codesanitize

javascript – How do I discover my JSON recordsdata and cargo them with capacitor

iOS Development

codesanitize

-

26 August 2024

Here’s a script I put collectively to load recordsdata by way of the capacitor file system

import { Filesystem, Listing, FilesystemPermissions } from '@capacitor/filesystem';
import path from 'path';

// Utility perform to record listing contents for debugging
const listDirectoryContents = async (listing, dirPath) => {
  attempt {
    console.log(`Itemizing contents of listing: ${listing} at path: ${dirPath}`);
    const contents = await Filesystem.readdir({
      path: dirPath,
      listing: listing
    });
    console.log(`Contents of ${dirPath} in ${listing}:`, JSON.stringify(contents.recordsdata));
  } catch (error) {
    console.error(`Didn't record contents of ${dirPath} in ${listing}:`, error);
  }
};

// Utility perform to record all root-level directories
const listRootDirectories = async () => {
  const directories = [Directory.Documents, Directory.Data, Directory.Application, Directory.External, Directory.ExternalStorage, Directory.Cache];
  for (const listing of directories) {
    console.log(`nListing contents of root listing: ${listing}`);
    await listDirectoryContents(listing, '');
  }
};

// Verify for and request crucial permissions
const checkAndRequestPermissions = async () => {
  attempt {
    const standing = await Filesystem.checkPermissions();

    if (standing.publicStorage !== 'granted') {
      console.log('Public storage permission not granted. Requesting permission...');
      const requestStatus = await Filesystem.requestPermissions({ permissions: [FilesystemPermissions.PublicStorage] });
      
      if (requestStatus.publicStorage !== 'granted') {
        throw new Error('Public storage permission was not granted.');
      } else {
        console.log('Public storage permission granted.');
      }
    } else {
      console.log('Public storage permission already granted.');
    }
  } catch (error) {
    console.error('Error checking/requesting permissions:', error);
    throw error;
  }
};

export const loadJsonFiles = async (dir) => {
  attempt {
    console.log('Checking permissions...');
    await checkAndRequestPermissions();

    console.log(`Making an attempt to learn listing: ${dir}`);

    // Listing all root-level directories
    await listRootDirectories();

    // Listing contents of related directories for debugging
    await listDirectoryContents(Listing.Paperwork, '');
    await listDirectoryContents(Listing.Information, '');
    await listDirectoryContents(Listing.Software, '');
    await listDirectoryContents(Listing.Exterior, '');
    await listDirectoryContents(Listing.ExternalStorage, '');
    await listDirectoryContents(Listing.Cache, '');
    await listDirectoryContents(Listing.Paperwork, dir);
    await listDirectoryContents(Listing.Information, dir);
    await listDirectoryContents(Listing.Software, dir);
    await listDirectoryContents(Listing.Exterior, dir);
    await listDirectoryContents(Listing.ExternalStorage, dir);
    await listDirectoryContents(Listing.Cache, dir);

    // Try to seek out the index.html file in several places
    const indexPath = path.be part of(dir, 'index.html');
    console.log('Checking for index.html in several directories...');

    const directories = [Directory.Documents, Directory.Data, Directory.Application, Directory.External, Directory.ExternalStorage, Directory.Cache];
    for (const listing of directories) {
      attempt {
        console.log(`Checking for index.html in ${listing}`);
        const indexFile = await Filesystem.readFile({
          path: indexPath,
          listing: listing
        });
        console.log(`index.html present in ${listing}: ${indexFile.uri}`);
      } catch (error) {
        console.log(`index.html not present in ${listing}.`);
      }
    }

