Yes indeed. See Blog. Best Regards,
Heather Heather Laine Customer Services Manager LiveCode Ltd www.livecode.com > On 25 Jun 2022, at 04:34, Tom Glod via use-livecode > <use-livecode@lists.runrev.com> wrote: > > This is a great best-practice explanation. Perhaps someone can turn it into > a blog post and put it on the site. > Thanks again > > > > On Fri, Jun 24, 2022 at 6:24 PM Bob Sneidar via use-livecode < > use-livecode@lists.runrev.com> wrote: > >> Mr. (Or should I say Doctor) Waddingham! This is a really brilliant essay >> on the risk, benefits and rewards in multiple scenarios concerning the >> storage of keys. I’ve mentioned before that I came up with the idea of >> “poisoning” the encrypted data before the data was transmitted. If >> intercepted in transit, the data itself could never be decrypted without >> knowing how it was poisoned and what was needed to “cleanse” it. And that >> would require access to either the API of the device doing the corruption >> or the cleansing, or else someone who knew the method. >> >> By using this method, all but physical and social vectors are nullified. >> And control of those vectors is an illusion. >> >> Bob S >> >> Sent from my iPhone >> >>> On Jun 24, 2022, at 13:22, Mark Wieder via use-livecode < >> use-livecode@lists.runrev.com> wrote: >>> >>> On 6/24/22 10:04, Mark Waddingham via use-livecode wrote: >>> >>>> The only way to use these keys is from server scripts running on a >> server which you do your best to maintain the security of. Ideally these >> keys should be stored in files which are only readable by specific users - >> usually the web-server user which is running the backend scripts which >> needs to make the requests. >>> >>> Or as server environment variables retrieved only by server scripts >> which are not user-accessible. >>> >>> -- >>> Mark Wieder >>> ahsoftw...@gmail.com >>> >>> _______________________________________________ >>> use-livecode mailing list >>> use-livecode@lists.runrev.com >>> Please visit this url to subscribe, unsubscribe and manage your >> subscription preferences: >>> http://lists.runrev.com/mailman/listinfo/use-livecode >> _______________________________________________ >> use-livecode mailing list >> use-livecode@lists.runrev.com >> Please visit this url to subscribe, unsubscribe and manage your >> subscription preferences: >> http://lists.runrev.com/mailman/listinfo/use-livecode >> > _______________________________________________ > use-livecode mailing list > use-livecode@lists.runrev.com > Please visit this url to subscribe, unsubscribe and manage your subscription > preferences: > http://lists.runrev.com/mailman/listinfo/use-livecode _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
