Protecting Things from prying eyes....
Dar Scott
dsc at swcp.com
Sun Apr 7 16:20:00 EDT 2002
On Saturday, April 6, 2002, at 10:20 PM, Michael Crawford wrote:
> Does any one have any suggestions about what I could do here? My
> two lines
> of thought are:
>
> 1) I could either encrypt the images using some other method than
> base64 I
> am open to suggestions about how I could do this.
Any simple method I give you would hardly be better than the
obfuscation that you already have.
If you must do more, the next step is serious encryption.
One approach is to have the stack run a command line PGP
application. Since NAI dropped the PGP line, your choices are
limited if this is a commercial application. I'd consider GnuPG.
It is available on several platforms. It is a little rough around
the edges but should work for your narrow need. (If you find a
shrink wrapped legal copy of PGP 6.5.8 command line commercial and
don't need it, contact me.)
Alternately, if you have control over all computers involved, turn
on IPSec for the applicable connections.
> 2) I could build a better password protected site with cgi's or
> ASP or some
> such thing though then I have issues with server hosting etc.
Same problems.
> 3) I am just being to paranoid about the whole thing. If anyone get's
> through all of the road blocks I have created perhaps I should
> just give
> them a chocolate fish and a certificate and not worry about it...
Simple obfuscation is appropriate in some cases and it may be in
this case. You have to look at the economic factors for the spy
and use that to assess the probabilities in assessing your risk
(prob and cost). You also should look at other factors such as the
cost of the stack getting bogus pictures.
If these are pictures of a new product and you don't want Ford,
Microsoft or France to see them, then you may need strong
encryption. On the other hand, if you don't want people to see
your maps of NZ that you worked so hard to make unless they pay for
it, then encryption is less important.
My wild guess is that you can probably get by with even simpler
obfuscation and then forget about it.
Dar Scott
More information about the metacard
mailing list