[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: encrypting credentials is done plain wrong

From: Dmitry <wipedout_at_yandex.ru>
Date: Fri, 15 Apr 2011 10:01:09 +0400


15.04.11, 01:07, "Daniel Klima" <danklima_at_gmail.com>:
> Dmitry,
> could you please read Raymond Chen's blog (http://blogs.msdn.com/b/oldnewthing/) and especially series about "on the other side of this airtight hatchway".
> What you want is not what you get. You won't get security,just obfusction and considering it would be already running on same privlege level as is user's => other and more easier ways to get info you want. And obfuscation and opensource doesn't go well together anyway.

Okay, I agree to admit that erasing the buffers once they are no longer needed is not Security, but it's Obfuscation and let's only use the word "obfuscation" hereinafter. You're completely right when you say the program doesn't become more secure in classic sense, but still breaking it becomes slightly harder.

What I was trying to say it makes no sense to store the credentials in encrypted form when they've been previously manipulated using a class like CString because CString won't erase itself and therefore you will have one encrypted copy and numerous unencrypted copies of the credentials. This has nothing to do with security, but that's obfuscation done wrong.

Bets wishes.


To unsubscribe from this discussion, e-mail: [dev-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-04-15 08:01:23 CEST

This is an archived mail posted to the TortoiseSVN Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.