Re: Security - Best Encryption Tool
From: WJ (JohnWebbs_at_HotMail.Com)
Date: 06/03/04
- Next message: Alek Davis: "Re: Security - Best Encryption Tool"
- Previous message: Benjamin Fallar III: "Re: How to create COM+ object which use .NET EnterpriceServices on remote machine?"
- In reply to: Alek Davis: "Re: Security - Best Encryption Tool"
- Next in thread: Alek Davis: "Re: Security - Best Encryption Tool"
- Reply: Alek Davis: "Re: Security - Best Encryption Tool"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 3 Jun 2004 16:41:39 -0400
"Alek Davis" <alek_xDOTx_davis_xATx_intel_xDOTx_com> wrote in message
news:ObT8D1OSEHA.2408@tk2msftngp13.phx.gbl...
> Machine Store is not safe. If a hacker manages to get the WRITE access to
> any of the folders on a compromised machine, he can drop an application
> there which will decrypt any setting encrypted using DPAPI with machine
> store.
This is only possible if one uses Microsoft tool such as the "aspnet_setreg"
to store your data in the registry database. This tool is one example that
MS gave, to avoid this "problem", you will almost have to implement your own
DPAPI (modified) to store your key in other places. However that may be,
system administrator is responsible to lock his server(s) to avoid misshaps.
Cheer
John
- Next message: Alek Davis: "Re: Security - Best Encryption Tool"
- Previous message: Benjamin Fallar III: "Re: How to create COM+ object which use .NET EnterpriceServices on remote machine?"
- In reply to: Alek Davis: "Re: Security - Best Encryption Tool"
- Next in thread: Alek Davis: "Re: Security - Best Encryption Tool"
- Reply: Alek Davis: "Re: Security - Best Encryption Tool"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
