I know that Sony recently tried to hide files by using rootkit-technology again. It was discovered and already dozens of hackers are researching ways to abuse this technique by simply modifying the folders and files that this rootkit is hiding. But all I'm pointing out here is that no matter which technique you use, there will always be users who will be able to find it back again. Even encryption can be cracked and often faster than you'd expect...
Adding the files to the resources of your application is a good way if they only need to be read-only files. But if you want to be able to modify them you should use some other kind of streaming technology. For example, add these files to a single ZIP file. When your application is running it will just unzip them to the temporary files folder with some cryptic filenames. When the application is done, it could put the modified files back into the ZIP file and then remove the temporary files again. That would restrict the access a bit more. And if the ZIP file is password-protected then access becomes even more difficult. But instead of a ZIP file you could also use other structured storage methods. You could create a single DB file that contains these other files that you need. It would need only two fields. A string field for file name and a big blob field containing the file itself. There's even a special structured storage API within windows which can be used for this and it too will make access a bit more difficult. Difficult enough to stop the average user from viewing them but hackers still can crack this. You might also just alter the privileges that the user has on those files, but it means that your application must be running with more privileges than the user and this is a real complex part of the Windows security that's not easy to use within Delphi. But you could also just store those files in the "C:\Documents and Settings\All Users\Application Data\Your Company name\Your App name" and there's a simple API to get that folder name on your user's system. The advantage of using these system folders is that the average user tends to ignore most of the files in that location. Actually, that folder tends to be hidden within Explorer, although experienced users do know it's there... On 8/29/07, Francisco Javier Hernandez Segura <[EMAIL PROTECTED]> wrote: > > Hi, > Let me explain it with more details: > > I have an application that uses PDF Files, JPG Files and .DB Files. > User's can access this information directly from windows explorer and open > each file for > example PDF Files and JPG Files. > > I am looking a way for hidden or encrypt this files while application is > not running and > when application is running files can be decompressed or desencrypted and > can be used. > > I was thiking a way to hidden it using attrib windows command but i don't > know if exists a > best way. > > I hope you can understand me ... > > Thank you ! > > Regards, > > > --- In [email protected], "Warrick Wilson" <[EMAIL PROTECTED]> > wrote: > > > > Protect them in what way? Stop people from running them without > registering > > or paying for them? Stop them being deleted from the disk (virus much?)? > > Stop people reverse-engineering? Or just some reasonably solid packaging > so > > you can mail a CD with your program on it around the world? > > > > > > > > From: [email protected] [mailto:[EMAIL PROTECTED] On > Behalf > > Of Francisco Javier Hernandez Segura > > Sent: Sunday, August 26, 2007 1:49 PM > > To: [email protected] > > Subject: [delphi-en] Protecting files. > > > > > > > > Hi, good morning. > > Im looking a way for protecting my application files. I don't know if > > exists some way for encrypt them or maintain them hiden. > > > > I'll appreciate your comments and help. > > > > Thank you, > [Non-text portions of this message have been removed]
