16 replies to this topic

[wilcomega]

i would love to see something that we can encrypt or protect our files with a password. but they would stilll be runable. that is why i like java. you can only get the source code if its public or if you ask the developer. or have cheaty tools but i dont really like the idea of ppl just looking in my files. i know this is one big open community but still. i have seen a few programs here that were stolen.only like 20 lines were changed.

thx for reading

[Cranium]

Well, I know for sure that this is not going to happen for one main reason. YOU CAN DO IT YOURSELF. There are so many encryption methods out there, and several have been implemented in ComputerCraft already. If you want some way to protect your files, don't put something on there that you don't want someone seeing. Default encryption is just not happening.

[Cloudy]

In order to run the file it would have to be decrypted anyway - so not really possible.

[zekesonxx]

I don't think you understand just how much complicity is in encryption.

Lua is barely capable (if even!) of doing this, it would literally take months and then more.

[Cranium]

I'm well aware of the complexity of encryption. That's why it's used so much to make files secure. I don't believe that Cloudy or Dan will add something in that hardly anyone has a reason to use.

[immibis]

It's not possible to stop people decrypting your files while still being able to run them. Why? Simply because CC has to decrypt them to run them, so whatever CC does, someone can write a program to mimic it.

Also encryption isn't necessarily slow, even in CC. RC4 comes to mind.

[PixelToast]

i made this already
http://pastebin.com/Q20qiLbz
has a critical weakness (find it and you get a cookie :3) (and a fixed version)

basically just encrypts all folders and puts it into one file and sets startup, preventing people from getting in and deleting your shtuff

[martin509]

Well, outside of CC someone could set files to read-only.
That's more of an OS thing, though. I don't think this is feasible at all.
Also, about Java.
Java programs have to get compiled into Assembly and made into a exe for other users to edit them.
Unless they know assembly.
Java doesn't encrypt, it obfuscates.
Just wanted to let you know.

[Pinkishu]

immibis, on 02 March 2013 - 11:54 PM, said:

It's not possible to stop people decrypting your files while still being able to run them. Why? Simply because CC has to decrypt them to run them, so whatever CC does, someone can write a program to mimic it.

Also encryption isn't necessarily slow, even in CC. RC4 comes to mind.

technically its possible using a passworded encryption, but then the user would have to input passwords to start the PC or run files :3

[Cloudy]

martin509, on 03 March 2013 - 02:40 AM, said:

Well, outside of CC someone could set files to read-only.
That's more of an OS thing, though. I don't think this is feasible at all.
Also, about Java.
Java programs have to get compiled into Assembly and made into a exe for other users to edit them.
Unless they know assembly.
Java doesn't encrypt, it obfuscates.
Just wanted to let you know.

Compilation != obfuscation.

[immibis]

martin509, on 03 March 2013 - 02:40 AM, said:

Well, outside of CC someone could set files to read-only.
That's more of an OS thing, though. I don't think this is feasible at all.
Also, about Java.
Java programs have to get compiled into Assembly and made into a exe for other users to edit them.
Unless they know assembly.
Java doesn't encrypt, it obfuscates.
Just wanted to let you know.

I thought the point was to stop people reading it. Setting it to read-only doesn't help that.
Java is compiled into Java bytecode, and it's possible to decompile the bytecode or read it directly (after translating it into a human-readable form). It's compiled for efficiency reasons, not security. No matter what you do to the program, a sufficiently determined person can always reverse it.

Pinkishu, on 03 March 2013 - 02:42 AM, said:

technically its possible using a passworded encryption, but then the user would have to input passwords to start the PC or run files :3

But if the user has the password, they can decrypt it.

[immibis]

PixelToast, on 03 March 2013 - 02:22 AM, said:

i made this already
http://pastebin.com/Q20qiLbz
has a critical weakness (find it and you get a cookie :3) (and a fixed version)

basically just encrypts all folders and puts it into one file and sets startup, preventing people from getting in and deleting your shtuff

Is the critical weakness that it doesn't actually delete the files, so you can just boot from a startup disk and access them?

Edit: It doesn't seem to actually encrypt anything, it just creates a startup program that requires a password.
Edit 2: Apparently because / is read-only... after making your program ignore that, it does actually delete the files and does actually encrypt them.

Edit 3: Now it scans the files properly, deletes them all (including startup, itself and apis/enc), then crashes without any error message (probably too long without yielding) during genkey, because this code:

for l1=1,len do
	local num=math.random(1,len)
	while tKeys[num] do
		num=math.random(1,len)
	end
	tKeys[num]=true

is about the slowest way possible to randomly order a list of numbers.

Then I discovered your encryption algorithm, which relies heavily on table.insert, simply doesn't work on large amounts of data, because table.insert gets slower as the list gets bigger - it's O(n) per insert or O(n^2) overall. Then I didn't really have a choice but to encrypt less data - I originally used 3 copies of 'adventure', then lowered it to 1.

Edit 4: Decryption doesn't work, using startup program it creates. "startup:223: bad argument #1 to pairs (table expected, got string)"

[Pharap]

martin509, on 03 March 2013 - 02:40 AM, said:

Well, outside of CC someone could set files to read-only.
That's more of an OS thing, though. I don't think this is feasible at all.
Also, about Java.
Java programs have to get compiled into Assembly and made into a exe for other users to edit them.
Unless they know assembly.
Java doesn't encrypt, it obfuscates.
Just wanted to let you know.

Java doesn't compile to assembly, it compiles to bytecode - hence how it can be so portable.
The JVM is the part that gets turned into machine code, it runs the bytecode as it goes along, and assuming it does a proper JIT system, it should recognise what lines are used most and then cache the machine code so it compiles parts to machine code when it knows they work.
Also, Java generally outputs jars, not exes, though it does generally depend on your compiler settings.

wilcomega, on 02 March 2013 - 02:47 AM, said:

i would love to see something that we can encrypt or protect our files with a password. but they would stilll be runable. that is why i like java. you can only get the source code if its public or if you ask the developer. or have cheaty tools but i dont really like the idea of ppl just looking in my files. i know this is one big open community but still. i have seen a few programs here that were stolen.only like 20 lines were changed.

thx for reading

Useful trivia - lua does compile to bytecode just like java, but saving it to file is more tricky than you'd expect. It's not just as simple as writing a string to file, and even then it's easy to make out bits and pieces, particularly strings.
So what you're talking about is doable, but not exactly fun to write.

[PixelToast]

immibis, on 03 March 2013 - 02:03 PM, said:

-snip-

o.o
didnt realize that version had so many bugs
ill update it to the newest version

[Shnupbups]

Cloudy, on 03 March 2013 - 03:37 AM, said:

Compilation != obfuscation.

I believe you mean ~= . We are using Lua here!

Yay I corrected Cloudy!

[Tiin57]

Shnupbups100, on 11 March 2013 - 11:31 PM, said:

Cloudy, on 03 March 2013 - 03:37 AM, said:

Compilation != obfuscation.

I believe you mean ~= . We are using Lua here!

Yay I corrected Cloudy!

Don't be an ass. A conversation about Java warrants Java syntax.

[Lyqyd]

Locked.