Welcome To The Home Of The Visual FoxPro Experts  
home. signup. forum. archives. search. google. articles. downloads. faq. members. weblogs. file info. rss.
 From: drCipher
  Where is drCipher?
 Sacramento
 California - United States
 drCipher
 To: Chris Van de Velde
  Where is Chris Van de Velde?
 antwerpen
 Belgium
 Chris Van de Velde
 Tags
Subject: RE: Connection string & decompiler
Thread ID: 22451 Message ID: 22535 # Views: 22 # Ratings: 0
Version: Visual FoxPro 7 Category: General VFP Topics
Date: Monday, April 21, 2003 8:15:57 PM         
   


> I have written an application, ready to sell, but this is connection to a MySQL database for logging in.
> I know of the existance of REFOX (probably other decompilers to), probably using these it is not hard to find the connection string to hack the databse. Is it therefore possible to hide the connection string somewhere so that it is hard (or impossible) to find?
> Is it possible to be protected against a decompiler (seeing machine code or assembly does not disturb me, but a high-level programing does)? I do know that there is no 100% protection against hacking!
> Chris Van de Velde

It's always a bad idea to secure a system through hiding something. Even if you use some of the recommendations people gave you; the code can still be recovered. Even if the application could not be decompiled you run the risk of the info being revealed by someone using a sniffer. I recommend allowing the user to set and change the password. This will allow the user to ensure security because once your hidden info is found, everyone will know.


COMPLETE THREAD

Connection string & decompiler Posted by Chris Van de Velde @ 4/18/2003 8:48:39 AM
RE: Connection string & decompiler Posted by vijayan @ 4/18/2003 10:22:38 AM
RE: Connection string & decompiler Posted by Chris Van de Velde @ 4/19/2003 1:18:36 AM
RE: Connection string & decompiler Posted by Boudewijn Lutgerink @ 4/21/2003 11:40:56 AM
RE: Connection string & decompiler Posted by Eric den Doop @ 4/18/2003 10:47:57 AM
RE: Connection string & decompiler Posted by Chris Van de Velde @ 4/19/2003 1:20:43 AM
RE: Connection string & decompiler Posted by vijayan @ 4/20/2003 8:28:49 AM
RE: Connection string & decompiler Posted by Chris Van de Velde @ 4/21/2003 6:54:45 PM
RE: Connection string & decompiler Posted by Dale Dedoroy @ 4/20/2003 12:24:21 PM
RE: Connection string & decompiler Posted by drCipher @ 4/21/2003 8:15:57 PM