RE: does everyone always encrypt?? decrypter?
Exactly my points from the get go. I asked the questions that I did to show that we were both saying essentially the same thing. I should have been clearer when I said that CF would incur an unacceptable amount of overhead. I took it to be understood that the alternatives, 3DES, 128-bit, etc., would carry with them an increased CPU/memory utilization that would not be acceptable in a high volume environment without purchasing costly equipment. Reading the source of the cfdecrypt utility makes it very clear how the header is used. >CF uses DES all the time. ... There is no need to determine the algorithm. >1 - Triple DES is not used because it is CPU intensive >2 - 56 bit encryption is the limit due to export restrictions > > CF uses DES for encryption. This is used because it has good performance > > while maintaining decent encryption. The "cracker" as you put it simply > > decrypts DES. If Allaire were to change the encryption algorithm > > templates encrypted by the previous algorithm would no longer work unless the > > system first interrogated the file to discover it's encryption method. Regards, Steve -Original Message- From: Howie Hamlin [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 26, 2000 4:04 PM To: [EMAIL PROTECTED] Subject: Re: does everyone always encrypt?? decrypter? - Original Message - From: Steve Bernard <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, April 26, 2000 2:29 PM Subject: RE: does everyone always encrypt?? decrypter? > Does this header act as an identifier to differentiate between various > flavors of encryption or is it just a standard DES header? It is not a DES header. Here are the different headers: Version 1: Allaire Cold Fusion Template Header Size: Version 2: Allaire Cold Fusion Template Header Size: New Version There is a counter at a specific offset to determine the size of the header and the version 2 header has the "New Version" text as well. Also, as far as I know DES does not have a header at all... > If it is an > identifier, what are the other possibilities and where did you get this > information? > Just look at the encrypted template - it's fairly straightforward. > Part of the header is encrypted: > > Allaire Cold Fusion Template > Header Size: New VersionÙ"*S5&âÕÞ5k£M. ... blah, blah, blah > Yes, a version 2 header. > Presumeably, this is DES. That being the case, CF must first decrypt the > message using DES. If it then came upon another form of encryption, it would > have to first identify that algorithm, unless it was already known, load > another decryption module, decrypt again, then execute the template. This > would incur additional overhead, varying upon what algorithm was used, which > would then effect the performance of the server. > No. CF uses DES all the time. I think the only difference between version 1 and version 2 is the encryption key and the header that differentiates the versions. There is no need to determine the algorithm. Also, you have to take into account that: 1 - Triple DES is not used because it is CPU intensive 2 - 56 bit encryption is the limit due to export restrictions HTH, Howie > Regards, > > Steve > > > -Original Message----- > From: Howie Hamlin [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, April 26, 2000 11:46 AM > To: [EMAIL PROTECTED] > Subject: Re: does everyone always encrypt?? decrypter? > > > > - Original Message - > From: Steve Bernard <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, April 26, 2000 11:02 AM > Subject: RE: does everyone always encrypt?? decrypter? > > > > CF uses DES for encryption. This is used because it has good performance > > while maintaining decent encryption. The "cracker" as you put it simply > > decrypts DES. If Allaire were to change the encryption algorithm templates > > encrypted by the previous algorithm would no longer work unless the system > > first interrogated the file to discover it's encryption method. This would > > incur an unacceptable performance hit in high volume applications. > > Not true. Allaire does not simply encrypt the file as-is...they include a > custom header to the encrypted file which they use to easily determine the > encryption method. > > Regards, > > Howie > > > Allaire has stated in the past that encrypting templates does not provide > > complete security, but it does provide enough so that the typical user can > > not read the plain text. Once someone has uninterrupted access to any code > > it is only a matter of time before it is cracked. > > > > Regards, > > > > Steve > > -
RE: does everyone always encrypt?? decrypter?
