On Sun, Dec 6, 2009 at 11:59 PM, dougx <[email protected]> wrote:
> - Competative game gadgets, where users can gain an advantage by > faking their own high score. > > - Gadgets where users collaborate in general (prone to spoofing; even > on playback you can't really be sure of the changes being made coming > from the supposed author). > There doesn't seem to be any way to verify the authenticity or integrity of events or any piece of data stored in the wave. The best workaround is to store your state with your gadget (e.g. in an appengine data store), but you still have the problem of being certain that the gadget you're interacting with in the wave is *really* the gadget you expect to be there, and not some evil/malicious gadget there to capture your credentials/data. I have ideas for some gadgets that I've effectively shelved, because they'll never work safely with the API as it stands today. :( David -- You received this message because you are subscribed to the Google Groups "Google Wave API" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-wave-api?hl=en.
