Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: keeping data safe offline

From: Gage Bystrom <themadichib0d () gmail com>
Date: Tue, 10 Apr 2012 08:33:42 -0700
The best you could do without internet access to store the keys is to
implement a strong crypting method on the app itself and use every trick
you can that would piss off a reverse engineer.
On Apr 9, 2012 2:26 PM, "Erki Männiste" <Erki.Manniste () webmedia ee> wrote:


I am developing a software that is going to be distributed to end-users on
usb sticks. The application and the content will be stored on that device
and the content will be stored in a one-file sqlCE database, it will be
crypted by default and will be encrypted by the application on-the-fly.
My client has made it clear, that he wants to keep end-users from copying
the content and using it on any other device but that very stick. Now, due
to the offline requirement this is impossible to achive because i have to
store the encryption key somewhere in the code and users are able to access
the data while in unencrypted state.
Can anybody recommend me any mechanism that i could apply, to make it more
difficult for users to copy the content?

ERKI


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate.  We look at how SSL works, how it benefits your company and
how your customers can tell if a site is secure. You will find out how to
test, purchase, install and use a thawte Digital Certificate on your Apache
web server. Throughout, best practices for set-up are highlighted to help
you ensure efficient ongoing management of your encryption keys and digital
certificates.


http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: