Re: string literals passwords in run only applications
Re: string literals passwords in run only applications
- Subject: Re: string literals passwords in run only applications
- From: email@hidden
- Date: Mon, 25 Feb 2002 22:20:52 -0500
On Thu, 21 Feb 2002 14:45:20 -0500,
Cc: email@hidden
To: garbanzito <email@hidden>
From: Michael Turner <email@hidden>
>
If I were to include the password as a string literal, then
>
save the file as 'run only application' & ditch the original
>
text file, would that password be safe from prying eyes?
>
How unsafe would that be?
Not very safe at all. Text constants are stored in plain form.
Kids! Here's a quick demo you can do at home!
Ingredients:
1 Script Editor
1 Res Edit
Step 1. Type a script like this in Script Editor:
if passwd = "ABC123" then beep
Step 2. Save it as "Run Only"
Step 3. Open the Run Only file in Res Edit.
Step 4. Open the "scpt" resource, select 128, and pick "Resource...Open Using
Hex Editor"
Step 5. Notice "ABC123" sitting there, right after "passwd"
>
Binary file isn't encrypted, nach, but it seems safe for my own use...
>
>
I wrote this cool URL Access (ftp) droplet/applet that uses this
>
technique, passed it to a friend, as he was able to use it from OS 9 (Im
>
on X), which is pretty exciting, but before I go and hand it off to
>
anyone else, I have to decide if it is safe.
>
>
Im initially thinking: "Fine on my desktop, but don't send out". What do
>
you think?
You need to assess how important is the security. What do you lose if the
password is compromised, compared to the work required to make it harder to
compromise?
Generally, if security is important, you should make every effort to use the
operating-system supplied security features. On the Mac that means the
Keychain. Script an application that knows how to use the Keychain, and put the
password there. Or, for your own script using URL Access, grab the password
(into a non-global variable) using the "Keychain Scripting" app. There are good
AppleScript examples included named "Find PIN in Keychain" and "Add PIN to
Keychain".
Home-brew security is notorious for being weak. Its hard to do security
correctly. For example, 4-bit encryption and 128-bit encryption look the same
on casual inspection. Which one would you want protecting your credit card
number?
Now, because this question comes up frequently, I'll ask it and answer it as
well. "How do I protect my application so only a user with the password can run
it?" Keychain scripting is out, since you'll have to tell the user the keychain
passphrase, and then a script can extract the secret password.
One good way to do password checking is the Unix way: Don't store the password,
but store a hash function of the password. For the hash function, you want a
one-way function--one that is easy to compute, but hard to invert. That is, it
must be very difficult to figure out what password generates the required hash
value. Then, your code looks like this:
if hash(password) = "xs41Š!D:" then
where
and a cracker won't be able to easily guess the value P for which hash(P) is the
value coded into your script.
So, does anyone have a good hash function? Akua Sweets has an "Encrypt"
function, which might be usable as a hash function, by making the plain text a
fixed string and the key the hash function's input. But I tried a simple
encryption loop, and got disappointing results:
set l to {}
repeat with N from 1 to 100
encrypt the text "ABC" with password N
set end of l to result
end repeat
l
--> result: {"SPE", "SPC", "RQA", ..[mostly uppercase, lots of Ps, Rs, Ss,
and Ws, and other characters towards the end of the alphabet.]
So the cryptographic strength doesn't look too good.
--
Scott Norton Phone: +1-703-299-1656
DTI Associates, Inc. Fax: +1-703-706-0476
2920 South Glebe Road Internet: email@hidden
Arlington, VA 22206-2768 or email@hidden
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.