Dynamsoft Blog

The leading provider of version control solutions and TWAIN SDKs

Device Security: Factors for Changing the Sandbox Security Mechanism

It seems more and more sensors are being used in wireless communication modules with each new version of a device. We have accelerometers, gyroscopes, compasses, and more just in smartphones. These components are often integrated with other components – such as, Bluetooth, Wi-Fi, NFC, etc. – for enhanced data sharing. Such functionalities are helping to usher in the new age of the Internet of things (IoT). But, as devices and their applications share more data with each other, security risks increase. Manufacturers are addressing this in part by having implemented another layer of security: the Sandbox mechanism.

Apple Pay

Apple recently rolled out Apple Pay with the hopes to push and popularize e-wallet payments based on NFC. It is known that Apple uses the Sandbox technique to secure its applications. On iOS, this is done at the OS level. Sandbox is a security method used to isolate running programs from each other at an application or OS level. With it, developers can restrict applications or devices from accessing certain OS resources. It can add a layer of protection for user data when hackers exploit vulnerabilities in an applications or systems.

More companies like Apple, Google and Microsoft are moving to secure systems and web browsers with Sandbox. But, it may impact end user and developer behavior. For example, some users would rather root their devices to obtain more system rights, which circumvents Sandbox. If users or developers are willing to squander an added Sandbox layer of security, another question begs asking. Is it necessary to enforce a Sandbox technique on an OS or with web browsers?

Sandbox for Mobile

The capabilities of applications running in Sandbox mode can be extremely constricted. But, explicit policies can be setup to grant permissions. For example, an application can be allowed to access key system features and specific user data. Apple and Android devices provide a Sandbox mechanism. It’s popularly known that Android is more flexible in allowing applications to obtain greater permissions. Almost anyone who has downloaded an app is familiar with how Sandbox is implemented. When an app is installed, sometimes a user will be prompted to review permissions and decide to enable or disable them. Thus, he or she implemented Sandbox policies for that app.

Android’s enhanced security flexibility includes more possibilities without rooting. For example, users aren’t always restricted to downloading apps only from Google Play. They can download and install them from unknown or other sources. While it can present a greater security risk, this flexibility does help satisfy additional user requirements. Obviously there is a tradeoff between having more restrictions and being more open. It’s commonly known iOS is the most locked-down mobile operating system. Apple has restricted access to the OS far more than Google has for Android. In a way, iOS more automatically protects users whereas on Android, most users have to judge and apply restrictions. In some cases, users might not even understand what permissions they may or may not want to grant. So, it becomes easily arguable that an Android device is at much greater risk at getting infected by a virus or worm compared to an iOS devices. But, it’s also easily arguable that Android is more flexible in application use.

The industry needs better balance. A new question has to be addressed. How can manufacturers better balance an even more flexible user experience while enabling an even safer environment? The Sandbox technique must adapt to address this necessary shift.

Sandbox for Desktops

The Windows and Mac OSes provide official application stores for users and the stores employ the Sandbox mechanism. For example, by default in Mac OS X unverified third-party applications are now disallowed. But Sandbox on a desktop OS is different from a mobile OS. Mobile OSes were born with Sandbox. The desktop was born more open. For users who touched iOS before Mac OS, Sandbox comes across more acceptable and even convenient. But, for old users and developers that lived on Mac OS first, it is a little bit odd and harder to accept.

On Windows 8, the oddness is a bit different. For example, we can install Skype as a Windows App from their app store with Sandbox enforcement. But, we can also install it from the Skype website without Sandbox enforcement. The app version is different than the desktop version in other ways too. But, to users, Skype on a single machine should probably just be Skype. It’s difficult to grasp the same application appearing twice, operating slightly different from one another, including permissions. For many years on desktops, people were able to install applications with a few or no restrictions, let alone prompts to allow this or not allow that. Thus, it’s likely that on desktops the Sandbox mechanism will be an alternative but, not a replacement security measure.

Sandbox for Web Browsers

HTML5 technology is fast becoming mainstream in web browsers. As a result, leading browser developers are abandoning certain components. We’ve seen IE abandon ActiveX and Chrome abandon NPAPI, etc. More and more, web browsers are using Sandbox to replace old security techniques and disallow plugins from directly accessing system resources.

