On 12/21/05, Joachim Schipper <[EMAIL PROTECTED]> wrote: > Pretty much any source code encoding scheme can be defeated, given > enough work. The point is in making sure that it is too much work to do > so. > > Though I wonder what the point is - it's not likely to be all that hard > to run the code on another system. The main point seems to be to prevent > administrators from making local changes, and I must admit to not seeing > a problem with people who have bought the software doing that.
Agreed, but in this case the application is for a security purpose rather than change or server control. Looking for a secure way to include an AES password in a PHP script for use with AES_ENCRYPT() in MySQL without that password being viewable even if the source of the page is compromised. Ioncube seems to fit the bill, but wanted to enquire about whether or not that's the case. Z. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
