Hi list!
I need to protect a Director movie against unauthorized use. Before the
program starts, the user has to enter his name and a password.
Is it safe to store both in a list like that:
authorizationL = [[#name : john, #pw: kdf8sde3], [#name : sue, #pw:
89g4Df]]
?
Or is it possible for a
Or is it possible for a very experienced hacker to retrieve those data from
a protected Director movie?
It is possible. Just open the exe in notepad and you can read the
strings as clear text.
You'll need some level of encryption.
HTH/Christoffer
[To remove yourself from this list, or to
Hi Michael,
You can use a file with buddyapi: EncryptFile
caio
Michael
[To remove yourself from this list, or to change to digest mode, go to
http://www.penworks.com/lingo-l.cgi To post messages to the list, email
lingo-l@penworks.com (Problems, email [EMAIL PROTECTED]). Lingo-L is for
On 17/5/06 8:18 am, Michael von Aichberger 2 [EMAIL PROTECTED] wrote:
I need to protect a Director movie against unauthorized use. Before the
program starts, the user has to enter his name and a password.
Is it safe to store both in a list like that:
authorizationL = [[#name : john, #pw:
There are also some lingo MD5 implementations as well. (No Xtra needed)
http://www.mediamacros.com/item/item-1006687462/
http://www.mediamacros.com/item/item-1006687189/
And with Javascript, you can pull a JS MD5 like this into Director...
http://pajhome.org.uk/crypt/md5/
-Chuck
Just to add to the store the password hashed talk, if you're starting
from scratch, I'd go with SHA-1 rather than MD5. If you really go the
full monty, you can go with SHA-256
(http://anmar.eu.org/projects/jssha2/ BSD license) and salt the
password before you generate the hash, as in:
Now that I'm at my desk, I just ran some timing tests. The JS syntax MD
5 Chuck referenced function takes ~2ms on my machine, and the SHA-256
routine takes ~10mx. (PowerMac G4, 1.25MHz.) So, hashing the password
value isn't very costly in terms of CPU either way.
On May 17, 2006, at 11:29
On Wed, 17 May 2006 09:30:27 -0400, Daniel Nelson
[EMAIL PROTECTED] wrote:
However, if you are storing information locally, then at some level it
is vulnerable, even if it takes more sophistication than simply opening
in Notepad. If you are truly concerned about security, then you may
Rob Romanek wrote:
On Wed, 17 May 2006 09:30:27 -0400, Daniel Nelson
[EMAIL PROTECTED] wrote:
However, if you are storing information locally, then at some level
it is vulnerable, even if it takes more sophistication than simply
opening in Notepad. If you are truly concerned about
Thanks for all the interesting replies.
If .dcr-files are safe, that just might be the best solution for me.
Related question: Does the MUI Xtra allow the creation of dialog boxes for
password entry (hidden characters)?
Thanks again!
Michael
[To remove yourself from this list, or to change to
It depends on what you mean by safe. If .dcrs are simply compressed
(as is my understanding), it shouldn't take someone who's determined
very long to crack it.
Given that you're only talking about a couple of lines of code and a
few milliseconds at runtime to use hashes, isn't it better to do
If you're using a technology for the first time, a couple of lines of code
may take quite a time ...
But if you say, dcr's are not s safe, I might change my mind and go for
the Right Thing.
Thanks!
Michael
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED]
[mailto:[EMAIL
On May 17, 2006, at 3:14 PM, Michael von Aichberger 2 wrote:
If you're using a technology for the first time, a couple of lines of
code
may take quite a time ...
Cookbook version:
1) Download the .zip file from:
http://anmar.eu.org/projects/jssha2/
2) Unzip it.
3) Open the file
Non-related answer, but a heads-up anyway. Beware using the debugger on
MUI extra callbacks. If the dialog hasn't gone away before the debugger
pops up, it's relatively easy to get in a situation where key and mouse
events get sent to the bit bucket and the only way out is
force-quitting
if the environment.internetConnected = #online then
This has always been flaky at best. The simplest method is to use
getNetText() on a few sites you can be reasonably sure are always up.
Not only will this tell you that you are #online, but that any
proxy/NAT issues are transparent.
15 matches
Mail list logo