traffic is coming from mobile devices like smartphones and tablets it is getting more and more important to know which devices are used by the websites visitors.

  To ensure that the device detection within Piwik will gain the required attention, so it will be as accurate as possible, we decided to move that part of Piwik into a separate project, that we will maintain separately. As an own project we hope the DeviceDetector will gain a better visibility as well as a better support by and for the community !

  DeviceDetector is hosted on GitHub at piwik/device-detector. It is also available as composer package through Packagist.

  How DeviceDetector works

  Every client requesting data from a webserver identifies itself by sending a so-called User-Agent within the request to the server. Those User Agents might contain several information such as :

  • client name and version (clients can be browsers or other software like feed readers, media players, apps,…)
  • operating system name and version
  • device identifier, which can be used to detect the brand and model.

  For Example :

  Mozilla/5.0 (Linux; Android 4.4.2; Nexus 5 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.99 Mobile Safari/537.36

  This User Agent contains following information :

  Operating system is Android 4.4.2, client uses the browser Chrome Mobile 32.0.1700.99 and the device is a Google Nexus 5 smartphone.

  What DeviceDetector currently detects

  DeviceDetector is able to detect bots, like search engines, feed fetchers, site monitors and so on, five different client types, including around 100 browsers, 15 feed readers, some media players, personal information managers (like mail clients) and mobile apps using the AFNetworking framework, around 80 operating systems and nine different device types (smartphones, tablets, feature phones, consoles, tvs, car browsers, cameras, smart displays and desktop devices) from over 180 brands.

  Note : Piwik itself currently does not use the full feature set of DeviceDetector. Client detection is currently not implemented in Piwik (only detected browsers are reported, other clients are marked as Unknown). Client detection will be implemented into Piwik in the future, follow #5413 to stay updated.

  Performance of DeviceDetector

  Our detections are currently handled by an enormous number of regexes, that are defined in several .YML Files. As parsing these .YML files is a bit slow, DeviceDetector is able to cache the parsed .YML Files. By default DeviceDetector uses a static cache, which means that everything is cached in static variables. As that only improves speed for many detections within one process, there are also adapters to cache in files or memcache for speeding up detections across requests.

  How can users help contribute to DeviceDetector ?

  Submit your devices that are not detected yet

  If you own a device, that is currently not correctly detected by the DeviceDetector, please create a issue on GitHub
  In order to check if your device is detected correctly by the DeviceDetector go to your Piwik server, click on ‘Settings’ link, then click on ‘Device Detection’ under the Diagnostic menu. If the data does not match, please copy the displayed User Agent and use that and your device data to create a ticket.

  Submit a list of your User Agents

  In order to create new detections or improve the existing ones, it is necessary for us to have lists of User Agents. If you have a website used by mostly non desktop devices it would be useful if you send a list of the User Agents that visited your website. To do so you need access to your access logs. The following command will extract the User Agents :

  zcat ~/path/to/access/logs* | awk -F'"' '{print $6}' | sort | uniq -c | sort -rn | head -n20000 > /home/piwik/top-user-agents.txt

  If you want to help us with those data, please get in touch at devicedetector@piwik.org

  Submit improvements on GitHub

  As DeviceDetector is free/libre library, we invite you to help us improving the detections as well as the code. Please feel free to create tickets and pull requests on Github.

  What’s the next big thing for DeviceDetector ?

  Please check out the list of issues in device-detector issue tracker.

  We hope the community will answer our call for help. Together, we can build DeviceDetector as the most powerful device detection library !

  Happy Device Detection,

• Zoom video with VB.NET with ffmpeg

  16 août 2017, par Елица Велкова

  I am working on Windows Forms App in VB.NET and I have the following task : add video to application and when I click somewhere in video to zoom it and get pixels of this place by x and y.Please tell me how to do it ?

  I am reading for ffmpeg library but I do not know how to use it in the project .

• How to verify signatures for Piwik release packages

  19 novembre 2014, par Piwik Core Team — Security

  We are proud to announce that Piwik project now cryptographically signs the Piwik releases using PGP following requests from several community members. In this post we will explain how you can verify the signatures of the Piwik release you downloaded, with instructions for Windows, Mac OS X and Linux.

  What is a signature and why should I check it ?

  ---

  How do you know that the Piwik platform you have is really the one we made ? Some software sites list sha1 hashes alongside the software on their website, so users can verify that they downloaded the file without any errors. These “checksums” help you answer the question “Did I download this file correctly from whoever sent it to me ?” They do a good job at making sure you didn’t have any random errors in your download, but they don’t help you figure out whether you were downloading it from a compromised server. The better question to answer is : “Is this file that I just downloaded the file that Piwik intended me to get ?”. Over the years several Piwik users have requested that we start signing our releases.

  Where do I get the signatures and the keys that made them ?

  ---

  Each file on our release server builds.piwik.org is accompanied by a file with the same name as the package and the extension .asc. These .asc files are GPG signatures. They allow you to verify the file you’ve downloaded is exactly the one that we intended you to get. For example, piwik-2.9.0.zip is accompanied by piwik-2.9.0.zip.asc<code>.

