www.perl2exe.com John Hanna wrote: > > Hi. Let's assume someone wrote a perl script that figured out how to make a > lot of money on the stock market, but that they wanted to protect the script > because if others began using it, it would dimish its returns. The new > millionaire would want to protect her creation, but it has to run on a > computer with access to the internet. She puts it on a box which she tries > to keep patched, it's behind a firewall, and only root has access to the > scripts. The scripts need to run unattended, and the system needs to boot > unattended. She fears two things: a remote root vulnerability, and that > someone would physically walk off with the box. > > My impression is that under these conditions, besides vigilance, limiting > running processes, working on physical security, keeping up on patches, > possibly some sort of IDS -- there really isn't anything she can do to > protect the source. If it's booting unattended, and running scripts > unattended there's no sort of crypto strategy that could protect either > against an intruder with root access or physical access to the hard drive. > > What do you think? > John
This archive was generated by hypermail 2b30 : Fri Jan 24 2003 - 12:29:28 PST