Steve, So why don't you just say where it is and stop being so obtuse about it? lol. I used to have it as well but lost the URL through one re-format or another. Cheers, -- David L. Rice Web Development Consultant [EMAIL PROTECTED] Q: 177820 24/7 cell: 770.354.5953 > -Original Message- > From: Steve Bernard [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, April 26, 2000 2:48 PM > To: [EMAIL PROTECTED] > Subject: RE: does everyone always encrypt?? decrypter? > > > Whether or not it is 'easy' to find via a search engine I > don't know. The > fact is, it exists, it's easy to use, and is available as a > binary or as > source code, written in C and using the libDES library. You could hack > something together with Perl if you were so inclined. > > Steve -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
Re: does everyone always encrypt?? decrypter?
- Original Message - From: Steve Bernard <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, April 26, 2000 2:29 PM Subject: RE: does everyone always encrypt?? decrypter? > Does this header act as an identifier to differentiate between various > flavors of encryption or is it just a standard DES header? It is not a DES header. Here are the different headers: Version 1: Allaire Cold Fusion Template Header Size: Version 2: Allaire Cold Fusion Template Header Size: New Version There is a counter at a specific offset to determine the size of the header and the version 2 header has the "New Version" text as well. Also, as far as I know DES does not have a header at all... > If it is an > identifier, what are the other possibilities and where did you get this > information? > Just look at the encrypted template - it's fairly straightforward. > Part of the header is encrypted: > > Allaire Cold Fusion Template > Header Size: New VersionÙ"*S5&âÕÞ5k£M. ... blah, blah, blah > Yes, a version 2 header. > Presumeably, this is DES. That being the case, CF must first decrypt the > message using DES. If it then came upon another form of encryption, it would > have to first identify that algorithm, unless it was already known, load > another decryption module, decrypt again, then execute the template. This > would incur additional overhead, varying upon what algorithm was used, which > would then effect the performance of the server. > No. CF uses DES all the time. I think the only difference between version 1 and version 2 is the encryption key and the header that differentiates the versions. There is no need to determine the algorithm. Also, you have to take into account that: 1 - Triple DES is not used because it is CPU intensive 2 - 56 bit encryption is the limit due to export restrictions HTH, Howie > Regards, > > Steve > > > -Original Message- > From: Howie Hamlin [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, April 26, 2000 11:46 AM > To: [EMAIL PROTECTED] > Subject: Re: does everyone always encrypt?? decrypter? > > > > - Original Message - > From: Steve Bernard <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, April 26, 2000 11:02 AM > Subject: RE: does everyone always encrypt?? decrypter? > > > > CF uses DES for encryption. This is used because it has good performance > > while maintaining decent encryption. The "cracker" as you put it simply > > decrypts DES. If Allaire were to change the encryption algorithm templates > > encrypted by the previous algorithm would no longer work unless the system > > first interrogated the file to discover it's encryption method. This would > > incur an unacceptable performance hit in high volume applications. > > Not true. Allaire does not simply encrypt the file as-is...they include a > custom header to the encrypted file which they use to easily determine the > encryption method. > > Regards, > > Howie > > > Allaire has stated in the past that encrypting templates does not provide > > complete security, but it does provide enough so that the typical user can > > not read the plain text. Once someone has uninterrupted access to any code > > it is only a matter of time before it is cracked. > > > > Regards, > > > > Steve > > -- > Archives: http://www.eGroups.com/list/cf-talk > To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
Re: does everyone always encrypt?? decrypter?
> This post got me curious so I have tried several variations of search's on > Yahoo, AltaVista, Excite, InfoSeek, etc. and all with no luck at all. What > is a good search string and engine to use it on since you seem so confident > that it can be done this way? > > Thanks. I'm not going to prove my point by finding it for you. It is not a tool supported by Allaire and therefore I have ethical reasons for not passing it on to you. All I can say is that it does exists, it's readily available on the internet, and it works. This is in response to the original question about encrypting CF templates. If you want it bad enough, you will find it. -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: does everyone always encrypt?? decrypter?
Whether or not it is 'easy' to find via a search engine I don't know. The fact is, it exists, it's easy to use, and is available as a binary or as source code, written in C and using the libDES library. You could hack something together with Perl if you were so inclined. Steve -Original Message- From: Bill Killillay [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 26, 2000 12:23 PM To: [EMAIL PROTECTED] Subject: RE: does everyone always encrypt?? decrypter? This post got me curious so I have tried several variations of search's on Yahoo, AltaVista, Excite, InfoSeek, etc. and all with no luck at all. What is a good search string and engine to use it on since you seem so confident that it can be done this way? Thanks. -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: does everyone always encrypt?? decrypter?
