![]() There's still a possibility that the response can be stolen and used to activate additional installs without authentication, but this can only be done by someone who could validly authenticate at least once. Really, you'd need some vital function in your program to not be included in the installer, but downloaded as part of the authentication process (then the server can choose not to send it if authentication fails). A public key stored in your application binary can be overwritten, or the authentication code can be bypassed completely. ![]() ![]() There are ways to accomplish that, but protecting source code is not one of them. And when you do use onion routing, the destination IP address won't even appear in your source code, only some cookie that is meaningful only to the next-hop onion router, so obfuscating source code becomes a non-issue.ĮDIT: Based on comments, it's now clear that what's wanted is verification of the identity of the remote computer sending a response. Hiding the address in your source code is the least of your worries. ![]() Hiding the peer IP address of a connection is a big area of interest and leads to techniques such as onion routing. Security through obscurity is very weak to begin with, and the IP address you're connecting to doesn't just show up in your source code, but in outgoing packets, firewall logs, connection tables, packet captures, etc. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
May 2023
Categories |