    // Attempt to learn the goal listing
    let recordsdata;
    for (const listing of directories) {
      attempt {
        console.log(`Making an attempt to learn ${dir} from ${listing}`);
        recordsdata = await Filesystem.readdir({
          path: dir,
          listing: listing
        });
        console.log(`Listing learn efficiently in ${listing}. Discovered recordsdata: ${JSON.stringify(recordsdata.recordsdata)}`);
        if (recordsdata.recordsdata.size > 0) break;
      } catch (error) {
        console.log(`Didn't learn ${dir} from ${listing}: ${error.message}`);
      }
    }

    let information = [];

    if (recordsdata && recordsdata.recordsdata.size > 0) {
      for (const file of recordsdata.recordsdata) {
        if (file.endsWith('.json')) {
          const filePath = path.be part of(dir, file);
          console.log(`Studying file: ${filePath}`);
          const fileContent = await Filesystem.readFile({
            path: filePath,
            listing: Listing.Paperwork // Match the listing utilized in readdir
          });
          console.log(`File learn efficiently: ${filePath}`);
          const jsonData = JSON.parse(fileContent.information);
          console.log(`Parsed JSON information: ${JSON.stringify(jsonData)}`);
          information = information.concat(jsonData);
        } else {
          console.log(`Skipping non-JSON file: ${file}`);
        }
      }
    } else {
      console.log(`No recordsdata present in any listing for ${dir}.`);
    }

    console.log('All JSON recordsdata loaded efficiently.');
    return information;
  } catch (error) {
    console.error('Error loading JSON recordsdata:', error);
    throw error;
  }
};

It is a variety of code, however I am merely simply making an attempt to load a listing known as ‘information’. For context, I am utilizing vue to compile the html/css for my capacitor venture.

Once I construct I can see my vue code simply tremendous and the venture masses up on iOS and Android. What would not work although is looking for my file.

I did many assessments after wanting round (even utilizing chatGPT), and I couldn’t discover a resolution as to how I can entry the recordsdata. I even learn a rumor that capacitor shops recordsdata in indexdDB however utilizing safari I verified this was not the case after utilizing that to view the storage and console messages from my iOS app (it has a developer mode to do that when it is related by way of USB)

My query is what am I doing incorrect and the way can I load one thing so simple as a JSON or TXT file?

My code at present was scanning each listing I may consider with none luck, all of them present up with no recordsdata in it. The iOS venture to be clear once I look I see my ‘information’ folder with the JSON subsequent to the index.html

Right here is my VSCode listing construction for instance as proof.

And right here right here is the iOS listing construction after I ran npx cap sync to confirm it bought copied over and it’s def there.

So I hope I’ve confirmed that it is positively a part of the venture. If it is being compiled onto the precise system once I construct I cannot confirm this but as I am unsure how.

If anybody has any clues how to do that it will be a lot appreciated! You’d suppose this could be fairly easy.

I learn this whole web page: https://capacitorjs.com/docs/apis/filesystem

I’m fairly certain I am implementing what it says appropriately?

How typically must you change your passwords?

Hacking

codesanitize

-

26 August 2024

0

How typically must you change your passwords?

Digital Safety

And is that really the appropriate query to ask? Right here’s what else it’s best to contemplate relating to retaining your accounts protected.

03 Apr 2024
•
,
5 min. learn

How often should you change your passwords?

A lot has been remodeled the previous few years concerning the rising potential in passwordless authentication and passkeys. Because of the near-ubiquity of smartphone-based facial recognition, the power to log into your favourite apps or different companies by wanting into your gadget (or one other technique of biometric authentication, for that matter) is now a refreshingly easy and safe actuality for a lot of. However it’s nonetheless not the norm, particularly throughout the desktop world, with many people nonetheless counting on good ol’ passwords.

That is the place the problem lies – as a result of passwords stay a significant goal for fraudsters and different risk actors. So how typically ought to we alter these credentials with the intention to preserve them safe? Answering this query could also be trickier than you suppose.

Why password modifications might not make sense

Till not too way back, it was really useful to repeatedly rotate passwords with the intention to mitigate the danger of covert theft or cracking by cybercriminals. The obtained knowledge was wherever between 30 and 90 days.

