Alex Nikitin wrote:
[snip]
It's never a good idea to store all your keys in code,
True, but in the system I was referring to, only the closed source
app knows how to "see" the key in the encrypted templates and there is
no way for another to know how to decrypt the encrypted templates to se
On Thu, Aug 4, 2011 at 12:23 PM, Donovan Brooke wrote:
> Alex Nikitin wrote:
> [snip]
>
> There is code obfuscation with PHP, and you can compile it into C++ with
>> HipHop for php for example...
>>
> [snip]
>
>
> Of course, obfuscation is never a great security solution. Compiling it
> into C++
Alex Nikitin wrote:
[snip]
There is code obfuscation with PHP, and you can compile it into C++ with
HipHop for php for example...
[snip]
Of course, obfuscation is never a great security solution. Compiling it
into C++ is interesting... the question would be if the code could be
de-compiled..
Alex Nikitin wrote:
[snip]
What makes your local system any less vulnerable of a point than your
server, of anything, its more vulnerable and failure-prone, so unless i'm
not getting something, that seems like a poor design decision (i'm sorry)
[snip]
In the model I profiled, it is a system de
On Thu, Aug 4, 2011 at 10:31 AM, Donovan Brooke wrote:
> Alex Nikitin wrote:
> [snip]
>
> Also you shouldn't actually encrypt passwords, the proper way to store
>> them
>> is hashed, so that if someone grabs your database, they dont have your
>> passwords, even if they have the "key".
>>
>
>
> H
Alex Nikitin wrote:
[snip]
Also you shouldn't actually encrypt passwords, the proper way to store them
is hashed, so that if someone grabs your database, they dont have your
passwords, even if they have the "key".
Hello, since this thread is about "studying mcrypt"...
In another language, for
On Wed, Aug 3, 2011 at 4:05 PM, Ashley Sheridan
wrote:
> **
> On Wed, 2011-08-03 at 15:35 -0400, Alex Nikitin wrote:
>
> On Wed, Aug 3, 2011 at 3:08 PM, Ashley Sheridan
> wrote:
>
> > **
> > On Wed, 2011-08-03 at 22:02 +0300, Andre Polykanine wrote:
> >
> > Hello Alex,
> >
> > Thanks for
On Wed, 2011-08-03 at 15:35 -0400, Alex Nikitin wrote:
> On Wed, Aug 3, 2011 at 3:08 PM, Ashley Sheridan
> wrote:
>
> > **
> > On Wed, 2011-08-03 at 22:02 +0300, Andre Polykanine wrote:
> >
> > Hello Alex,
> >
> > Thanks for the tip. I'm not storing it in the database (you see,
> > it's
On Wed, Aug 3, 2011 at 3:08 PM, Ashley Sheridan
wrote:
> **
> On Wed, 2011-08-03 at 22:02 +0300, Andre Polykanine wrote:
>
> Hello Alex,
>
> Thanks for the tip. I'm not storing it in the database (you see, it's
> "asdfasdf" and the key string is "secret key"), I'm just studying mcrypt's
Hello Alex,
> I have a neat class you can play with...
Could you give me the link, please?)
--
With best regards from Ukraine,
Andre
Skype: Francophile
My blog: http://oire.org/menelion (mostly in Russian)
Twitter: http://twitter.com/m_elensule
Facebook: http://facebook.com/menelion
Hi Ash,
> Please don't top-post :)
*Huge sigh* OK, OK! But still it's too uncomfortable to read bottom-posting! :P
> You can use base64_encode() on it to convert it into something that's
> printable and storable in the DB without having to resort to a binary
> blob
Thanks, will try!)
--
Wi
I have a neat class you can play with...
--
The trouble with programmers is that you can never tell what a programmer is
doing until it’s too late. ~Seymour Cray
On Wed, Aug 3, 2011 at 2:27 PM, Alex Nikitin wrote:
> Yes, since it's trying to represent in characters some purely binary data,
>
On Wed, 2011-08-03 at 22:02 +0300, Andre Polykanine wrote:
> Hello Alex,
>
> Thanks for the tip. I'm not storing it in the database (you see, it's
> "asdfasdf" and the key string is "secret key"), I'm just studying mcrypt's
> possibilities :-).
>
> --
> With best regards from Ukraine,
Hello Alex,
Thanks for the tip. I'm not storing it in the database (you see, it's
"asdfasdf" and the key string is "secret key"), I'm just studying mcrypt's
possibilities :-).
--
With best regards from Ukraine,
Andre
Skype: Francophile
My blog: http://oire.org/menelion (mostly in Russi
Yes, since it's trying to represent in characters some purely binary data,
it is not unlikely that you will get VERY weird characters (and you do).
Also you shouldn't actually encrypt passwords, the proper way to store them
is hashed, so that if someone grabs your database, they dont have your
pas
15 matches
Mail list logo
