On May 16, 2006, at 1:19 PM, Jason Essington wrote:
No, but the code to decipher the supplied key could be exposed, and
with this information, it is easy enough to figure out how to
generate new keys (depending upon how the keys are validated)
also, with the code exposed, it is a simple matter to just bypass
any key checking altogether.
I didn't mean that the RS encryption algorithm was compromised
(looking back it appears that my comment could be interpreted that way).
All I meant is that if *you* were in a similar situation where *your*
application serial numbers were compromised... you would have to take
extreme measures to protect your assets... which would mean releasing
a maintenance release ASAP to correct the problem.
Unfortunately, it is not that simple for RS... the dog is already out
of the yard and the damage is done. Now it is fence-fixing time.
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>
Search the archives of this list here:
<http://support.realsoftware.com/listarchives/lists.html>