Nonetheless, the instances they’re a-changing and analysis means that frequent password modifications, particularly on a set schedule, might not essentially enhance account safety. In different phrases, there isn’t a one-size-fits-all reply to when it’s best to change your password(s). Additionally, many people have too many on-line accounts to comfortably preserve observe of, not to mention give you (robust and distinctive) passwords for every of them each few months. Additionally, we now dwell in a world of password managers and two-factor authentication (2FA) nearly in all places.

The previous means it’s simpler to retailer and recall lengthy, robust and distinctive passwords for each account. The latter provides a reasonably seamless additional layer of safety onto the password login course of. Some password managers now have darkish net monitoring inbuilt to routinely flag when credentials might have been breached and circulated on underground websites.

At any charge, there are some compelling the explanation why safety specialists and globally revered authorities, such because the US Nationwide Institute of Requirements and Know-how (NIST) and the UK’s Nationwide Cyber Safety Centre (NCSC), don’t suggest that individuals are pressured to alter their passwords each few months until sure standards have been met.

The rationale is pretty easy:

Based on NIST: “Customers have a tendency to decide on weaker memorized secrets and techniques once they know that they should change them within the close to future”.
“When these modifications do happen, they typically choose a secret that’s just like their previous memorized secret by making use of a set of widespread transformations comparable to growing a quantity within the password,” NIST continues.
This observe offers a false sense of safety as a result of if a earlier password has been compromised and also you don’t change it with a robust and distinctive one, the attackers might simply be capable to crack it once more.
New passwords, particularly if created each few months, are additionally extra more likely to be written down and/or forgotten, in keeping with the NCSC.

“It’s a type of counter-intuitive safety situations; the extra typically customers are pressured to alter passwords, the higher the general vulnerability to assault. What seemed to be a wonderfully wise, long-established piece of recommendation doesn’t, it seems, stand as much as a rigorous, whole-system evaluation,” the NCSC argues.

“The NCSC now suggest organizations do not power common password expiry. We consider this reduces the vulnerabilities related to repeatedly expiring passwords whereas doing little to extend the danger of long-term password exploitation.”

When to alter your password

Nonetheless, there are a number of situations that necessitate a password change, particularly in your most necessary accounts. These embody:

Your password has been caught in a third-party knowledge breach. You’ll seemingly be told about this by the supplier themselves, or you could have signed up for such alerts on companies comparable to Have I Been Pwned, otherwise you could be notified by your password supervisor supplier operating automated checks on the darkish net.
Your password is weak and easy-to-guess or crack (i.e., it might have appeared on an inventory of commonest passwords). Hackers can use instruments to attempt widespread passwords throughout a number of accounts within the hope that one in all them works – and as a rule, they succeed.
You have got been reusing the password throughout a number of accounts. If any one in all these accounts is breached, risk actors may use automated “credential stuffing” software program to open your account on different websites/apps.
You have got simply discovered, for instance because of your new safety software program, that your gadget was compromised by malware.
You have got shared your password with one other particular person.
You have got simply eliminated folks from a shared account (e.g., former housemates).
You have got logged in on a public pc (e.g., in a library) or on one other particular person’s gadget/pc.

Greatest observe password recommendation

Take into account the next with the intention to reduce the probabilities of account takeover:

All the time use robust, lengthy and distinctive passwords.
Retailer the above in a password supervisor which can have a single grasp credential to entry and might routinely recall your entire passwords to any web site or app.
Control breached password alerts and take speedy motion after receiving them.
Swap on 2FA at any time when it’s accessible to supply an extra layer of safety to your account.
Take into account enabling passkeys when provided for seamless safe entry to your accounts utilizing your telephone.
Take into account common password audits: evaluate passwords for your entire accounts and guarantee they don’t seem to be duplicated or simple to guess. Change any which are weak or repeated, or ones which will include private info like birthdays or household pets.
Don’t save your passwords within the browser, even when it looks like a good suggestion. That’s as a result of browsers are a preferred goal for risk actors, who may use info-stealing malware to seize your passwords. It will additionally expose your saved passwords to anybody else utilizing your gadget/pc.