Does this header act as an identifier to differentiate between various flavors of encryption or is it just a standard DES header? If it is an identifier, what are the other possibilities and where did you get this information? Part of the header is encrypted: Allaire Cold Fusion Template Header Size: New VersionÙ*5&âÕÞ5k£M ... blah, blah, blah Presumeably, this is DES. That being the case, CF must first decrypt the message using DES. If it then came upon another form of encryption, it would have to first identify that algorithm, unless it was already known, load another decryption module, decrypt again, then execute the template. This would incur additional overhead, varying upon what algorithm was used, which would then effect the performance of the server. Regards, Steve -Original Message- From: Howie Hamlin [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 26, 2000 11:46 AM To: [EMAIL PROTECTED] Subject: Re: does everyone always encrypt?? decrypter? - Original Message - From: Steve Bernard <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, April 26, 2000 11:02 AM Subject: RE: does everyone always encrypt?? decrypter? > CF uses DES for encryption. This is used because it has good performance > while maintaining decent encryption. The "cracker" as you put it simply > decrypts DES. If Allaire were to change the encryption algorithm templates > encrypted by the previous algorithm would no longer work unless the system > first interrogated the file to discover it's encryption method. This would > incur an unacceptable performance hit in high volume applications. Not true. Allaire does not simply encrypt the file as-is...they include a custom header to the encrypted file which they use to easily determine the encryption method. Regards, Howie > Allaire has stated in the past that encrypting templates does not provide > complete security, but it does provide enough so that the typical user can > not read the plain text. Once someone has uninterrupted access to any code > it is only a matter of time before it is cracked. > > Regards, > > Steve -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
Re: does everyone always encrypt?? decrypter?
You're right Howie, the first thing on each encrypted file is the header, CF has to open it anyway so it's only one more step on the ladder to do a compare and direct the file to the proper un-encoder. Shouldn't adversely affect even high production sites. > > CF uses DES for encryption. This is used because it has good performance > > while maintaining decent encryption. The "cracker" as you put it simply > > decrypts DES. If Allaire were to change the encryption algorithm templates > > encrypted by the previous algorithm would no longer work unless the system > > first interrogated the file to discover it's encryption method. This would > > incur an unacceptable performance hit in high volume applications. > > Not true. Allaire does not simply encrypt the file as-is...they include a > custom header to the encrypted file which they use to easily determine the > encryption method. > > Regards, > > Howie > -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: does everyone always encrypt?? decrypter?
This post got me curious so I have tried several variations of search's on Yahoo, AltaVista, Excite, InfoSeek, etc. and all with no luck at all. What is a good search string and engine to use it on since you seem so confident that it can be done this way? Thanks. > -Original Message- > From: Steve Reich [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, April 26, 2000 10:18 AM > To: [EMAIL PROTECTED] > Subject: RE: does everyone always encrypt?? decrypter? > > > If you do a simple search on any search engine you should be able > to find it > on the first page of results. A decrypter does exists... I have a copy of > it (which I will not distribute). While the average client may > not be aware > of it, I would imagine that most of the top CF developers have a copy of > this as well. > > > -Original Message- > From: CFM [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, April 25, 2000 2:12 PM > To: '[EMAIL PROTECTED]' > Subject: RE: does everyone always encrypt?? decrypter? > > > Yeah, I've also heard that a decrypter exists, but it is conspicuously > missing from all the usual places. I don't think that app got distributed > very far before it dropped dead from lack of interest. Has anybody on this > list ever seen/used said program? > > > jb. > > > > -Original Message- > From: Steve Reich [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, April 25, 2000 7:45 AM > To: [EMAIL PROTECTED] > Subject: RE: does everyone always encrypt?? > > > Encryption will only matter if you are supplying the cfm templates to > someone else. As far as the end user is concerned, it will make no > difference through the browser. Keep in mind that a "decrypter" exists. > > Just something to think about... > Steve > > -Original Message- > From: Jeff Fongemie [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, April 25, 2000 8:37 AM > To: Cf-Talk > Subject: does everyone always encrypt?? > > > > I'm just curious, do people here always encrypt their cfm > templates? I often > don't, but I'm beginning to think it might be a good idea to start > encrypting form action scripts. > > Any logic, reasoning people use for when/ when not to encrypt?? > > Thanks, > > Jeff Fongemie > > -- > -- > -- > Archives: http://www.eGroups.com/list/cf-talk > To Unsubscribe visit > http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or > send a message to [EMAIL PROTECTED] with 'unsubscribe' in > the body. > > -- > -- > -- > Archives: http://www.eGroups.com/list/cf-talk > To Unsubscribe visit > http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or > send a message to [EMAIL PROTECTED] with 'unsubscribe' in > the body. > -- > -- > -- > Archives: http://www.eGroups.com/list/cf-talk > To Unsubscribe visit > http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or > send a message to [EMAIL PROTECTED] with 'unsubscribe' in > the body. > > -- > > Archives: http://www.eGroups.com/list/cf-talk > To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
Re: does everyone always encrypt?? decrypter?
