On Saturday, April 6, 2002, at 10:20 PM, Michael Crawford wrote:
> Does any one have any suggestions about what I could do here? My > two lines > of thought are: > > 1) I could either encrypt the images using some other method than > base64 I > am open to suggestions about how I could do this. Any simple method I give you would hardly be better than the obfuscation that you already have. If you must do more, the next step is serious encryption. One approach is to have the stack run a command line PGP application. Since NAI dropped the PGP line, your choices are limited if this is a commercial application. I'd consider GnuPG. It is available on several platforms. It is a little rough around the edges but should work for your narrow need. (If you find a shrink wrapped legal copy of PGP 6.5.8 command line commercial and don't need it, contact me.) Alternately, if you have control over all computers involved, turn on IPSec for the applicable connections. > 2) I could build a better password protected site with cgi's or > ASP or some > such thing though then I have issues with server hosting etc. Same problems. > 3) I am just being to paranoid about the whole thing. If anyone get's > through all of the road blocks I have created perhaps I should > just give > them a chocolate fish and a certificate and not worry about it... Simple obfuscation is appropriate in some cases and it may be in this case. You have to look at the economic factors for the spy and use that to assess the probabilities in assessing your risk (prob and cost). You also should look at other factors such as the cost of the stack getting bogus pictures. If these are pictures of a new product and you don't want Ford, Microsoft or France to see them, then you may need strong encryption. On the other hand, if you don't want people to see your maps of NZ that you worked so hard to make unless they pay for it, then encryption is less important. My wild guess is that you can probably get by with even simpler obfuscation and then forget about it. Dar Scott _______________________________________________ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