If you happen to don’t use the random, robust passwords urged by your password supervisor (or ESET’s password generator), seek the advice of this checklist of suggestions from the US Cybersecurity and Infrastructure Safety Company (CISA). It suggests utilizing the longest password or passphrase permissible (8-64 characters) the place doable, and together with upper- and lower-case letters, numbers and particular characters.

In time, it’s hoped that passkeys – with the assist of Google, Apple, Microsoft and different main tech ecosystem gamers – will lastly sign an finish to the password period. However within the meantime, guarantee your accounts are as safe as doable.

Chick-Fil-A’s rumored streaming service issues greater than you suppose

Technology

codesanitize

-

26 August 2024

0

Chick-Fil-A’s rumored streaming service issues greater than you suppose

What you’ll want to know

Experiences point out that Chick-Fil-A, the fast-food chain recognized for its rooster sandwiches, is breaking into leisure “aggressively.”
The corporate is reportedly working with main manufacturing corporations to create new reveals, purchase the rights to present content material, and host the media by itself streaming service.
It may appear odd that Chick-Fil-A is beginning its personal streaming service, however it’s hardly the primary non-tech firm to enter the know-how business.

A few years in the past, cable and satellite tv for pc TV prospects flocked to streaming providers like Netflix and Amazon Prime, leaving their set-top packing containers and costly contracts behind. For a time, the streaming panorama was certainly higher than cable. That is not true anymore, as a result of the streaming market has been flooded with too many choices and anti-consumer media licensing battles.

For those who’re bored with streaming providers, be ready to start out seeing a model new one: Chick-Fil-A desires you to get your fast-food fill and your unique video content material from the identical firm.

Deadline reported final week that Chick-Fil-A is making an attempt to shore up unique content material forward of the launch of its rumored streaming service. The quick meals chain is reportedly working with a number of main manufacturing corporations and studios to develop unscripted, game-show-style TV reveals.

Whereas a lot of the content material is alleged to be unscripted, some scripted content material may very well be within the works. Deadline additionally says that Chick-Fil-A is having conversations about licensing and buying the rights to present content material, which might then be hosted on this new streaming service. Particularly, the outlet says {that a} family-friendly gameshow has already obtained a ten-episode order from Chick-Fil-A.

It may appear shocking that Chick-Fil-A is breaking into the video streaming market, however who is not lately? We have already seen reveals from Lyft, Airbnb, and others. Whereas quick meals chains have not been recognized to foray into streaming providers, they’re exploring the know-how business as a lot as another firm. Cell ordering, information assortment, and automation have been scorching matters within the quick meals business in recent times.

The true query to ask is that this one: do we actually want a Chick-Fil-A streaming service? For 99% of individuals, I think the reply is decidedly no. We have already got too many streaming providers, and the content material many people get pleasure from is already scattered throughout a number of video platforms. Actually, I would motive that there are various extra folks laughing about this growth from Chick-Fil-A than there are enthusiastic about it.

It is no joke when corporations with barely any tech expertise leap into the business. It could actually result in critical issues, and we have already seen a few of these points pop up.

We’re already seeing the implications of corporations making an attempt tech on a whim

The Disney Plus TV app and logo

(Picture credit score: Nicholas Sutrich / Android Central)

For starters, the quantity of bandwidth and servers wanted to service a video streaming platform is greater than you’d count on except you have tried to do it. It is seemingly that Chick-Fil-A is underestimating the technical infrastructure required to host a streaming service, even when it is outsourcing most of it. Plus, all of the investments Deadline is reporting now are being made for unique content material and licensing offers, not the service itself.

