Re: [WebDNA] encrypt files/directories
This WebDNA talk-list message is from 2011
It keeps the original formatting.
numero = 107604
interpreted = N
texte = Better say, we rewrote the blowfish code because there were some =inconsistencies (depending on key length, it was not possible to recover =the original text). It is fully reliable in WebDNA 7.- chrisOn Nov 1, 2011, at 7:15, christophe.billiottet@webdna.us wrote:> Hi Govinda!>=20>> for that matter I wonder how easy or hard it is to brute force =current webdna encrypted vals.? I mean the PHP clan has had to abandon =md5() in favor of crypt() (i.e. blowfish) in recent years+ due to the =fact that md5 is too easy to brute force reverse by today's computer =power standards. Webdna is going to need to address this too if we ever =become more popular than "security-through-obscurity".>=20> We have implemented blowfish in WebDNA 7.0. Blowfish is a strong =symmetric block ciphers used in SSH, OpenBSD, IPSec with 32 bits to 448 =bits key length;. It allows very fast encryption and is trong enough.>=20> - chris>=20>>=20>> For those wondering what all this means:>> you can use webdna's [encrypt] to encrypt values you want to remain =unknown in case someone ever saw that encrypted value, like passwords =stored in a database (and you did not want the user to recover the =original data). Other web languages (like PHP) have this kind of thing =too, of course. Well the way people used to encrypt stuff in PHP is no =longer considered secure because hackers can easily write/use software =that can effectively reverse the encryption, *if* the underlying =encrypting algorithms used by the web language are not robust enough to =prevent it. As home computers become more and more powerful, it becomes =easier and easier for hackers to reverse the encryption... and so the =web language developers (like those who write the PHP or Webdna engine) =have to keep making the encryption algorithms stronger and strong. PDFs =used to be made secure by password protecting them. Apparently, those =method are now easily overcome. I wonder if Webdna's encryptions are =likewise now easily overcome? If Webdna gets popular again, we will =surely have to be ready for the added attention by friendly users and =hackers alike.>>=20>> P.S. Steve, maybe you could just .htaccess to realm protect =everything in your PDF folder? (I'm kinda green in all things =.htaccess.. so someone please correct me if it needs it.) Or do you =need to pass-protect for many separate users with diff. passwords?>>=20>> P.P.S. I keep thinking these posts (on this list) would be much =easier to follow (for example in the archives where someone might just =come across one of them, who had not been following along), if we ="bottom post".. meaning write our replies *under* the former (trimmed) =text in the email. I'll try to remember to do that from now on.>>=20>> -G>>=20>>> Might want to spend a few minutes on google seeing how much =protection PDF passwords really get you.>>>=20>>> http://lmgtfy.com/?q=3Dpdf%20recover%20password>>>=20>>>=20>>> On Oct 31, 2011, at 3:56 PM, Steve Raslevich -Northern Sound & Light =wrote:>>>=20>>>> Hi Govinda,>>>>=20>>>> No, I don't think you are wrong. I appreciate your input. I am =still learning what all WebDNA can do and get confused sometimes from =the docs that are sometimes very short in explaining things. Your =suggestion of pass protecting the pdf's sounds like my best option.>>>>=20>>>> Best Regards,>>>> Steve>>>>=20>>>> Govinda wrote:>>>>> I have not been paying attention in this area.. but I am going to =guess right now (and please show me those docs if you think I am wrong) =that that snippet from those docs is just saying that you as the =webmaster would perhaps like to name your directory where you keep your =encrypted files, "encrypted". But it might as well have suggested you =name that folder "creamFilling". I.e. it is just saying the obvious, ="name your directories well".>>>>> (?)>>>>>=20>>>>> I don't see how you are going to encrypt PDFs with webdna because =to unencrypt them the webserver has to run them thru the webdna parser =.. and PDFs are not supposed to do that, right? ..that is just for =webpages with webdna tags in them. Or am I being dense somehow?>>>>>=20>>>>> If you want to protect sensitive data in the PDF, why don't you =look at generating pass-protected PDFs (if you are generating them =yourself).>>>>>=20>>>>> -Govinda>>>>>=20>>>>>=20>>>>>=20>>>>>=20>>>>>> Hi Govinda,>>>>>>=20>>>>>> Thanks for the links below. Unfortunately, I have already gone =over them. The only docs that are discussed being encrypted are =templates. I am looking for a way to encrypt mainly pdf files as some of =the dpf's contain sensitive info but should be accessible to certain =users.