On 5/24/2010 3:18 PM, Hector Beyers wrote:
> Yes, I mean hide. I am approaching the problem out of the perspective
> of a malicious user / hacker.
>
> **snip***
First hiding data is not a solution to secure or block access to
information. This only slows people down it does not stop them, never
underestimate users with access to the data
It would be helpful to explain the type of data that needs to be
hidden/secured
Example of failed attempts to hide data is to look at the numerous
mistakes in securing credit card data at many Companies.
In almost every case that i have read the programmers just tried to hide
the data or limit access instead of doing Public Key Private Key
encryption methodology . I know of several big name apps that still
store credit card data where the end users can reverse the encryption
meaning if the key becomes unsecured any the data is visible that is
encrypted.
I have seen where the data is only encrypted inside the database so the
information is transmitted in the clear to the client as the database
decrypted the data on the fly . What is the point??
Trying to hide information is waste of time and energy look into
encryption.
All legitimate Magwerks Corporation quotations are sent in a .PDF file attachment with a unique ID number generated by
ourproprietary quotation system. Quotations received via any other form of communication will not be honored.
CONFIDENTIALITY NOTICE: This e-mail, including attachments, may contain legally privileged, confidential or other
informationproprietary to Magwerks Corporation and is intended solely for the use of the individual to whom it
addresses.If the reader of this e-mail is not the intended recipient or authorized agent, the reader is hereby notified
thatany unauthorized viewing, dissemination, distribution or copying of this e-mail is strictly prohibited. If you have
receivedthis e-mail in error, please notify the sender by replying to this message and destroy all occurrences of this
e-mailimmediately.
Thank you.