The extra regarding factor to me is the safety of Chick-Fil-A’s platform. Traditionally, corporations that are not tech-first have a tendency to depart person information susceptible to hackers and information breaches. For instance, in early 2024, McDonald’s suffered a significant information breach that leaked buyer and worker names, emails, inner instruments, and financial institution logs, in line with The Cyber Specific. Whereas Chick-Fil-A already shops person information associated to its cell app, a streaming service will increase the chance that bank card and fee info can be saved and is probably in danger.

No firm is immune from information breaches. Nonetheless, if you belief an organization like Apple or Google together with your private information, you realize they have been doing this for many years and can take measures to guard your info. You may share information with the Apples and Googles of the world that you just would not with a startup.

The issue with Chick-Fil-A, and corporations prefer it, getting into the tech area is easy. You belief the model and are aware of it since you’ve seen it earlier than otherwise you’ve been a buyer, however in actuality, Chick-Fil-A is not any higher than a startup within the tech area. The expertise of constructing quick meals does not switch to internet hosting person accounts, bank card info, or video streaming.

Disney+ launched an entire new trigger for concern, too. Disney initially tried to have a wrongful loss of life lawsuit tossed out of courtroom as a result of the plaintiff signed up for a Disney+ free trial and agreed to an arbitration clause. The corporate argued that this clause utilized to Disney Springs eating places fully unrelated to Disney+. Because the Related Press experiences, Disney backed down in response to public stress. But it surely leaves us questioning: would it not have labored? By agreeing to phrases and situations for a Chick-Fil-A streaming service, might these be used in opposition to us whereas consuming a rooster sandwich?

We do not know how Chick-Fil-A would function a streaming service. I’ve introduced up prior examples of what can occur if you belief an organization with out main expertise in tech together with your information, and these are price contemplating. The following time a trusted model throws their hat within the ring in the case of know-how, suppose twice earlier than you belief it.

Cthulhu Stealer malware aimed to take macOS person information

Apple

codesanitize

-

26 August 2024

0

Cthulhu Stealer malware aimed to take macOS person information

Cthulhu Stealer in motion [Cado Security]

Researchers have found one other data-seizing macOS malware, with “Cthulhu Stealer” bought to on-line criminals for simply $500 a month.

The Mac is turning into much more of a goal for malware, with warnings surfacing from researchers surfacing frequently. Within the newest instance, it is for malware that is been in circulation for fairly a couple of months.

Defined by Cato Safety and reported by Hacker Information on Friday, the malware known as “Cthulu Stealer” has apparently been round since late 2023. Consisting of “Malware-as-a-Service,” it was ready for use by on-line criminals for a mere $500 per thirty days.

Unhealthy disk photos

The malware takes the type of an Apple disk picture that incorporates a pair of binaries. This allowed it to assault each Intel and Apple Silicon Macs, relying on the detected structure.

To attempt to entice shoppers to open it, the malware can be disguised as different software program, together with Grand Theft Auto IV and CleanMyMac. It additionally appeared as Adobe GenP, a software for patching Adobe apps in order that they do not depend on receiving a paid safety key from the Inventive Cloud.

The supposed contents was a ploy to persuade customers to launch the unsigned file and permitting it to run after bypassing Gatekeeper. The customers are then requested to enter their system password, adopted by a password for the MetaMask cryptocurrency pockets.

With these passwords in place, system info and iCloud Keychain passwords are stolen, together with internet browser cookies and Telegram account particulars. They’re despatched off to a management server.

“The principle performance of Cthulhu Stealer is to steal credentials and cryptocurrency wallets from varied shops, together with sport accounts,” stated Cato Safety researcher Tara Gould.

Borrowing code

Evaluation of the malware signifies that the malware is much like one other that was beforehand discovered by the title of “Atomic Stealer.”