>>>>>>=20>>>>>> I thought there may be a way to encrypt an entire directory as =the statement below is included in the WebDNA docs:>>>>>>=20>>>>>> "Another example that would encrypt a file named "filename" from =your disk and copy it in an /encrypted directory:">>>>>>=20>>>>>>=20>>>>>> Thanks for your reply.>>>>>>=20>>>>>> Regards,>>>>>> Steve>>>>>> .>>>>>> Govinda wrote:>>>>>>=20>>>>>>=20>>>>>>> Hi Steve>>>>>>>=20>>>>>>> I have not done that in so long.. that I do not know if this is =up to date.. But:>>>>>>>=20>>>>>>>=20>>>>>>> http://docs.webdna.us/>>>>>>>=20>>>>>>> (Click "Appendices ", and "Appendix D - How to create encrypted =templates")>>>>>>> leads to:>>>>>>>=20>>>>>>> http://docs.webdna.us/pages.html?context=3DEncryptedTemplates.html=>>>>>>>=20>>>>>>>=20>>>>>>> I used to encrypt files that way, but I never tried to encrypt a =whole folder of stuff.>>>>>>>=20>>>>>>> -Govinda>>>>>>>=20>>>>>>>=20>>>>>>>=20>>>>>>>=20>>>>>>>=20>>>>>>>> Hi,>>>>>>>>=20>>>>>>>> Up until now I have only been using [encrypt] and [decrypt] for =fields stored in a database. I now have the need to protect some stored =pdf's. The docs mention encrypting directories and files but fall short =of syntax examples on how to do this. Is it possible to encrypt =directories and files with WebDNA's [encrypt]? If so, could someone =explain how to do so or provide syntax examples?>>>>>>>>=20>>>>>>>> Thank you,>>>>>>>> Steve>>>=20>>> --------------------------------------------------------->>> This message is sent to you because you are subscribed to>>> the mailing list
.>>> To unsubscribe, E-mail to: >>> archives: http://mail.webdna.us/list/talk@webdna.us>>> Bug Reporting: support@webdna.us>>=20>> --------------------------------------------------------->> This message is sent to you because you are subscribed to>> the mailing list .>> To unsubscribe, E-mail to: >> archives: http://mail.webdna.us/list/talk@webdna.us>> Bug Reporting: support@webdna.us>=20> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us
Associated Messages, from the most recent to the oldest:
Better say, we rewrote the blowfish code because there were some =inconsistencies (depending on key length, it was not possible to recover =the original text). It is fully reliable in WebDNA 7.- chrisOn Nov 1, 2011, at 7:15, christophe.billiottet@webdna.us wrote:> Hi Govinda!>=20>> for that matter I wonder how easy or hard it is to brute force =current webdna encrypted vals.? I mean the PHP clan has had to abandon =md5() in favor of crypt() (i.e. blowfish) in recent years+ due to the =fact that md5 is too easy to brute force reverse by today's computer =power standards. Webdna is going to need to address this too if we ever =become more popular than "security-through-obscurity".>=20> We have implemented blowfish in WebDNA 7.0. Blowfish is a strong =symmetric block ciphers used in SSH, OpenBSD, IPSec with 32 bits to 448 =bits key length;. It allows very fast encryption and is trong enough.>=20> - chris>=20>>=20>> For those wondering what all this means:>> you can use webdna's [encrypt] to encrypt values you want to remain =unknown in case someone ever saw that encrypted value, like passwords =stored in a database (and you did not want the user to recover the =original data). Other web languages (like PHP) have this kind of thing =too, of course. Well the way people used to encrypt stuff in PHP is no =longer considered secure because hackers can easily write/use software =that can effectively reverse the encryption, *if* the underlying =encrypting algorithms used by the web language are not robust enough to =prevent it. As home computers become more and more powerful, it becomes =easier and easier for hackers to reverse the encryption... and so the =web language developers (like those who write the PHP or Webdna engine) =have to keep making the encryption algorithms stronger and strong. PDFs =used to be made secure by password protecting them. Apparently, those =method are now easily overcome. I wonder if Webdna's encryptions are =likewise now easily overcome? If Webdna gets popular again, we will =surely have to be ready for the added attention by friendly users and =hackers alike.>>=20>> P.S. Steve, maybe you could just .htaccess to realm protect =everything in your PDF folder? (I'm kinda green in all things =.htaccess.. so someone please correct me if it needs it.) Or do you =need to pass-protect for many separate users with diff. passwords?>>=20>> P.P.S. I keep thinking these posts (on this list) would be much =easier to follow (for example in the archives where someone might just =come across one of them, who had not been following along), if we ="bottom post".. meaning write our replies *under* the former (trimmed) =text in the email. I'll try to remember to do that from now on.