modeling – Creating models for for a subscription-based service using third-party payment gateways

If this question is too broad for Q&A format, I’d appreciate a pointer on where to ask it.

Suppose that you’re using Stripe (or some similar service) to manage the payments for a service of some sort. Stripe has built-in support for recurring payments, a payment gateway.

What I’m struggling to understand is how much of that logic is mirrored over to the application?

For example:

  • Where does the subscription/payment data is stored? Is it mirrored in some local DB or just wrapped from Stripe API?
  • How does one handle various states of a subscription that can’t be fulfilled (card declined, card missing, card fradulent)? Suppose that Stripe only handles payments and not subscriptions, how does one invalidate a subscription if a payment fails?

In other words, should User.first.subscription return something that’s stored in the application or essentially just make a call to Stripe every single time? If that’s the case, should my application not even have a Subscription model as it’s essentially just piped in from Stripe?

My gut is telling me in this case Stripe should handle the entirety of the payment and subscription logic and the service application itself should only wrap Stripe, is this fair to say?

amazon web services – Minimising latency: AWS and a third-party datacentre

I have a VPS (an EC2 instance) running on AWS-Ireland. I would like to minimise the latency of traffic between this instance and a service provider that has their servers at a third-party data centres (in this case – LD4).

AWS provides a cross-connect – but it seems that this is only applicable if I have some infrastructure at LD4 and at AWS. I want to minimise the latency between my AWS instance and a third-party server at LD4 without involving the third party.

security – How to set permissions to prevent third-party applications from modifying a file (*nix/mac)?

Here’s a recurrent problem I have: some obnoxious piece of third-party software has a configuration file (or its own source code) that incorporates some bad behavior. One might want to change those files, but, if one does so, sometimes the program in question changes it right back.

For example, homebrew is a series of ruby scripts that includes a forced check for the current xcode version, but, at least of a few versions ago, if one edited the source code to omit the check, running homebrew would cause the source code to go right back the way it started.

Another example of when one might want to do this is when some application installs a launchagent plist on Mac with RunAtLoad and KeepAlive flags set, so one can’t close it. Suppose one edits the plist to fix that, but is worried that when one runs the application again, it’ll just go back and re-set the unwanted flags.

Supposing that one is running these applications from an account with privileged access, such as a sudoer on *nix or an administrator on mac—is there any way to set the permissions or ownership on these kinds of files to prevent third-party applications from editing them, even if those third party applications are effectively running as root?

style guide – What is the guideline to be followed for third-party brand icons for a consistent design experience?

We have created our own font icon library for our product. There’s a requirement to show the brand icons (third party logos) like AWS, Azure, GSuite etc to be shown in the UI. Our font icon library follows a certain style and conforms to our guidelines… The brand icons will obviously look different from other icons.

I would like to know what is the common practice. Can we add the third party brand icons to our font icon library as is?

Can someone state any examples? The material design icon library does not have any brand icons in it. Fontawesome and glyphish bundle has brand icons in it, but then they are not confined to any product style guide.

europe – Travel from Britain to EU for third-party nationals

British nationals can certainly travel to the European Union, even without being required to quarantine. But if a national of a country that is not on the list of allowed third countries travels has been in Britain long-term under a long-duration tourist visa or visa-exempt passport, but without a residency permit, will they be denied entry to the EU? Or will they be admitted? Would there be certain documents that they would be expected to provide?

Antimalware – How can malware disable third-party security software?

I ask this question on the assumption that everything the user can do, including malware.

I use a third party firewall on my system to control which programs can access the Internet. However, I find that as a restricted user, I can change the firewall configuration without changing through the user account control. I notice that the user interface is running as my user, but the agent is running as SYSTEM.

By default, when I stop the software from the user interface, it seems to be blocked (ping blocked), which of course is good behavior. However, I can just go to the user interface and disable the firewall and other aspects without additional permissions. There's an option to apply a password to the UI, but I'm not sure how secure the implementation is (so I'm assuming it's weak).

In the event of malware infection, what prevents malware from simply disabling the firewall in the same way as the user?

I want to learn more about how third-party security products implement tamper and password protection, but I can't get good results from my searches. Any advice in the right direction would be greatly appreciated, thanks.

tls – Force third-party apps to trust the Charles Root certificate

I downloaded two different third-party apps (on Windows) to find out which HTTP calls are being sent to an external server on the Internet.

As far as I suspected, both apps call the same server.

I installed Charles Proxy and used "Install Charles Root Certificate" and apparently installed it successfully in my windows by placing it under "Trusted Root Certification Authorities".

I then activated Proxy > Start SSL Proxying and checked the checkbox of "Windows proxy" and started recording.

With the first app I can find out which exact calls are made to the external server.

However, with the second app, the app showed me the "Certificate Error 443" message, and with Charles it could not recognize the calls and return the following errors:

The client closed the connection before a request was made. Possibly the
SSL certificate was rejected.

SSL handshake with client failed – remote host ended this

You may need to configure your browser or application to trust it
Charles Root certificate. See SSL proxy in the Help menu.

So it seems that the other app has internal SSL protection? I'm not sure what to call it because it's not my area of ‚Äč‚Äčexpertise.

What is one way to get this app to accept the Charles certificate so I can find out what requirements it has?

twitter – How to go to tweets from a specific date or year without using the third-party app

There are two cases;

  1. When I scroll, it takes up to 3-4 days.
  2. I follow @xyz and scroll all tweets from @xyz, it goes to the very end
    3 to 4 days.

In both cases, I want tweets from specific dates or a specific year.

Please let me know how to find such tweets.

I found a link. How to find tweets from a specific date

The link says use third party apps.
Can it be done without using a third party app?