It’s thought that whomever made Cthulu Stealer used the code that produced Atomic Stealer as a base. Except for performance, the primary proof of that is an OSA script that prompts for the person’s password, which has the identical spelling errors.

Unusually for found malware, it seems that the creators of Cthulhu Stealer aren’t in a position to handle it, as a result of fee disputes. The developer behind it was completely banned from a cybercrime market that marketed the software over accusations of an exit rip-off that affected different market customers.

Defending your self

Customers haven’t got to do this a lot to guard themselves from Cthulhu Stealer, not least due to possession management points.

As ordinary, the recommendation is to be vigilant about what apps you obtain, that you simply obtain from secure sources, and to concentrate to what the app does as you put in it.

As for overriding Gatekeeper, that is one thing that may be achieved simply in macOS Sonoma and earlier releases. For macOS Sequoia, customers can’t Management-click to override Gatekeeper, however might want to go to System Settings then Privateness & Safety to evaluate a software program’s safety info as a substitute.

This modification ought to cut back the variety of situations the place Gatekeeper is bypassed, just by including extra obstacles.

Even so, customers ought to nonetheless listen each time Gatekeeper raises an objection to putting in or operating an app.

Does Antivirus Software program Gradual You Down?

Cyber Security

codesanitize

-

26 August 2024

0

Does Antivirus Software program Gradual You Down?

“Antivirus software program slows down my PC.” It is a remark that’s typically heard when speaking about antivirus and malware safety.

That is perhaps the case with many safety merchandise, but it surely’s not the case with McAfee. Unbiased assessments since 2016 have confirmed that McAfee is just not solely good at catching malware and viruses, but in addition one of many lightest safety merchandise accessible at present.

What’s antivirus safety?

Antivirus varieties a significant cornerstone of on-line safety software program. It protects your units towards malware and viruses via a mix of prevention, detection, and removing. Ours makes use of AI to detect absolutely the newest threats — and has for a number of years now.

For many years, individuals have put in antivirus software program on their computer systems. At present, it might probably additionally shield your smartphones and tablets as properly. In truth, we suggest putting in it on these units as properly as a result of they’re related, identical to a pc. And any system that connects to the web is a possible goal for malware and viruses.

One vital distinction about antivirus is its title, a reputation that first got here into use years in the past when viruses first appeared on the scene. Nonetheless, antivirus protects you from greater than viruses. It protects towards the broad class of malware too — issues like adware, ransomware, and keyloggers.

How does efficiency get measured?

To measure how a lot influence on-line safety software program has on PC efficiency, some impartial take a look at labs embody efficiency influence benchmarks of their safety product assessments. Essentially the most well-known of those take a look at labs are AV-TEST, which relies in Germany, and Austria-based AV-Comparatives. These impartial labs are among the many most respected and well-known anti-malware take a look at labs on the planet.

Through the years, we’ve examined strongly. These outcomes bought stronger nonetheless with the discharge of our McAfee Subsequent-gen Menace Safety.

McAfee’s AI-powered safety simply bought sooner and stronger. Our Subsequent-gen Menace Safety takes up much less disk area, reduces its background processes by 75%, and scans 3x sooner than earlier than. This makes your time on-line safer with out slowing down your looking, purchasing, streaming, and gaming.

And the outcomes present it.

McAfee got here in with the bottom system influence rating in a subject of 16. With an total influence rating of two.8, it weighed in far lower than the business common of 12.3. This excellent efficiency earned McAfee the very best potential rating: ADVANCED+ 3 Stars.

Sturdy antivirus doesn’t must gradual you down

Even with sturdy safety constantly monitoring all exercise in your PC and laptop computer for threats, the perfect form of antivirus retains your units working rapidly.

Advances in our already high-performing safety have solidified our glorious standing in impartial assessments. The labs run them commonly, and we take delight in realizing that we’re not solely defending you, we’re preserving you shifting alongside at an excellent clip.

Introducing McAfee+

Id theft safety and privateness in your digital life