- Original Message - From: Steve Bernard <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, April 26, 2000 11:02 AM Subject: RE: does everyone always encrypt?? decrypter? > CF uses DES for encryption. This is used because it has good performance > while maintaining decent encryption. The "cracker" as you put it simply > decrypts DES. If Allaire were to change the encryption algorithm templates > encrypted by the previous algorithm would no longer work unless the system > first interrogated the file to discover it's encryption method. This would > incur an unacceptable performance hit in high volume applications. Not true. Allaire does not simply encrypt the file as-is...they include a custom header to the encrypted file which they use to easily determine the encryption method. Regards, Howie > Allaire has stated in the past that encrypting templates does not provide > complete security, but it does provide enough so that the typical user can > not read the plain text. Once someone has uninterrupted access to any code > it is only a matter of time before it is cracked. > > Regards, > > Steve > > -Original Message- > From: pan [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, April 26, 2000 8:39 AM > To: [EMAIL PROTECTED] > Subject: Re: does everyone always encrypt?? decrypter? > > > From: Mike Sheldon <[EMAIL PROTECTED]> > > > I've seen it, compiled it, and tested it. > > > > It works. > > > > Mike, > > Have you tested it on 4.51? Haven't had time myself, but am wondering if the > name change in the tag might mean a change in the cracker??? > > Pan > > -- > Archives: http://www.eGroups.com/list/cf-talk > To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: does everyone always encrypt?? decrypter?
CF uses DES for encryption. This is used because it has good performance while maintaining decent encryption. The "cracker" as you put it simply decrypts DES. If Allaire were to change the encryption algorithm templates encrypted by the previous algorithm would no longer work unless the system first interrogated the file to discover it's encryption method. This would incur an unacceptable performance hit in high volume applications. Allaire has stated in the past that encrypting templates does not provide complete security, but it does provide enough so that the typical user can not read the plain text. Once someone has uninterrupted access to any code it is only a matter of time before it is cracked. Regards, Steve -Original Message- From: pan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 26, 2000 8:39 AM To: [EMAIL PROTECTED] Subject: Re: does everyone always encrypt?? decrypter? From: Mike Sheldon <[EMAIL PROTECTED]> > I've seen it, compiled it, and tested it. > > It works. > Mike, Have you tested it on 4.51? Haven't had time myself, but am wondering if the name change in the tag might mean a change in the cracker??? Pan -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: does everyone always encrypt?? decrypter?
> Have you tested it on 4.51? Haven't had time myself, but am > wondering if the name change in the tag might mean a change > in the cracker??? The keys have supposedly changed in 4.5+, although I haven't tested it. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: does everyone always encrypt?? decrypter?
