IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Whither Scripting? Forum / and once they get the key?
Post #4,274
by tablizer
8/8/01 4:48:26 PM
Reply
New and once they get the key?
>> You should look into Exchange Pair encryption (ie. private and public keys) where you have the users who download the demo register with you to receive a public key. <<

But once they unlock it, they can spread it on the web, no?

>> Though, I can offer that I recently did an implementation with M$'s CryptAPI set, and it works fairly well. <<

How do you know? One does not discover hacks until it it too late?

But, I will look into it. Does it work with scripts, or only VB and C?

Thanks



________________
oop.ismad.com
Post #4,276
by admin
Picture of admin
8/8/01 4:49:50 PM
Reply
New Public key encryption is currently very, very difficult
to break.

As computers get faster, this will change, but you have a few years for now.
Regards,

-scott anderson
Post #4,281
by jlalexander
Picture of jlalexander
8/8/01 4:59:28 PM
Reply
New Re: and once they get the key?
Sure, they can spread it.

But, just keep in mind that nothing is hackable. It's just a matter of finding that degree of security that you're comfortable with.

Like Scott mentioned, it's very difficult to hack the private key. Doable, but difficult. And, sure, they can dissimenate the public key if they wanted (see [link|http://astalavista.box.sk|http://astalavista.box.sk] to see how many *current* hacks for *very* expensive software are out there), but, again, it's just a degree of security.

CryptAPI will work with any M$ scripts (such as VBS/WSH scripts). It's just your basic COM DLL. Hunt a bit, though. We actually found a wrapper that someone had already written that helped make the native API a bit more friendly.


-Jason
----

My pid is Inigo Montoya. You "killed -9" my parent process. Prepare to vi.
Post #6,398
by inthane-chan
Picture of inthane-chan
8/22/01 11:02:52 PM
Reply
New They can spread the key.
And you include, as part of your customer agreement, that a broken key = loss of service.

And you keep an eye out for broken keys on the web, as well as unusual activity on your website. You get a broken key, you invalidate it in your updated version. All versions until that one work fine, but as soon as somebody tries to upgrade, the key no longer works.
"He who fights with monsters might take care lest he thereby become a monster. And if you gaze for long into an abyss, the abyss gazes also into you." - Friedrich Nietzsche
     Encrypting scripts? - (tablizer) - (7) - Aug. 8, 2001, 04:07:42 PM EDT
         Re: Encrypting scripts? - (jlalexander) - (4) - Aug. 8, 2001, 04:42:16 PM EDT
             and once they get the key? - (tablizer) - (3) - Aug. 8, 2001, 04:48:26 PM EDT
                 Public key encryption is currently very, very difficult - (admin) - Aug. 8, 2001, 04:49:50 PM EDT
                 Re: and once they get the key? - (jlalexander) - Aug. 8, 2001, 04:59:28 PM EDT
                 They can spread the key. - (inthane-chan) - Aug. 22, 2001, 11:02:52 PM EDT
         cryptic spagetti code works fairly decent - (boxley) - (1) - Aug. 8, 2001, 10:02:16 PM EDT
             I'll use OO and protocol coupling. That'll F 'em up - (tablizer) - Aug. 9, 2001, 12:14:48 AM EDT

As soon as I saw something about exploding whales, I couldn't help but click.
37 ms