Sandbox can provide end users a more secure browsing environment. But, Sandbox might also be inconvenient for users and developers. Let’s explain. When web browsers automatically update in the background, users will likely not be aware of what web browser features have been changed. That is until they suddenly cannot access or use certain features or functionalities that previously worked. For example, an online banking systems might have been using ActiveX for password input and verification. If ActiveX is – unknowingly to the user – abandoned, how will users access their account? Thus, it’s likely that banks are in no rush to update their systems.

As more web browsers move to enforce the Sandbox mechanism, developers will have to figure out new plugin solutions. For example, WebSocket might be the answer to upgrade from old to new as soon as possible.

What’s the Path?

The Sandbox mechanism has proven itself excellent for securing devices, though not without hurdles. Developers by now fully understand it comes with tradeoffs. The main one is more application and device restrictions which obviously results in less freedom. Thus, it is hard to cover all user requirements. There’s no doubt that providing multiple options for the Sandbox security mechanism is ideal. It’s undeniable that more and more devices will talk to one another. The same is true of their applications. Thus, developers should move to face the challenges in Sandbox security now rather than later.

We’re Saying Goodbye to ImageCapture Suite as Dynamic Web TWAIN Takes Over

The Best of ImageCapture Suite Makes its Way onto a Revamped Dynamic Web TWAIN v10.2 to Offer Single-Solution Simplicity

Dynamsoft is proud to announce that ImageCapture Suite and Dynamic Web TWAIN will be merged into one product.

The new merged software development kit will be Dynamic Web TWAIN v10.2 and will be made available Dec 9, 2014. All the premier features of ImageCapture Suite will be migrated into Dynamic Web TWAIN. This includes the webcam module and the support for integration with add-ons such as our barcode reader SDK, PDF rasterizer, barcode generator SDK, and OCR.

But, this is far more than just a product merge or name change. This new release is also an upgrade stemming from ImageCapture Suite v9.3. The highlight of this upgrade is support for Chrome and Firefox on both Windows and Mac OS X with a WebSocket application. Simultaneous with this change, the core Dynamic Web TWAIN SDK will have two modules: a scanner module and webcam module.

Okay. Explain that again?

Gladly! The following chart illustrates Dynamsoft’s previous approach to the SDK product line:

And this is the new approach to the product line:

What’s different about the scanner module & webcam module?

As the name suggests, the scanner module works with TWAIN-compatible scanners and other devices, including digital cameras and capture cards. Meanwhile, the webcam module enables displaying live streams and capturing snapshots from DirectShow-compliant webcams. Sweet. But, is there now new pricing?

The price will remain the same as the current ImageCapture Suite: https://www.dynamsoft.com/Secure/imagecapture-suite-with-barcode-ocr-purchase.aspx

Is the upgrade to v10.2 free?

If your Dynamic Web TWAIN license keys are current (meaning they are 10.0 or later) or if your annual maintenance is up-to-date, the upgrade is free. To find out if you are eligible, please contact us at sales@dynamsoft.com. Upgrading from ImageCapture Suite 9.3 or previous versions is not free. Check out the upgrade fee here.

Why the change? I liked ImageCapture Suite the way it was.

So did we. But, ImageCapture Suite and Dynamic Web TWAIN have always been part of the same family. Both have been built on the same rock-solid browser-based document scanning technology. Both enjoy many product generations of development and refinement. In the end, this merge will save our team some time on development and testing so we can get new features and updates implemented even better and faster for our customers. And, it also greatly simplifies the product selection process for our customers.

Will I need a new license key when transitioning from ImageCapture Suite to Dynamic Web TWAIN?

If you are upgrading from ImageCapture Suite v9.3 or older, then yes.

Are there any new costs associated with Dynamic Web TWAIN?

The short answer is no. ImageCapture Suite and Dynamic Web TWAIN have practically the same licensing model.

Do I have to upgrade?

We will continue to provide technical support to customers who decide to remain on ImageCapture Suite.

Is it difficult to upgrade from ImageCapture Suite to Dynamic Web TWAIN?

