Re: [WebDNA] encrypt files/directories
This WebDNA talk-list message is from 2011
It keeps the original formatting.
numero = 107603
interpreted = N
texte = Hi Govinda!> for that matter I wonder how easy or hard it is to brute force current =webdna encrypted vals.? I mean the PHP clan has had to abandon md5() in =favor of crypt() (i.e. blowfish) in recent years+ due to the fact that =md5 is too easy to brute force reverse by today's computer power =standards. Webdna is going to need to address this too if we ever =become more popular than "security-through-obscurity".We have implemented blowfish in WebDNA 7.0. Blowfish is a strong =symmetric block ciphers used in SSH, OpenBSD, IPSec with 32 bits to 448 =bits key length;. It allows very fast encryption and is trong enough.- chris>=20> For those wondering what all this means:> you can use webdna's [encrypt] to encrypt values you want to remain =unknown in case someone ever saw that encrypted value, like passwords =stored in a database (and you did not want the user to recover the =original data). Other web languages (like PHP) have this kind of thing =too, of course. Well the way people used to encrypt stuff in PHP is no =longer considered secure because hackers can easily write/use software =that can effectively reverse the encryption, *if* the underlying =encrypting algorithms used by the web language are not robust enough to =prevent it. As home computers become more and more powerful, it becomes =easier and easier for hackers to reverse the encryption... and so the =web language developers (like those who write the PHP or Webdna engine) =have to keep making the encryption algorithms stronger and strong. PDFs =used to be made secure by password protecting them. Apparently, those =method are now easily overcome. I wonder if Webdna's encryptions are =likewise now easily overcome? If Webdna gets popular again, we will =surely have to be ready for the added attention by friendly users and =hackers alike.>=20> P.S. Steve, maybe you could just .htaccess to realm protect everything =in your PDF folder? (I'm kinda green in all things .htaccess.. so =someone please correct me if it needs it.) Or do you need to =pass-protect for many separate users with diff. passwords?>=20> P.P.S. I keep thinking these posts (on this list) would be much easier =to follow (for example in the archives where someone might just come =across one of them, who had not been following along), if we "bottom =post".. meaning write our replies *under* the former (trimmed) text in =the email. I'll try to remember to do that from now on.>=20> -G>=20>> Might want to spend a few minutes on google seeing how much =protection PDF passwords really get you.>>=20>> http://lmgtfy.com/?q=3Dpdf%20recover%20password>>=20>>=20>> On Oct 31, 2011, at 3:56 PM, Steve Raslevich -Northern Sound & Light =wrote:>>=20>>> Hi Govinda,>>>=20>>> No, I don't think you are wrong. I appreciate your input. I am still =learning what all WebDNA can do and get confused sometimes from the docs =that are sometimes very short in explaining things. Your suggestion of =pass protecting the pdf's sounds like my best option.>>>=20>>> Best Regards,>>> Steve>>>=20>>> Govinda wrote:>>>> I have not been paying attention in this area.. but I am going to =guess right now (and please show me those docs if you think I am wrong) =that that snippet from those docs is just saying that you as the =webmaster would perhaps like to name your directory where you keep your =encrypted files, "encrypted". But it might as well have suggested you =name that folder "creamFilling". I.e. it is just saying the obvious, ="name your directories well".>>>> (?)>>>>=20>>>> I don't see how you are going to encrypt PDFs with webdna because =to unencrypt them the webserver has to run them thru the webdna parser =.. and PDFs are not supposed to do that, right? ..that is just for =webpages with webdna tags in them. Or am I being dense somehow?>>>>=20>>>> If you want to protect sensitive data in the PDF, why don't you =look at generating pass-protected PDFs (if you are generating them =yourself).>>>>=20>>>> -Govinda>>>>=20>>>>=20>>>>=20>>>>=20>>>>> Hi Govinda,>>>>>=20>>>>> Thanks for the links below. Unfortunately, I have already gone =over them. The only docs that are discussed being encrypted are =templates. I am looking for a way to encrypt mainly pdf files as some of =the dpf's contain sensitive info but should be accessible to certain =users.