password protection

[JohnRule at aol.com]

> The only data they should be seeing is the data I want
> to show to them.  Other data is all in hidden fields.
> Could you be more verbose?


I just did a test...if you have any kind of 'Open' handler in your 
application (i.e. open stack anyStack), then some unscrupulous person could 
load their own 'ripper', and parse all of the objects in your 
application...including hidden fields. This is not safe. I also discovered 
that if you set the 'passkey' to a protected stack during runtime, the same 
trick can be applied (ripping). If you open an application that has been 
compiled as a stand-alone (but not password protected) in a text editor, I 
believe much of your scripting is visible as plain text (at least it was in 
earlier versions). I don't mean to scare anyone, but I have been 
investigating this area to see how protected my own code is...and I wanted to 
share this information so you can make your own code more protected' Please 
share any information you discover as well!

Speaking of 'ripper', wasn't there a stack called MCRipper? Does anyone know 
if this can actually 'steal' password protected Intellectual Property? It 
might behoove us to investigate this author.

I for one do not want to have to worry about what I write being accessed (at 
least easily). It is very 'stifling' to creative programming efforts...and 
lawsuits are always so ugly.

The best arrangement so far (for me) is to password protect everything, and 
have a few stacks that contain items that need to change. Luckily, I have a 
hardware/software product, and the software will not run without the hardware 
'key'. You might want to investigate other types of hardware 'keys'...

Sorry for being the 'propaganda' machine today. Again, please, someone 
correct me if I am wrong.

JR