Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #97480
| From | alister <alister.nospam.ware@ntlworld.com> |
|---|---|
| Newsgroups | comp.lang.python |
| Subject | Re: Hiding code from intruders, a different slant on an old question |
| Date | 2015-10-07 13:05 +0000 |
| Organization | Aioe.org NNTP Server |
| Message-ID | <mv35a3$v1k$1@speranza.aioe.org> (permalink) |
| References | <tp5fec-l15.ln1@esprimo.zbmc.eu> |
On Wed, 07 Oct 2015 10:38:37 +0100, cl wrote: > I know questions similar to this are often asked but my reasons for > wanting to do this (and thus ways it can be done) are slightly > different. > > I have a number of little utility scripts (python and others) which I > use to automate the process of decrypting and displaying things like > files containing passwords. > > The encryption I use is reasonably secure anyway but I'd like to hide > the programs/methods I use so that:- > > 1 - The encrypted files are not identifiable as encrypted data (the file > command just returns 'data' so they can't be identified by that). If > there's a script in my ~/bin directory that relates directly to the > files it's obvious they're encrypted. > > 2 - The method used for encryption isn't obvious, again an obvious > script will show the program I have used. > > > I *could* write a C program which just exec()'s the required programs, > if they're done separately this would be fairly well hidden but I was > wondering if there's anything more obvious I can do that enables me to > do things easily in Python. > > > This is for protecting against any possible intruder who has gained > access to my system by breaking an ssh password or stealing my laptop > for example. It's *not* for hiding code that I'm giving to others, > I'd be quite happy to give the code in question to people who might want > to use it. The general rule with all forms of encryption is that the method is not secret. it is the key that needs to be kept secret. in the same way that the mechanical principles of the lock on your front door are public knowledge, the profile of the key itself (which is needed to unlock the door) is unknown. Example: With a simple Cesar the method is "shift the alphabet by 'X' characters and X is the key if the key is unknown then the attacker still has to brute force the method (admittedly with only 25 options this is not difficult) -- Down with categorical imperative!
Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
Hiding code from intruders, a different slant on an old question cl@isbd.net - 2015-10-07 10:38 +0100
Re: Hiding code from intruders, a different slant on an old question "Littlefield, Tyler" <tyler@tysdomain.com> - 2015-10-07 08:00 -0400
Re: Hiding code from intruders, a different slant on an old question alister <alister.nospam.ware@ntlworld.com> - 2015-10-07 13:05 +0000
Re: Hiding code from intruders, a different slant on an old question Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2015-10-07 20:01 -0400
Re: Hiding code from intruders, a different slant on an old question cl@isbd.net - 2015-10-08 11:28 +0100
Re: Hiding code from intruders, a different slant on an old question Ian Kelly <ian.g.kelly@gmail.com> - 2015-10-08 08:44 -0600
Re: Hiding code from intruders, a different slant on an old question alister <alister.nospam.ware@ntlworld.com> - 2015-10-08 15:46 +0000
Re: Hiding code from intruders, a different slant on an old question Ian Kelly <ian.g.kelly@gmail.com> - 2015-10-08 10:33 -0600
csiph-web