data-protection

How can I find out if the iPhone user currently has a passcode set and encryption enabled?

谁说我不能喝 提交于 2019-12-17 07:09:09
问题 I'm writing an iPhone application that requires its data to be encrypted. I've learned how to turn on encryption for files by setting the NSFileProtectionComplete attribute. I also know how to check the iPhone version to make sure they are running iOS 4.0 or better. What I've realized though, that if the user has not chosen a passcode and has not specifically enabled data protection on the Settings > General > Passcade Lock screen then the data isn't actually protected at all. I'd like to pop

What's the best method to protect login cookie data in PHP?

孤街浪徒 提交于 2019-12-12 11:00:56
问题 I'm creating a login system in PHP, and I want to know how to best protect the user information string in my cookie. I was thinking of encrypting the string with a key somehow? Is this the best way? I'm kinda new to this. Thanks in advance. 回答1: Don't store sensitive information in cookies. Store a session ID hash to connect the logged in user with their account. 回答2: Aaron Harun has the right answer for you. There's basically no need to encrypt such data as long as you store it in a session,

I want to protect the users' API public and secret keys in my UWP app

瘦欲@ 提交于 2019-12-11 17:58:45
问题 I'm working on a UWP app where users will be asked for their API public/secret keys for a service the app will access. Normally, I'd store preferences in ApplicationData.Current.RoamingSettings , but with the API keys, I would like to encrypt them first. If you see below, I am not sure how to proceed with serializing an IBuffer object as I am hit with "Data of this type is not supported" when I test how to store it. Most of the code below is a copy-pasta from https://docs.microsoft.com/en-us

protect bytes data .net

白昼怎懂夜的黑 提交于 2019-12-11 11:13:13
问题 am trying to protect bytes data using the protectedmemory and protecteddata in .net application form this site, http://www.codedigest.com/Articles/Framework/69_Data_Encryption_and_Decryption_using_DPAPI_classes_in_NET.aspx is seems i can only protect a few bytes and also, i cannot get the sample provided here http://msdn.microsoft.com/en-us/library/ms229741(v=vs.85).aspx to run I get the following errors: Name 'MemoryProtectionScope' is not declared. (BC30451) Name 'DataProtectionScope' is

How to protect downloadable files in a remote directory from non-premium users (in php?)

扶醉桌前 提交于 2019-12-09 23:27:38
问题 Im building a "premium" section of my site and Im in a need to give download access to files in a remote directly (on a different server), to users with special privileges (accounts stored in mysql db). My site is coded in php/mysql so a php solution would be great. 回答1: direct all download links to a php file that'll do all the credential checking. you can call the file download.php pass along parameters via cookies, get, post, session, or whichever manner you verify privileges. once

Amazon SimpeDB - apps - data protection

白昼怎懂夜的黑 提交于 2019-12-07 12:05:12
问题 I have been using AWS (Amazon Web services) and in particular simpleDB for a couple of smartphone apps using their iOS/android client libraries. So far, the data was very benign so I didn't worry too much about data protection. My next app project will require a "users" table/domain containing usernames and passwords. What I'm worried about is that someone reverse-engineer the Android java version of the app, then it will be easy to get all the simpleDB data, including all the passwords. the

Amazon SimpeDB - apps - data protection

放肆的年华 提交于 2019-12-05 18:52:18
I have been using AWS (Amazon Web services) and in particular simpleDB for a couple of smartphone apps using their iOS/android client libraries. So far, the data was very benign so I didn't worry too much about data protection. My next app project will require a "users" table/domain containing usernames and passwords. What I'm worried about is that someone reverse-engineer the Android java version of the app, then it will be easy to get all the simpleDB data, including all the passwords. the basic TVM thing (Token Vending Machine, where a temporary token replaces the AWS credentials which are

How to protect downloadable files in a remote directory from non-premium users (in php?)

天大地大妈咪最大 提交于 2019-12-04 18:46:49
Im building a "premium" section of my site and Im in a need to give download access to files in a remote directly (on a different server), to users with special privileges (accounts stored in mysql db). My site is coded in php/mysql so a php solution would be great. direct all download links to a php file that'll do all the credential checking. you can call the file download.php pass along parameters via cookies, get, post, session, or whichever manner you verify privileges. once credentials are verified, you can send an appropriate header. if it's an image, the header would be header("Content

Combining resources into a single binary file

大憨熊 提交于 2019-12-03 17:05:28
How does one combine several resources for an application (images, sounds, scripts, xmls, etc.) into a single/multiple binary file so that they're protected from user's hands? What are the typical steps (organizing, loading, encryption, etc...)? This is particularly common in game development, yet a lot of the game frameworks and engines out there don't provide an easy way to do this, nor describe a general approach. I've been meaning to learn how to do it, but I don't know where to begin. Could anyone point me in the right direction? There are lots of ways to do this. m_pGladiator has some

What is the best way to protect sensitive data in the code?

喜你入骨 提交于 2019-12-03 05:46:02
问题 I was examining the ways of protecting my code from decompiling. There are several good threads here describing obfuscation and code packing as the possible ways of protecting the code. However none of them is ideal, obfuscation doesn't work with reflection when the string method/property names are used. Many people do not recommend to use obfuscation at all. So I currently decided not to go with any of the above. However , I have parts of the code where I need a sort of encryption , for