Hi Chip and AISquared folks: A thought on a relatively simple method of security:
AISquared Scripts are professionally signed. Third Party Scripts must be uploaded and a e-mail message sent to the original developers e-mail address on file with AISquared for validation response. The target and response message can easily be verified as coming from the actual developers machine and then the script added to the website for download. This doesn’t mean every scriptor will be honest but their name, address and machine address should be on file with AISquared as legal requirements along with anything else that would help identify a scriptor who would be impacting AISquareds client community. Those Countries with a solid legal framework and who would be responsive to legal action against any identified hacker should be included in the AISquared scripting Community. Others could be included with a warning concerning the risks of installing anything from that country. Again, AISquared has the pro certs and might make good use of them but I think the above methodology pattern may provide a decent level of security. What do you think? Rick USA
