On Wed, 12 Jan 2005 18:09:08 +0100, Jochem Maas <[EMAIL PROTECTED]> wrote:
> I'm no expert on crypto (and never will be either! designing good crypto
> is something best left to the very very very very best in terms of
> computer science) but I think that the following function represents
> very weak crypto -

Feel free to not use it then..  geez.

> which may very suffice, but one thing that could make
> the whole lots fall apart is the fact that the key is kept in the
> function itself - imagine the server has auto source-highlighting for
> php files (when you add an 's' to a filename), if so anyone can readout
> your key!

Imagine a world where there were no inexperienced sysadmins.

> oh and Greg, you may just have told the world the key that you are
> actually using!

I made that one up just for the post.  And even if I didn't.. good
luck finding the data.


-- 
Greg Donald
Zend Certified Engineer
http://destiney.com/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to