RE: [Algorithms] Message signature in token ring
Brought to you by:
vexxed72
Menu
▾
▴
RE: [Algorithms] Message signature in token ring
|
From: Aaron N. <ani...@mi...> - 2003-04-16 18:22:21
|
All I can say is please reconsider rolling your own security layer. Regardless of how much you study before you start or how many people you recruit to test it, you can't hope to approach the security that comes from a well-established security API, namely: 1) An experienced crew of crypto developers 2) An experienced security test team 3) Years of hack attempts, testing, and fixes to improve the system 4) Extensive review of the architecture and implementation 5) Ongoing support and fixes for problems found after the fact Without this kind of backing, any security you have is more by coincidence than by design. You may be an experienced coder and may come up with good algorithms, but all it takes is one slip-up (buffer overrun, unchecked input, weak algorithm, faulty assumption, etc...) to bring the whole house of cards down. Writing a security layer is a fun learning task for a hobbyist, but doing it in a professional project can be suicidal, especially if you aren't already an expert on the subject. Aaron Nicholls -----Original Message----- From: phi...@pl... [mailto:phi...@pl...]=20 Sent: Wednesday, April 16, 2003 9:11 AM To: gda...@li... Subject: RE: [Algorithms] Message signature in token ring > >1) You can't proof or verify code you have only in binary form, > No offense, but given that you are not a security expert, you probably couldn't prove/verify code you saw in source form. You could subcontract someone (or if you're truly paranoid, several different unconnected people) who was. Cost would probably disappear relative to the development and running costs of an MMORPG. Especially one that you're that paranoid about people hacking. Cheers, Phil ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ GDAlgorithms-list mailing list GDA...@li... https://lists.sourceforge.net/lists/listinfo/gdalgorithms-list Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=3D6188 |
