RE: Secure text in apps

Sun, 28 Jan 2007 10:17:29 -0800 

        In that case I would obscure the key as best I could.  Lot's of ways
to do this like breaking it down into pieces stored in different parts of
the app as const and/or different ini settings that appear to be something
else.  I never did it but one guy that I was talking to used a txt file with
instructions that couldn't be removed and then had a function in the
application read a word so many counts into the second paragraph and use
that as the key.  Unless the users are sophisticated enough to dissemble the
app or break the code any of these should be good enough.

from Robert Meek dba Tangentals Design  CCopyright 2006
Proud to be a moderator of "The Delphi Lists" at elists.org

(["An unused program is the consequence of a higher logic!", nil])  As
written in The Compendium of Accepted Robotic and Surrlogic Theorems Used in
the Self Analysis of Elemental Positronic Pathways...1st Edition Revised


-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Rob Cameron
Sent: Friday, January 26, 2007 10:26 AM
To: [email protected]
Subject: re: Secure text in apps

Robert,

Thanks for the quick reply and I agree with what you said.   I didn't 
explain myself well.  Let's take a hypothetical case. Suppose I have an 
app where I want to keep track of how often and when the app is used: 
perhaps for licensing reasons, perhaps for management stats on the 
real-life demand for the software, or tracking regular use for training 
purposes - whatever  ... this is hypothetical.  There is no reason for 
users to log-in (and they don't want to anyway) and I'd rather the users 
don't have access to the stats I keep. So I decide to save a text file 
alongside the exe file and save short strings in the file, sometimes 
adding strings, sometimes modifying them but always encrypting them.  To 
encrypt the strings the app needs a key and I need the same key to 
decrypt it when I get to see the text files. Sometimes I want the app 
itself to decrypt the strings to make use of the data.

What's the best way to provide the key in the app in such a way that 
users can't find it?

Regards

Rob
_______________________________________________
Delphi mailing list -> [email protected]
http://www.elists.org/mailman/listinfo/delphi

_______________________________________________
Delphi mailing list -> [email protected]
http://www.elists.org/mailman/listinfo/delphi

Reply via email to