Do NOT mistake this for security

Article:
Nobody REALLY Asked Me, But...

Subject: Do NOT mistake this for security

Date: 2002-08-29 18:11:16

From: Jason May

I don't know what James' was originally looking for when he asked about obfuscation, but if he was hoping to get security for his application data, this isn't the way.

ROT-13 on a data payload will hold up a serious attacker for minutes at most. In particular this is incredibly weak for anything like credit card numbers.

If you really want to secure your data, encrypt the entire payload using a real cryptographic library.

Previous Message Next Message

Sponsored By:

©2010, O'Reilly Media, Inc.
(707) 827-7000 / (800) 998-9938
All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.

About O'Reilly
Academic Solutions
Contacts
Customer Service
Careers
Press Room
Privacy Policy
Terms of Service
Writing for O'Reilly

Community
Authors
Forums
Membership
Newsletters
RSS Feeds
User Groups

More O'Reilly Sites
igniteshow.com
makerfaire.com
makezine.com
craftzine.com
labs.oreilly.com

Partner Sites
PayPal Developer Zone
O'Reilly Insights on Forbes.com

Recommended for You