IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New Re: Encrypting scripts?
As my good friend Scott Anderson once told me:

You should look into Exchange Pair encryption (ie. private and public keys) where you have the users who download the demo register with you to receive a public key.

As for actual implementations, you'll have to do your own research. Though, I can offer that I recently did an implementation with M$'s CryptAPI set, and it works fairly well.


HTH,
-Jason
----

My pid is Inigo Montoya. You "killed -9" my parent process. Prepare to vi.
New and once they get the key?
>> You should look into Exchange Pair encryption (ie. private and public keys) where you have the users who download the demo register with you to receive a public key. <<

But once they unlock it, they can spread it on the web, no?

>> Though, I can offer that I recently did an implementation with M$'s CryptAPI set, and it works fairly well. <<

How do you know? One does not discover hacks until it it too late?

But, I will look into it. Does it work with scripts, or only VB and C?

Thanks



________________
oop.ismad.com
New Public key encryption is currently very, very difficult
to break.

As computers get faster, this will change, but you have a few years for now.
Regards,

-scott anderson
New Re: and once they get the key?
Sure, they can spread it.

But, just keep in mind that nothing is hackable. It's just a matter of finding that degree of security that you're comfortable with.

Like Scott mentioned, it's very difficult to hack the private key. Doable, but difficult. And, sure, they can dissimenate the public key if they wanted (see [link|http://astalavista.box.sk|http://astalavista.box.sk] to see how many *current* hacks for *very* expensive software are out there), but, again, it's just a degree of security.

CryptAPI will work with any M$ scripts (such as VBS/WSH scripts). It's just your basic COM DLL. Hunt a bit, though. We actually found a wrapper that someone had already written that helped make the native API a bit more friendly.


-Jason
----

My pid is Inigo Montoya. You "killed -9" my parent process. Prepare to vi.
New They can spread the key.
And you include, as part of your customer agreement, that a broken key = loss of service.

And you keep an eye out for broken keys on the web, as well as unusual activity on your website. You get a broken key, you invalidate it in your updated version. All versions until that one work fine, but as soon as somebody tries to upgrade, the key no longer works.
"He who fights with monsters might take care lest he thereby become a monster. And if you gaze for long into an abyss, the abyss gazes also into you." - Friedrich Nietzsche
     Encrypting scripts? - (tablizer) - (7)
         Re: Encrypting scripts? - (jlalexander) - (4)
             and once they get the key? - (tablizer) - (3)
                 Public key encryption is currently very, very difficult - (admin)
                 Re: and once they get the key? - (jlalexander)
                 They can spread the key. - (inthane-chan)
         cryptic spagetti code works fairly decent - (boxley) - (1)
             I'll use OO and protocol coupling. That'll F 'em up - (tablizer)

There should be an opportunity for somebody here.
117 ms