  Currently Matthieu Aubry is the release manager and signs the Piwik releases. His signature can be found here : builds.piwik.org/signature.asc

  How to verify signatures on Windows

  ---

  You need to have GnuPG installed before you can verify signatures. Download it from http://gpg4win.org/download.html.

  Once it’s installed, use GnuPG to import the key that signed your package. Since GnuPG for Windows is a command-line tool, you will need to use cmd.exe. Unless you edit your PATH environment variable, you will need to tell Windows the full path to the GnuPG program. If you installed GnuPG with the default values, the path should be something like this : C :\Program Files\Gnu\GnuPg\gpg.exe.

  Import Piwik Release manager Matthieu’s key (0x416F061063FEE659) by starting cmd.exe and typing :

  "C :\Program Files\Gnu\GnuPg\gpg.exe" —keyserver keys.gnupg.net —recv-keys 814E346FA01A20DBB04B6807B5DBD5925590A237

  After importing the key, you can verify that the fingerprint is correct :

  "C :\Program Files\Gnu\GnuPg\gpg.exe" —fingerprint 814E346FA01A20DBB04B6807B5DBD5925590A237

  You should see :

  pub   4096R/5590A237 2013-07-24
        Key fingerprint = 814E 346F A01A 20DB B04B  6807 B5DB D592 5590 A237
  uid                  Matthieu Aubry <matt@piwik.org>
  uid                  Matthieu Aubry <matthieu.aubry@gmail.com>
  uid                  Matthieu Aubry <matt@piwik.pro>
  sub   4096R/43F0D330 2013-07-24
  

  To verify the signature of the package you downloaded, you will need to download the ".asc" file as well. Assuming you downloaded the package and its signature to your Desktop, run :

  "C :\Program Files\Gnu\GnuPg\gpg.exe" —verify C :\Users\Alice\Desktop\piwik-2.9.0.zip.asc C :\Users\Alice\Desktop\piwik-2.9.0.zip

  The output should say "Good signature" :

  gpg : Signature made Thu 13 Nov 2014 17:42:18 NZDT using RSA key ID 5590A237
  gpg : Good signature from "Matthieu Aubry <matt@piwik.org>"
  gpg :                 aka "Matthieu Aubry <matthieu.aubry@gmail.com>"
  gpg :                 aka "Matthieu Aubry <matt@piwik.pro>"
  

  Notice that there may be a warning in case you haven’t assigned a trust index to this person. This means that GnuPG verified that the key made that signature, but it’s up to you to decide if that key really belongs to the developer. The best method is to meet the developer in person and exchange key fingerprints.

  Mac OS X and Linux

  ---

  On Linux GnuPG is usually installed by default. On Mac OS X, you need to have GnuPG installed before you can verify signatures. You can install it from http://www.gpgtools.org/.

  Once it’s installed, use GnuPG to import the key that signed your package. Matthieu Aubry signs the Piwik releases. Import his key (814E346FA01A20DBB04B6807B5DBD5925590A237) by starting the terminal (under "Applications") and typing :

  gpg —keyserver keys.gnupg.net —recv-keys 814E346FA01A20DBB04B6807B5DBD5925590A237

  After importing the key, you can verify that the fingerprint is correct :

  gpg —fingerprint 814E346FA01A20DBB04B6807B5DBD5925590A237

  You should see :

  pub   4096R/5590A237 2013-07-24
        Key fingerprint = 814E 346F A01A 20DB B04B  6807 B5DB D592 5590 A237
  uid                  Matthieu Aubry <matt@piwik.org>
  uid                  Matthieu Aubry <matthieu.aubry@gmail.com>
  uid                  Matthieu Aubry <matt@piwik.pro>
  sub   4096R/43F0D330 2013-07-24
  

  To verify the signature of the package you downloaded, you will need to download the ".asc" file as well. Assuming you downloaded the package and its signature to your Desktop, run :

  gpg —verify /Users/Alice/piwik-2.9.0.zip.asc*,

  The output should say "Good signature" :

  gpg : Signature made Thu 13 Nov 2014 17:42:18 NZDT using RSA key ID 5590A237
  gpg : Good signature from "Matthieu Aubry <matt@piwik.org>"
  gpg :                 aka "Matthieu Aubry <matthieu.aubry@gmail.com>"
  gpg :                 aka "Matthieu Aubry <matt@piwik.pro>"
  

  Notice that there may be a warning in case you haven’t assigned a trust index to this person. This means that GnuPG verified that the key made that signature, but it’s up to you to decide if that key really belongs to the developer. The best method is to meet the developer in person and exchange key fingerprints.

  That’s it ! In this article you have learnt how you can verify that the Piwik package you have downloaded on your computer was the same as the one Piwik team has officially created. We hope this helps you use Piwik with more security.

  Source : this article was copied and adapted from the great Tor Browser project website page How to verify signatures for Tor packages