-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/05/2010 02:17 PM, Arthur Avramiea wrote: > The sqlite db will be encrypted with http://www.zetetic.net/code/sqlcipher > so that the users of the application without the proper credentials will not > be able to see or modify them.
The last part of your sentence in no way follows from the first. The encryption key and code has to be present on the machine in order to access the database. For example a cracker could just attach a debugger to the process. Additionally it would seem that the database copies are the same, so if any one person cracked it then they could publish the information in the clear for all other users. A better way of looking at security is to assign dollar amounts. How much should an adversary have to spend to bypass your goals? For example attaching a debugger is $0 for the tools and a few hundred dollars for labour (if that). > Is C++ a proper language for creating this interface? SQLite access is easy from almost every programming language. Pick whatever GUI toolkit you intend to use and work from that as it will be the bulk of the code. Especially consider things like will you need clipboard access, screen resolutions, printing, different input devices, screen reading and audio cues etc. Roger -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyDfQMACgkQmOOfHg372QRrwwCgx7qv7eFFLUQ+hHsN1slLrHat SW0AoNEIqJ1glqRxXkr1RgUwXW1FhKV9 =mAUF -----END PGP SIGNATURE----- _______________________________________________ sqlite-users mailing list [email protected] http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
