Internal security of Rev?
Richard Gaskin
ambassador at fourthworld.com
Wed Jul 12 01:49:56 EDT 2006
John Tregea wrote:
> I read about MD5 but thought it was a way of generating a hash string
> and using that string to check if the originating string had changed. Do
> you mean I could "un" MD5 a string like base64Decode?
MD5 is used to create a "signature" of a chunk of data which is
mathematically improbable to have been derived by a different chunk.
This is useful for comparing two things when you don't have the things
themselves, such as passwords, but the MD5 result doesn't contain enough
data to derive its source.
However one can use it in place of a password, so you can compare
password results without ever embedding the password itself.
This extremely lightweight encryption function uses MD5 for that purpose:
<http://www.revjournal.com/tutorials/handy-handlers-005.html>
While that particular function is at the "toy" level of security,
stronger methods could be made which use MD5 in related ways.
But all of this seems a red herring, if I've read this thread correctly.
At first I had the impression we were talking about protecting
critical data, but in later posts it seems we're just talking about
anti-piracy.
With all due respect, the best investment of your time with regard to
anti-piracy is to ignore it altogether and put the time into features,
marketing, and offering world-class support. Pirates are rarely in the
intersection of potential customers, so fighting them is a business
distraction.
--
Richard Gaskin
Managing Editor, revJournal
_______________________________________________________
Rev tips, tutorials and more: http://www.revJournal.com
More information about the use-livecode
mailing list