We will develop a useful step-by-step upgrade guide to walk you through the procedure. In addition, our professional tech support team is standing by, ready to assist you any time. There are multiple ways to contact the team, starting from the main “Support” link on the Dynamsoft home page.

TimeLine

Date What’s happing to ImageCapture Suite? What should I do?
Nov 9th, 2014 Download will not be available any more. Go to Dynamic Web TWAIN.
Dec 9th, 2014 No more purchases. Go to Dynamic Web TWAIN. Dec 9th, 2016 Tech support will not be provided any more.

We’re available to answer any other questions as you look to migrate to Dynamic Web TWAIN v10.2.

Building a Document Management Solution: Do it from Scratch or Use 3rd Party SDKs?

Buy or Build

Buy it or build it? Today, this is an age-old question in the IT world. The mere outcome of one versus the other can yield grand differences in the scope of desired benefits, cost, and time to accomplish. This major decision is one many organizations also face when deciding upon a document management solution (DMS). So, should you really build your own DMS application entirely from scratch? Buying one is likely simple enough but, it also can limit you on desired features. So, if one opts to build a DMS, is help available to undertake such a task?

Other Initial Questions
There is a lot to figure out when you’re just starting out with deciding to buy or build a document management solution. You must understand, at a strategic level, what core competencies you expect from the application. This is in addition to comprehending tactical underpinnings that will make up the underlying processes for achieving common tasks. Of course, you also need to consider time-to-market or time-to-first-use. For time-to-market, can you build it all from scratch and meet your development deadlines? If it’s time-to-first-use, you have to consider how urgently you need to start using it. You’ll want to weigh these things against the necessary time and resources to properly execute the software.

Once you elect to start building it, even more questions start to pop up. Have you allocated enough R&D resources to do the related work? For example, will you need to adopt and implement technology standards and if so, do you have a full understanding of those standards? If not, how much time will need to be spent educating oneself on necessary standards to correctly implement them? With document management solutions, many standards come into play, from image acquisition interfaces to file extension types. You have to also thoroughly understand and make sure you know your true cost of ownership over the lifecycle of the software. For example, can you accurately account for staffing six months or a year or more from now? It’s critical because the staff needs to provide continuous technical support for each component of the software. As we all know, the cost to build or own software extends beyond initial development or purchasing. Technical support, upgrades, scalability – all of these elements can add surprise long-term costs.

Going It Alone But, With Help
Those that opt to build their own solution often do so for obvious reasons, one of which is flexibility to customize as needed. It’s important to note that one can opt to purchase certain pre-built components. This can save extensively on development costs and time while still allowing the full flexibility of custom-built solutions. If you’re building a house from scratch, you’ll probably purchase pre-built windows, doors, and fixtures. This saves extra money and time you would have otherwise spent on extra sanding, cutting, measuring, etc. Just the same, software developers commonly opt to use an available off-the-shelf database to not fuss around with trying to design one. One might also use software development kits (SDK) for other components, such as for the interface to conduct document scans and processing. Building your own database and image capture module can be daunting. For image capture there are industry standards to comprehend that are hundreds of pages long. You really shouldn’t even begin to code without full comprehension of these standards. Then there is the code itself – it can be hundreds to more than a thousand lines of codes of additional work. Building an image capture component yourself can add months of extra development time and costs.

Let’s get more specific. The TWAIN application programming interface (API) is one of the most popular communications protocols to regulate interfacing between software and digital imaging devices. So, there’s work to be done to know how to properly support this one standard. You’ll start by learning the 600+ pages that make up the TWAIN specification. This is so you can become familiar with how to use TWAIN to talk to imaging devices, such as scanners. Understanding TWAIN to develop related scanner programming is essential. So, it’s no wonder many programmers opt to use SDKs for specific components. This is a very common practice in the document management software market. The use of a document imaging SDK, such as Dynamic Web TWAIN, can allow the programmer to implement just a couple of lines of code to start calling the TWAIN API for scanning in a web application. It turns months of work into just hours or a few days. It also helps keep coding clean – the use of an SDK can reduce your code development to just a few lines. If you’ve opted to build your own software, SDKs make very convenient options when time or costs are a concern.

