[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: EasyLanguage verfying DLL identity



PureBytes Links

Trading Reference Links

...

> The problem I see is that the ELS code has no means by which to
> verify and trust the DLL.  Regardless of the strength of the key
> encryption a clever programmer could simply subvert the system by
> creating an impostor DLL which always grants access.
> 
> Figuring there's not much new under the sun I suspect the problem has
> been faced and solved in another domain.  If so, any pointers or
> suggestions would be appreciated.

Several folks have suggested moving the critical logic from the ELS
into the DLL.  I've considered that but given a potentially large #
of systems involved it may not be feasible.  It's a good suggestion
though - it confirms what I had given some thought to :-).

Cheers,
Brendan
---
Brendan B. Boerner
brendan@xxxxxxxxxxxxxx
Karakhorum Ventures, Inc.
www.Karakhorum.com