>>=20>> -G>>=20>>> Might want to spend a few minutes on google seeing how much =protection PDF passwords really get you.>>>=20>>> http://lmgtfy.com/?q=3Dpdf%20recover%20password>>>=20>>>=20>>> On Oct 31, 2011, at 3:56 PM, Steve Raslevich -Northern Sound & Light =wrote:>>>=20>>>> Hi Govinda,>>>>=20>>>> No, I don't think you are wrong. I appreciate your input. I am =still learning what all WebDNA can do and get confused sometimes from =the docs that are sometimes very short in explaining things. Your =suggestion of pass protecting the pdf's sounds like my best option.>>>>=20>>>> Best Regards,>>>> Steve>>>>=20>>>> Govinda wrote:>>>>> I have not been paying attention in this area.. but I am going to =guess right now (and please show me those docs if you think I am wrong) =that that snippet from those docs is just saying that you as the =webmaster would perhaps like to name your directory where you keep your =encrypted files, "encrypted". But it might as well have suggested you =name that folder "creamFilling". I.e. it is just saying the obvious, ="name your directories well".>>>>> (?)>>>>>=20>>>>> I don't see how you are going to encrypt PDFs with webdna because =to unencrypt them the webserver has to run them thru the webdna parser =.. and PDFs are not supposed to do that, right? ..that is just for =webpages with webdna tags in them. Or am I being dense somehow?>>>>>=20>>>>> If you want to protect sensitive data in the PDF, why don't you =look at generating pass-protected PDFs (if you are generating them =yourself).>>>>>=20>>>>> -Govinda>>>>>=20>>>>>=20>>>>>=20>>>>>=20>>>>>> Hi Govinda,>>>>>>=20>>>>>> Thanks for the links below. Unfortunately, I have already gone =over them. The only docs that are discussed being encrypted are =templates. I am looking for a way to encrypt mainly pdf files as some of =the dpf's contain sensitive info but should be accessible to certain =users.>>>>>>=20>>>>>> I thought there may be a way to encrypt an entire directory as =the statement below is included in the WebDNA docs:>>>>>>=20>>>>>> "Another example that would encrypt a file named "filename" from =your disk and copy it in an /encrypted directory:">>>>>>=20>>>>>>=20>>>>>> Thanks for your reply.>>>>>>=20>>>>>> Regards,>>>>>> Steve>>>>>> .>>>>>> Govinda wrote:>>>>>>=20>>>>>>=20>>>>>>> Hi Steve>>>>>>>=20>>>>>>> I have not done that in so long.. that I do not know if this is =up to date.. But:>>>>>>>=20>>>>>>>=20>>>>>>> http://docs.webdna.us/>>>>>>>=20>>>>>>> (Click "Appendices ", and "Appendix D - How to create encrypted =templates")>>>>>>> leads to:>>>>>>>=20>>>>>>> http://docs.webdna.us/pages.html?context=3DEncryptedTemplates.html=>>>>>>>=20>>>>>>>=20>>>>>>> I used to encrypt files that way, but I never tried to encrypt a =whole folder of stuff.>>>>>>>=20>>>>>>> -Govinda>>>>>>>=20>>>>>>>=20>>>>>>>=20>>>>>>>=20>>>>>>>=20>>>>>>>> Hi,>>>>>>>>=20>>>>>>>> Up until now I have only been using [encrypt] and [decrypt] for =fields stored in a database. I now have the need to protect some stored =pdf's. The docs mention encrypting directories and files but fall short =of syntax examples on how to do this. Is it possible to encrypt =directories and files with WebDNA's [encrypt]? If so, could someone =explain how to do so or provide syntax examples?>>>>>>>>=20>>>>>>>> Thank you,>>>>>>>> Steve>>>=20>>> --------------------------------------------------------->>> This message is sent to you because you are subscribed to>>> the mailing list .>>> To unsubscribe, E-mail to: >>> archives: http://mail.webdna.us/list/talk@webdna.us>>> Bug Reporting: support@webdna.us>>=20>> --------------------------------------------------------->> This message is sent to you because you are subscribed to>> the mailing list .>> To unsubscribe, E-mail to: >> archives: http://mail.webdna.us/list/talk@webdna.us>> Bug Reporting: support@webdna.us>=20> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> Bug Reporting: support@webdna.us
christophe.billiottet@webdna.us
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
[Capitalize] (1998)
Help name our technology! (1997)
WebCat2 Append problem (B14Macacgi) (1997)
[subtotal] and others (1997)
Next X hits (1996)
Accepting credit cards (1997)
So what ya working on? (or have you completed?) (2004)
YACBQ.....(Yet another checkbox question) (2000)
Typhoon Rev. and PCS store problems (1999)
no global [username] or [password] displayed ... (1997)
Looking for 5 to 12 shops with 3 URLs & statements (1997)
Share Bulletin Board? (1998)
OT: 128 bit Encryption (2003)
[OT] friday pics :-) (2005)
WebCat2b13MacPlugin - nested [xxx] contexts (1997)
WebDNA problem (2006)
[OT] Who's got a cool link (2002)
Problem with broken images (2004)
Help with [search] sort (2003)
URL too Long? (1997)