James Bennett wrote on 05/16/08 20:11: > On Fri, May 16, 2008 at 11:52 AM, ydjango <[EMAIL PROTECTED]> wrote: >> I do not want to make it easy for some one who breaks in , either a >> outsider or may be an rougue hosting provider employee or contractor, >> to easily get access to all the information - data and code. > > Again: if this is your worry, you have bigger problems. Allow me to > suggest an alternate method: > > (satire begins here, for the humor-impaired) > > 1. Physically obtain the server upon which the code is stored. Write > random data to the relevant sectors of the hard drive seven times > over, then write zeroes to it seven times over, then write random data > again. > > 2. Physically destroy the hard drive. Sledgehammers are good for this. > > 3. Place the shards of the hard drive into a vat of highly caustic acid. > > 4. Once the shards have dissolved, burn the resulting acidic liquid. > Be sure to capture the smoke. > > 5. Cool the smoke until it turns back to ash. Mix the ash into the > center of a reinforced concrete slab, at least 27 cubic feet in > volume. > > 6. If you have access to sufficient technology, launch the concrete > slab into space, on a course to collide with the Sun or (better) with > any singularity which happens to be nearby. The singularity is best > because -- even though it may not guarantee destruction of the > information -- the subjective time to observe the rocket crossing the > event horizon, from the frame of reference of a person some distance > from it, will be effectively infinite, causing most attackers to give > up. > > 7. If you do not have access to sufficient technology, have the > concrete slab stored in a nuclear-hardened bunker, with no Internet > connection, in a room using biometric identification keyed to > yourself, and with the whole complex guarded 24/7 by US Navy SEALs. > Maintain this watch until the technology available to complete step > (6) becomes available to you. > > Once you've completed this process, your application code will be > safe, for a reasonable value of "safe". > > (satire ends here) > > Or you could just find a host who properly sets up file permissions so > that random people can't access your application code. Unless you own > and personally supervise all of the following you will be susceptible > to rogue employees: the server, the rack in which it's located and the > datacenter in which the rack is found. Many people do not find that > the perceived security gains of doing so outweigh the financial and > maintenance drawbacks. YMMV. > >
James, your the man :-) I would have suggested: Book a trip to the himalaya (well maybe after china has stopped being a PITA). March all the way to the top (make sure no CIA satellites are watching you). Dig a deep hole, say 100 foot deep, then barry your code in the hole. Then fill it up (again, check that those evil nasty satellites aren't watching), and go back home with the good feeling that your code, that nobody else on this planet could have written in such an elegant, perfect way will never be found and used by anybody. ;-) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
