Friday, October 10, 2008

Obfuscate your code to protect software

Sometimes you want to obfuscate your code to protect your software, for example, protecting the serial number in your software. If you are using something like:

if (registrykey !=”3F5HFA43...”)

{

showDialogue(“wrong serial number”);

}

The cracker can find your serial number “3F5HFA43....” easily. An idea is to hide the data into algorithm, for example, the algorithm to search path in the maze:

If (registrykey!=mazPathFind())

//…

This will make the cracking harder.

Posted by at No comments:

IE6 and IE7 bug for Proxy NTLM authentication

We are using Squid as a proxy with NTLM authentication. There is a web site send 10K-100K POST requests for each page load. The IE6 and IE7 intermittently have the difficulties to load these pages. The further investigation shows some misbehavior of the IE. When the browser received “407 authentication Required” from the proxy, they should always send the request again. But that is not always happening in IE6 and IE7.
Posted by at No comments:

Thursday, September 25, 2008

Digest authentication in IE6

In HTTP Digest Authentication, the request can carry the Digest authentication header. So it do not need to have round trip latency and should be fast. However, in IE6, the request does not send the header until it receives the Authentication required reply from the server. So for each request, it has to communicate the server twice.

We did not see this problem in IE7 and firefox
Posted by at No comments:
Subscribe to: Posts (Atom)