1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Question on Controlling Access To Bots or providing Software as a Service "SAAS"

Discussion in 'General Programming Chat' started by greyhatdude, Jan 31, 2010.

  1. greyhatdude

    greyhatdude Regular Member

    Joined:
    Sep 13, 2008
    Messages:
    377
    Likes Received:
    255
    Occupation:
    Medical Field
    Location:
    Philippines, here I come.
    Home Page:
    I'm just getting started with making bots and want to focus on learning programming, but I need to make money. So I am thinking that I can give access to my bots to partners and/or to outsourced employees, but I need to know how to control that access. I don't want to actually sell the bots because I would end up spending all of my time providing support instead of learning programming. Google searches for "SAAS" (software as a service) platforms gives me tons of companies that provide office software access to people, but I can't find a platform or service provider that will help me lock down my software on a desktop or server and let people access it remotely. Anyone have any idea how to do this?
     
  2. greyhatdude

    greyhatdude Regular Member

    Joined:
    Sep 13, 2008
    Messages:
    377
    Likes Received:
    255
    Occupation:
    Medical Field
    Location:
    Philippines, here I come.
    Home Page:
    Well so far I've determined that what I am looking for is called a SAAS Architecture Provider (Edit: Like opsource.net) Anyone done this before?
    I'm also considering running a Win2k8 Server on a separate DSL connection at home and providing (restricted) access that way. People could log in as a user and run all of my software that way. This would be an awesome way to outsource, manage projects, and run JV's. I *really* need to know how this is done.
     
    Last edited: Jan 31, 2010
  3. divinci

    divinci Junior Member

    Joined:
    Sep 25, 2007
    Messages:
    111
    Likes Received:
    15
    Hey greyhat,

    that's a nifty idea :) about the win2K8 box what sort of progs are you thinking of creating?
    Posted via Mobile Device
     
  4. n2zen

    n2zen Regular Member

    Joined:
    Sep 27, 2009
    Messages:
    269
    Likes Received:
    70
    Ideally, you would give them capability of logging into a server account and setting their preferences. You then have the bot scheduled to run at x interval via cron job (or similar).

    The safest options involve the least amount of choices on the user part. For example, giving them a pull-down to make choices from instead of a text-box to type into makes sql injection protection a bit easier ;)

    At the moment I've got some twitter bots running at pre-alpha levels. I don't give access, instead requesting their account details and preferences, and then turn the bots loose - on autopilot they will find users with similar interests as spec'd, follow up to 180 per day in small batches, refollow any new followers, unfollow bad friends after 24 hours, then rinse lather repeat.

    After bolting in enough functionality, like autorss posting, and whatnot, I'll flesh out the user interface so that people have control. Until then, they're just happy to have their accounts running on autopilot with no user intervention required, 24x7x365.
     
  5. smack

    smack Junior Member

    Joined:
    Feb 1, 2010
    Messages:
    182
    Likes Received:
    78
    Occupation:
    Software Engineer/Evil Genius
    Location:
    inside .NET
    i've been kicking around similar ideas for black hat saas.

    the conclusion i've come to is that the most secure way from my perspective is to run everything as a web app with heavy ajax functionality and have that communicate the user entered data and preferences to a windows service (i develop in .net) running on the machine.

    another option is to create thin clients to distribute to your customers and have them communicate via SOAP/REST API to your server side functionality. that way you could give a much richer client side app while maintaining the security of you code base. it would also allow you to IP lock access to your API accounts to prevent duplication and abuse.

    the only problem with these solutions is that they both take a substantial amount of development, set up, and potentially server power to implement. it's much easier to just distribute exe's, however there is no copy protection that is 100% solid and if microsoft and adobe can't figure out how to make something unbreakable, i have low hopes for me being able to succeed where they have failed. then you also have the annoyance of needing to regularly update people's executables or developing some kind of auto update functionality.
     
  6. FreakStone

    FreakStone BANNED BANNED

    Joined:
    Jun 26, 2009
    Messages:
    53
    Likes Received:
    8
    Your better off getting a $10 VPN. Cheaper, less headache, and in most cases better bandwith.