open secure socket... using certificate

Tom Glod tom at makeshyft.com
Tue Feb 2 16:02:54 EST 2021 

Hhahah Richard, that was hilarious. :D Given I've given you next to no info
on the use case, I understand why it may seem overkill, and maybe it is.

A wise person once told me .... and I'm paraphrasing..... " you can't
prevent everything ....so the task at hand is to make things harder and
take longer."  That person was you.

So would it make it harder to steal data if data transport between 2
decoupled processes was encrypted? you bet.

Thanks for giving me food for thought...and I will triple check to make
sure its necessary. :D


On Mon, Feb 1, 2021 at 6:16 PM Richard Gaskin via use-livecode <
use-livecode at lists.runrev.com> wrote:

> Tom Glod wrote:
>
>  > Richard,
>  >
>  > Lets say one of my users is targeted by a hacker and they manage
>  > to install a malware process on their system that will capture all
>  > the data flowing between the 2 processes.
>  > Then they do not need to be sitting in the victim's chair.
>  > But if the data was encrypted, this wouldn't matter.
>
> True, that one aspect of your program wouldn't matter.  But since
> everything else on the system is now hosed, does anything matter?
>
> To my ear it sounds like a planning committee meeting for a zoo in which
> they're deciding on the steel thickness of armored suits they require
> visitors to wear because tigers are running loose, while the whole
> facility is on fire. I'm in the back of the room raising my hand asking
> if we might just put the tigers back in the cage. After we put out the
> fire. :)
>
> In the scenario you described, what prevents the bad guy from reading
> the data at rest? Or keylogging? Or replacing either or both of the
> executables you delivered? Or anything else they might do once they have
> that level of control throughout the system?
>
> --
>   Richard Gaskin
>   Fourth World Systems
>   Software Design and Development for the Desktop, Mobile, and the Web
>   ____________________________________________________________________
>   Ambassador at FourthWorld.com                http://www.FourthWorld.com
>
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>


-- 
Tom Glod
Founder & Developer
MakeShyft R.D.A (www.makeshyft.com)
Mobile:647.562.9411

More information about the use-livecode mailing list