>>>>>=20>>>>> I thought there may be a way to encrypt an entire directory as the =statement below is included in the WebDNA docs:>>>>>=20>>>>> "Another example that would encrypt a file named "filename" from =your disk and copy it in an /encrypted directory:">>>>>=20>>>>>=20>>>>> Thanks for your reply.>>>>>=20>>>>> Regards,>>>>> Steve>>>>> .>>>>> Govinda wrote:>>>>>=20>>>>>=20>>>>>> Hi Steve>>>>>>=20>>>>>> I have not done that in so long.. that I do not know if this is =up to date.. But:>>>>>>=20>>>>>>=20>>>>>> http://docs.webdna.us/>>>>>>=20>>>>>> (Click "Appendices ", and "Appendix D - How to create encrypted =templates")>>>>>> leads to:>>>>>>=20>>>>>> http://docs.webdna.us/pages.html?context=3DEncryptedTemplates.html>>>>>>=20>>>>>>=20>>>>>> I used to encrypt files that way, but I never tried to encrypt a =whole folder of stuff.>>>>>>=20>>>>>> -Govinda>>>>>>=20>>>>>>=20>>>>>>=20>>>>>>=20>>>>>>=20>>>>>>> Hi,>>>>>>>=20>>>>>>> Up until now I have only been using [encrypt] and [decrypt] for =fields stored in a database. I now have the need to protect some stored =pdf's. The docs mention encrypting directories and files but fall short =of syntax examples on how to do this. Is it possible to encrypt =directories and files with WebDNA's [encrypt]? If so, could someone =explain how to do so or provide syntax examples?>>>>>>>=20>>>>>>> Thank you,>>>>>>> Steve>>=20>> --------------------------------------------------------->> This message is sent to you because you are subscribed to>> the mailing list
.>> To unsubscribe, E-mail to: >> archives: http://mail.webdna.us/list/talk@webdna.us>> Bug Reporting: support@webdna.us>=20> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us
Associated Messages, from the most recent to the oldest:
Hi Govinda!> for that matter I wonder how easy or hard it is to brute force current =webdna encrypted vals.? I mean the PHP clan has had to abandon md5() in =favor of crypt() (i.e. blowfish) in recent years+ due to the fact that =md5 is too easy to brute force reverse by today's computer power =standards. Webdna is going to need to address this too if we ever =become more popular than "security-through-obscurity".We have implemented blowfish in WebDNA 7.0. Blowfish is a strong =symmetric block ciphers used in SSH, OpenBSD, IPSec with 32 bits to 448 =bits key length;. It allows very fast encryption and is trong enough.- chris>=20> For those wondering what all this means:> you can use webdna's [encrypt] to encrypt values you want to remain =unknown in case someone ever saw that encrypted value, like passwords =stored in a database (and you did not want the user to recover the =original data). Other web languages (like PHP) have this kind of thing =too, of course. Well the way people used to encrypt stuff in PHP is no =longer considered secure because hackers can easily write/use software =that can effectively reverse the encryption, *if* the underlying =encrypting algorithms used by the web language are not robust enough to =prevent it. As home computers become more and more powerful, it becomes =easier and easier for hackers to reverse the encryption... and so the =web language developers (like those who write the PHP or Webdna engine) =have to keep making the encryption algorithms stronger and strong. PDFs =used to be made secure by password protecting them. Apparently, those =method are now easily overcome. I wonder if Webdna's encryptions are =likewise now easily overcome? If Webdna gets popular again, we will =surely have to be ready for the added attention by friendly users and =hackers alike.>=20> P.S. Steve, maybe you could just .htaccess to realm protect everything =in your PDF folder? (I'm kinda green in all things .htaccess.. so =someone please correct me if it needs it.) Or do you need to =pass-protect for many separate users with diff. passwords?>=20> P.P.S. I keep thinking these posts (on this list) would be much easier =to follow (for example in the archives where someone might just come =across one of them, who had not been following along), if we "bottom =post".. meaning write our replies *under* the former (trimmed) text in =the email. I'll try to remember to do that from now on.