On Wed, 12 Jan 2005 18:09:08 +0100, Jochem Maas <[EMAIL PROTECTED]> wrote: > I'm no expert on crypto (and never will be either! designing good crypto > is something best left to the very very very very best in terms of > computer science) but I think that the following function represents > very weak crypto -
Feel free to not use it then.. geez. > which may very suffice, but one thing that could make > the whole lots fall apart is the fact that the key is kept in the > function itself - imagine the server has auto source-highlighting for > php files (when you add an 's' to a filename), if so anyone can readout > your key! Imagine a world where there were no inexperienced sysadmins. > oh and Greg, you may just have told the world the key that you are > actually using! I made that one up just for the post. And even if I didn't.. good luck finding the data. -- Greg Donald Zend Certified Engineer http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
