Clever Geek Handbook

Safe and secure way to update over the internet in C #

What would be the safest and safest way to automatically update software without opening too many holes for a hacker to easily access the system?

+2


source to share


4 answers


Have you learned about ClickOnce deployment?

http://msdn.microsoft.com/en-us/library/t71a733d(VS.80).aspx



A quick overview here:

http://msdn.microsoft.com/en-us/library/142dbbz4(VS.80).aspx

+5


source


I recommend not creating your own auto-update, use ClickOnce if it works for you or the commercial auto-update component if not.



If you want to see what's involved, I wrote a series on writing an auto-update component on my blog a while ago, the last post with links to all posts in this series: http://www.nbdtech.com/blog/archive/2007 /08/07/How-To-Write-an-Automatic-Update-System-Part-8.aspx

+1


source


If you are going to create your own system, you probably want to have a public / private key pair.

So, you will update the update.

Then encrypt with the private key on the server.

The client can then decrypt and unzip it and then install.

This way, as long as your private key is protected, you can ensure that the update is legal.

The only weakness is that if someone changed the public key to some other key, then they could trick this program into believing that the Trojan is a valid update.

There are various schemes you can use to get around this, but that will depend on how much work you want to put into it.

0


source


ClickOnce auto-renewal is fair and good, but everyone can admit that it is not the most fashionable solution. I recently developed a solution that requires such an automatic update feature. Here is a list of the quick steps I took to deploy my own update service, which also allows rollbacks with a minimum of know-how.

  • Add the project project to the solution so that the project can be neatly wrapped in an .exe or .msi installer package.

  • Below is the FTP server setup with the required user credentials that only your application knows. On the ftp server, set up a default directory where you will add new updates.

  • Your application will check your internet connection at startup, log into your remote FTP server and check for new files.

  • Download the new updates to the client application and place them in a date-named folder for future use. Some checks need to be in place to make sure you are not downloading the same old files.

  • Close the application and start a fresh installation. Depending on how you customize the setup project, the setup wizard can completely uninstall the previous version, or just update the partial (patches, etc.).

  • Your app may have a rollback functionality by going to the local update directory and uploading previously downloaded files. This is where the date stamp files are given for reference.

This solution offers a level of customization that I think most enterprise solutions will require, and I have found it to work very effectively for me. FTP servers are safe and reliable regarding file uploads. You can find many FTP helpers on the internet, so it should do the job the way you want it to and not worry too much about how it works.

0


source






More articles:


All Articles