[OT] Security for stacks with Community version

J. Landman Gay jacque at hyperactivesw.com
Mon May 6 14:26:44 EDT 2013 

On 5/6/13 12:38 PM, Timothy Miller wrote:

> I don't get your example. As far as I can tell, it's worthless if
> anyone can look at the relevant script to discover the encrypting
> keys. But let's save that for another thread.

Well, as long as we're in this thread...blowfish is an algorithm, one of 
several encryption schemes you can choose from. It's considered one of 
the more secure ones if I remember right. There is no problem including 
the word "blowfish" in the script, it doesn't tell a snooper how to decrypt.

The "1234567" is the password. You'd ask for that in a password dialog, 
don't store it in the stack. That's pretty much what your stack does now 
anyway. It's been long enough that I can't remember what algorithm we 
used, but it shouldn't be hard to change the existing one to blowfish. 
The script flow would be the same.

>> 1-If my machine is lost or stolen, while shut down, how hard would
>> it be to get past the log-in password, to my relatively insecure
>> "rolodex" stack? How does one get past the log-in password? (for
>> this question and the next two, assume FileVault is turned off.)

Not hard. Google for "bypass Mac login password" and you'll find all 
kinds of ways.

>> 2-If I set up an administrator account for technicians, with a
>> different log-in password, how hard would it be for the technician
>> to get past the log-in password for my user account?

Not hard. It is also possible to bypass the firmware password, which is 
different than the software login one.

>>
>> 3-In recent versions of the OS, does my log-in password protect the
>> hard disk when it's removed from my machine? How hard is it to
>> defeat that protection?

If the drive contains an OS, it would act the same way as it does in 
your Mac right now. It would ask for a password which could be bypassed. 
If you are replacing a drive, it's fairly common to mangle the old one 
with a hammer or a chainsaw before disposing of it. Alternately, before 
replacement, secure-delete sensitive files; Finder can do that (File -> 
Secure empty trash).

>>
>> 4-Given that you can't use my machine to launch a nuclear missile,
>> do I really need the ultra-secure protection provided by
>> FileVault?

I've never used FileVault but I hear it's pretty solid protection. On 
the other hand, using the encrypt command in your scripts is very secure 
too. If you want to keep your workflow the way it is now, I'd use encrypt.

-- 
Jacqueline Landman Gay         |     jacque at hyperactivesw.com
HyperActive Software           |     http://www.hyperactivesw.com

More information about the use-livecode mailing list