Windows Application - Technical Deep Dive
A comprehensive overview of the Guard Windows application's architecture, features, and security measures, designed to provide robust and reliable internet access control.
1. Description
Guard is a Windows application that provides centralized control over internet access for any assigned device, managed securely through your online account at Guard.AlexWeb.app. Its core functionality is the ability to receive and apply instructions from your account, which define:
Once a device is assigned, Guard keeps all settings automatically synchronized with your account. The application enforces restrictions by managing the system hosts file and Windows firewall rules, ensuring that the selected resources are inaccessible as specified by your instructions.
Guard protects access to its admin panel, closing, and uninstallation with a PIN code. Its state is securely encrypted, and all configuration data received from HTTP requests is thoroughly sanitized. The application is resistant to tampering: it monitors and automatically restarts itself if terminated, prevents operation without the necessary system privileges, and periodically verifies the device's clock using public time services to ensure accurate rule enforcement. These safeguards ensure that Guard's restrictions remain active and reliable, providing robust control.
2. Description of Data Variables and Objects in REST HTTP Requests
3. REST HTTPS Request Logic for Syncing Device State
After installation, the app starts with a clean state. All data received during HTTPS requests is sanitized to remove restricted characters.
Time APIs used:
• https://timeapi.io/api/Time/current/zone?timeZone=UTC • https://worldtimeapi.org/api/timezone/Etc/UTC • https://aisenseapi.com/services/v1/datetime
4. High-Level Goals
• Receive and apply instructions from the online account at Guard.AlexWeb.app, modifying the system hosts file and Windows Firewall rules according to instructions and rule schedules.
• Secure access to the admin panel with a PIN code.
• Allow removal of all changes after PIN-protected uninstallation.
• Sanitize all REST HTTPS requests.
• Main process watches for the helper watchdog and vice versa, preventing functional loss if either is terminated.
• Protect against duplicate logic by guarding the main loop with app state.
• Periodically check real time with public APIs.
• Save and self-heal app state in three locations.
• Allow full cleanup on uninstall with correct PIN.
5. Final Architecture
The application suite is architected as four distinct components for security, resilience, and maintainability:
6. Key Technical Features & Solutions Implemented
Resilience & Stability
System Integration & Startup
Security
Professional Deployment