Tom Glod wrote:

> Richard,
> Lets say one of my users is targeted by a hacker and they manage
> to install a malware process on their system that will capture all
> the data flowing between the 2 processes.
> Then they do not need to be sitting in the victim's chair.
> But if the data was encrypted, this wouldn't matter.

True, that one aspect of your program wouldn't matter. But since everything else on the system is now hosed, does anything matter?

To my ear it sounds like a planning committee meeting for a zoo in which they're deciding on the steel thickness of armored suits they require visitors to wear because tigers are running loose, while the whole facility is on fire. I'm in the back of the room raising my hand asking if we might just put the tigers back in the cage. After we put out the fire. :)

In the scenario you described, what prevents the bad guy from reading the data at rest? Or keylogging? Or replacing either or both of the executables you delivered? Or anything else they might do once they have that level of control throughout the system?

 Richard Gaskin
 Fourth World Systems
 Software Design and Development for the Desktop, Mobile, and the Web

use-livecode mailing list
Please visit this url to subscribe, unsubscribe and manage your subscription 

Reply via email to