>=20> -G>=20>> Might want to spend a few minutes on google seeing how much =protection PDF passwords really get you.>>=20>> http://lmgtfy.com/?q=3Dpdf%20recover%20password>>=20>>=20>> On Oct 31, 2011, at 3:56 PM, Steve Raslevich -Northern Sound & Light =wrote:>>=20>>> Hi Govinda,>>>=20>>> No, I don't think you are wrong. I appreciate your input. I am still =learning what all WebDNA can do and get confused sometimes from the docs =that are sometimes very short in explaining things. Your suggestion of =pass protecting the pdf's sounds like my best option.>>>=20>>> Best Regards,>>> Steve>>>=20>>> Govinda wrote:>>>> I have not been paying attention in this area.. but I am going to =guess right now (and please show me those docs if you think I am wrong) =that that snippet from those docs is just saying that you as the =webmaster would perhaps like to name your directory where you keep your =encrypted files, "encrypted". But it might as well have suggested you =name that folder "creamFilling". I.e. it is just saying the obvious, ="name your directories well".>>>> (?)>>>>=20>>>> I don't see how you are going to encrypt PDFs with webdna because =to unencrypt them the webserver has to run them thru the webdna parser =.. and PDFs are not supposed to do that, right? ..that is just for =webpages with webdna tags in them. Or am I being dense somehow?>>>>=20>>>> If you want to protect sensitive data in the PDF, why don't you =look at generating pass-protected PDFs (if you are generating them =yourself).>>>>=20>>>> -Govinda>>>>=20>>>>=20>>>>=20>>>>=20>>>>> Hi Govinda,>>>>>=20>>>>> Thanks for the links below. Unfortunately, I have already gone =over them. The only docs that are discussed being encrypted are =templates. I am looking for a way to encrypt mainly pdf files as some of =the dpf's contain sensitive info but should be accessible to certain =users.>>>>>=20>>>>> I thought there may be a way to encrypt an entire directory as the =statement below is included in the WebDNA docs:>>>>>=20>>>>> "Another example that would encrypt a file named "filename" from =your disk and copy it in an /encrypted directory:">>>>>=20>>>>>=20>>>>> Thanks for your reply.>>>>>=20>>>>> Regards,>>>>> Steve>>>>> .>>>>> Govinda wrote:>>>>>=20>>>>>=20>>>>>> Hi Steve>>>>>>=20>>>>>> I have not done that in so long.. that I do not know if this is =up to date.. But:>>>>>>=20>>>>>>=20>>>>>> http://docs.webdna.us/>>>>>>=20>>>>>> (Click "Appendices ", and "Appendix D - How to create encrypted =templates")>>>>>> leads to:>>>>>>=20>>>>>> http://docs.webdna.us/pages.html?context=3DEncryptedTemplates.html>>>>>>=20>>>>>>=20>>>>>> I used to encrypt files that way, but I never tried to encrypt a =whole folder of stuff.>>>>>>=20>>>>>> -Govinda>>>>>>=20>>>>>>=20>>>>>>=20>>>>>>=20>>>>>>=20>>>>>>> Hi,>>>>>>>=20>>>>>>> Up until now I have only been using [encrypt] and [decrypt] for =fields stored in a database. I now have the need to protect some stored =pdf's. The docs mention encrypting directories and files but fall short =of syntax examples on how to do this. Is it possible to encrypt =directories and files with WebDNA's [encrypt]? If so, could someone =explain how to do so or provide syntax examples?>>>>>>>=20>>>>>>> Thank you,>>>>>>> Steve>>=20>> --------------------------------------------------------->> This message is sent to you because you are subscribed to>> the mailing list .>> To unsubscribe, E-mail to: >> archives: http://mail.webdna.us/list/talk@webdna.us>> Bug Reporting: support@webdna.us>=20> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us
christophe.billiottet@webdna.us
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
How To question on setting up downloads (1997)
security problem (1997)
Mac OS and 3.0.5b12 bug report (1999)
# fields limited? (1997)
FORMS: Returning a specific page (1997)
Trouble with Netscape (1998)
WebCatalog on OSX and %CPU (2003)
database size? (1997)
profiles (1999)
Unable to view next 101-200 (1997)
Re:No Data (1997)
Changes to the List (1997)
Associative lookup style? (1997)
how to put/keep product customization info in basket? (1998)
Generating and appending SKU to a db automatically (1998)
Problems getting parameters passed into email. (1997)
UPS AVS tools (2003)
[format 40s]text[/format] doesn't work (1997)
HideIf ip= OR ip (1998)
really wierd browser truncating (1997)