If you do a simple search on any search engine you should be able to find it on the first page of results. A decrypter does exists... I have a copy of it (which I will not distribute). While the average client may not be aware of it, I would imagine that most of the top CF developers have a copy of this as well. -Original Message- From: CFM [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 25, 2000 2:12 PM To: '[EMAIL PROTECTED]' Subject: RE: does everyone always encrypt?? decrypter? Yeah, I've also heard that a decrypter exists, but it is conspicuously missing from all the usual places. I don't think that app got distributed very far before it dropped dead from lack of interest. Has anybody on this list ever seen/used said program? jb. -Original Message- From: Steve Reich [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 25, 2000 7:45 AM To: [EMAIL PROTECTED] Subject: RE: does everyone always encrypt?? Encryption will only matter if you are supplying the cfm templates to someone else. As far as the end user is concerned, it will make no difference through the browser. Keep in mind that a "decrypter" exists. Just something to think about... Steve -Original Message- From: Jeff Fongemie [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 25, 2000 8:37 AM To: Cf-Talk Subject: does everyone always encrypt?? I'm just curious, do people here always encrypt their cfm templates? I often don't, but I'm beginning to think it might be a good idea to start encrypting form action scripts. Any logic, reasoning people use for when/ when not to encrypt?? Thanks, Jeff Fongemie -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
Re: does everyone always encrypt?? decrypter?
From: Mike Sheldon <[EMAIL PROTECTED]> > I've seen it, compiled it, and tested it. > > It works. > Mike, Have you tested it on 4.51? Haven't had time myself, but am wondering if the name change in the tag might mean a change in the cracker??? Pan -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: does everyone always encrypt?? decrypter?
I've seen it, compiled it, and tested it. It works. No, I won't say where I got it. Those who are determined will find it on their own. The fact that a decryptor was written was really only a matter of time. In order to perform, the encryption routine had to be fairly lightweight, and the key had to be a constant in order to work on every platform. Eventually, someone was either going to brute-force crack it and "reverse-engineer" the key from that, or they were going to watch the CF Server executable or cfcrypt.exe when it decrypte/dencrypted a template, and capture the key that way. Michael J. Sheldon Internet Applications Developer Phone: 480.699.1084 http://www.desertraven.com/ PGP Key Available on Request -Original Message- From: CFM [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 25, 2000 11:12 To: '[EMAIL PROTECTED]' Subject: RE: does everyone always encrypt?? decrypter? Yeah, I've also heard that a decrypter exists, but it is conspicuously missing from all the usual places. I don't think that app got distributed very far before it dropped dead from lack of interest. Has anybody on this list ever seen/used said program? jb. -Original Message- From: Steve Reich [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 25, 2000 7:45 AM To: [EMAIL PROTECTED] Subject: RE: does everyone always encrypt?? Encryption will only matter if you are supplying the cfm templates to someone else. As far as the end user is concerned, it will make no difference through the browser. Keep in mind that a "decrypter" exists. Just something to think about... Steve -Original Message- From: Jeff Fongemie [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 25, 2000 8:37 AM To: Cf-Talk Subject: does everyone always encrypt?? I'm just curious, do people here always encrypt their cfm templates? I often don't, but I'm beginning to think it might be a good idea to start encrypting form action scripts. Any logic, reasoning people use for when/ when not to encrypt?? Thanks, Jeff Fongemie -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: does everyone always encrypt?? decrypter?
Yeah, I've also heard that a decrypter exists, but it is conspicuously missing from all the usual places. I don't think that app got distributed very far before it dropped dead from lack of interest. Has anybody on this list ever seen/used said program? jb. -Original Message- From: Steve Reich [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 25, 2000 7:45 AM To: [EMAIL PROTECTED] Subject: RE: does everyone always encrypt?? Encryption will only matter if you are supplying the cfm templates to someone else. As far as the end user is concerned, it will make no difference through the browser. Keep in mind that a "decrypter" exists. Just something to think about... Steve -Original Message- From: Jeff Fongemie [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 25, 2000 8:37 AM To: Cf-Talk Subject: does everyone always encrypt?? I'm just curious, do people here always encrypt their cfm templates? I often don't, but I'm beginning to think it might be a good idea to start encrypting form action scripts. Any logic, reasoning people use for when/ when not to encrypt?? Thanks, Jeff Fongemie -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.