Maintain Focus
Another key reason many organizations opt to use SDKs is that it allows them to maintain focus. Often, a document management solution is the request of a client to a software development shop. That shop might, for example, provide expertise in software tailored to an industry, such as healthcare or finance.

So, while their healthcare client has requested a document management solution from them, building every component can pull them away from their focus on healthcare software and services. For example, coding together a document scanning module is likely not a core competency. So, building this might defocus a shop and add a lot of undesirable cost to the project. In this way, an SDK vendor lets a shop stay focused and keep client costs low.

Pointers on SDK Selection
OK. You’ve decided to build the document management software and use an SDK to help implement the image capture component. So, how can you be sure you pick the correct SDK? There are a few things to consider. One obvious thing to do is to check the background and stability of the SDK vendor. Do they have plenty of customer referrals and how long has their solution been available (is it mature)? Make a checklist for features you want and check it twice. Does the SDK support all or most of the features you need? What about integration? How easy can the SDK be integrated into your new or existing document management software workflow? Do the SDK’s image acquisition capabilities have library support for the essentials, like TWAIN, scanner, webcam, .NET, etc.

Finally, you need to check out support options for the SDK as well as migration paths to newer versions. Remember that standards come and go. For example, the use of NPAPI plugins for browsers are being displaced in favor of HTML5 versions. What side of the fence will your software sit on and if you jump the fence, will your SDK provider allow you to seamlessly migrate?

Scratching Your Head
Building completely from scratch can ultimately leave one scratching their head – why did I opt to go this route? It’s not uncommon that critical and time-consuming steps are forgotten or even abandoned because of their difficulty. Remember, developing from scratch without an SDK will mean hundreds to thousands of more lines of code and many more months of work. You then have to thoroughly test your solution prior to deployment, then test it again after deployment and with each update. Don’t forget about training staff, from the development stages to the usage stages. You have to also make sure your resources are up to the task. Will adding months more in work to finish the solution defocus you too much and are certain staff going to be okay with this? Will management be okay with taking people of core tasks? What about when you have to support the software? Are you up to the task to provide continuous technical support? Have you considered if you might be better off with key components instead being fully supported by a reliable SDK vendor?

In the end, most project managers and developers realize the best path is to stay focused on what you do best in-house and get help with the rest. It truly saves a lot in time, costs and headaches.

Dynamic Web TWAIN 10.0.1 Released

We are pleased to announce that Dynamic Web TWAIN 10.0.1 is now available.

Many exciting improvements are included in this minor update:

  • Enhanced robustness of WebSocket connection. The new version will automatically try re-building the connection in case it is inadvertently closed due to network problems.
  • Better support for Chrome 38. Such as downloading large files using the HTTPDownload method.
  • Shorter initialization time. When a user visits the scan page for the first time, the new version has a 71.4% faster performance to detect whether the client-side browser has Dynamic Web TWAIN installed.
  • Other bug fixes and tweaks. 

For more details, please refer to Release Notes of v10.0.1.

Try online demo to see the new version in action >> 

Download 30-day free trial >>

If you are ready to purchase a license, please visit our Online Store or send your order to sales@dynamsoft.com.

For any tech questions, please email support@dynamsoft.com

Dynamic .NET TWAIN 5.4 Released

Dear All,

We’re more than excited to announce that Dynamic .NET TWAIN 5.4 is released. Below are the main improvements we made in this version:

  • Improved 1D barcode reader performance
    Improved 1D barcode reader add-on in both barcode decoding accuracy and performance, especially for Code 39 and Code 128.
  • Improved speed for WPF control’s image displaying.
  • Improved speed for multi-page PDF loading and viewing.
  • Added new method ConvertPDFToImage(byte[], resolution) for converting PDF byte array to images.
  • Other minor fixes and tweaks.

To learn full features or try out the latest version, please visit at

If you have a valid software maintenance contract, or are using version 5, please contact sales@dynamsoft.com for FREE upgrade to this new version.

If you are ready to purchase a license, please visit our Online Store or send your order to sales@dynamsoft.com.

For any tech questions, please email support@dynamsoft.com

Copyright © 2014 Dynamsoft. All Rights Reserved. Privacy Statement | Site Map