2009/8/1 Brian <brian.min...@colorado.edu>: > On Sat, Aug 1, 2009 at 1:07 PM, David Gerard <dger...@gmail.com> wrote: >> 2009/8/1 Brian <brian.min...@colorado.edu>:
>> > And of course, you can just ship them the binaries! >> Trusted clients are impossible. Particularly for prrotecting against >> lulz-seekers. > Impossible? That's hyperbole. No, it's mathematically accurate. There is NO SUCH THING as a trusted client. It's the same problem as DRM and security by obscurity. http://en.wikipedia.org/wiki/Trusted_client http://en.wikipedia.org/wiki/Security_by_obscurity Never trust the client. Ever, ever, ever. If you have a working model that relies on a trusted client you're fucked already. Basically, if you want to distribute binaries to reduce hackability ... it won't work and you might as well be distributing source. Security by obscurity just isn't. - d. _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
