encrypting content in standalone stack
Moderators: FourthWorld, heatherlaine, Klaus, kevinmiller, robinmiller
-
- Posts: 40
- Joined: Thu May 17, 2018 7:32 pm
- Location: Florida, USA
encrypting content in standalone stack
It is my understanding that password protecting a stack in standalone will lock the script but not the content. Am I correct that there is no way to prevent someone from opening a stack that is part of a standalone app in the IDE?
I was thinking of having an openStack handler that looked at the environment and, if it was the IDE and the stack was in a standalone app, then quitting. I know about the environment function to tell if open in the IDE but is there some way to check the stack itself and see if it is in a standalone app deployment?
I need to be able to protect intellectual property in fields and while I can encrypt and decrypt, it sure would be nice to be able to lock the stack completely.
Does anyone have any idea how to go about this or if it is even feasible?
thanks,
mark
I was thinking of having an openStack handler that looked at the environment and, if it was the IDE and the stack was in a standalone app, then quitting. I know about the environment function to tell if open in the IDE but is there some way to check the stack itself and see if it is in a standalone app deployment?
I need to be able to protect intellectual property in fields and while I can encrypt and decrypt, it sure would be nice to be able to lock the stack completely.
Does anyone have any idea how to go about this or if it is even feasible?
thanks,
mark
Re: encrypting content in standalone stack
One possible problem I can see with your approach is "lock messages". If you are in the IDE and lock messages, then the stack won't get the openStack message. So you will need to actually encrypt the stack file itself that has your sensitive data. Then the app will need to decrypt when opening.
Another approach would be to have your stack not contain any of the actual data. Then the data could be stored however is most convenient (flat files, database, etc.) where each record/file is an encrypted blob that the application loads and decrypts as needed. In that case, having the app stack protected will give one level of security for your keys (assuming they are in the code).
Security is a big topic, so I could be missing something.
Thanks,
Brian
Another approach would be to have your stack not contain any of the actual data. Then the data could be stored however is most convenient (flat files, database, etc.) where each record/file is an encrypted blob that the application loads and decrypts as needed. In that case, having the app stack protected will give one level of security for your keys (assuming they are in the code).
Security is a big topic, so I could be missing something.
Thanks,
Brian
Brian Milby
Script Tracker https://github.com/bwmilby/scriptTracker
Script Tracker https://github.com/bwmilby/scriptTracker
-
- Posts: 40
- Joined: Thu May 17, 2018 7:32 pm
- Location: Florida, USA
Re: encrypting content in standalone stack
I misstated. I shouldn't have used "lock the script". When you password protect a stack, then a password is required to see the scripts in the IDE. What I would like is to be able to hide the field contents as well or, preferably, prevent the stack from being opened in the IDE at all if it is part of a standalone deployment.
Using an openStack to quit if in the IDE would work except I need to be able to tell if the stack is part of a standalone deployment because I want to be able to open the stack for maintenance in the IDE if it isn't a standalone. I guess I could add the openStack, build the standalone, and then delete the openStack after deployment but that's pretty kludgy.
So, I guess what I am looking for is a way to determine if a stack is part of a standalone deployment or not.
Using an openStack to quit if in the IDE would work except I need to be able to tell if the stack is part of a standalone deployment because I want to be able to open the stack for maintenance in the IDE if it isn't a standalone. I guess I could add the openStack, build the standalone, and then delete the openStack after deployment but that's pretty kludgy.
So, I guess what I am looking for is a way to determine if a stack is part of a standalone deployment or not.
-
- VIP Livecode Opensource Backer
- Posts: 9838
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: encrypting content in standalone stack
A standalone can't be opened in the IDE. Once rendered into an executable, the attachment of the engine changes the structure of the file such that the IDE won't know what to do with it.
That said, everything is hackable. Any content that can be seen can be copied. Any data in RAM can be dumped.
If your app contains truly critical data you'll want to use encryption on the data outside of the executable, requiring either a strong password to access or a private/public key pair. Even then, once decrypted it will still have the same potential vulnerabilities as anything else. Like the old saying goes, local access = root. At that level it's all about controlling physical premises.
That said, everything is hackable. Any content that can be seen can be copied. Any data in RAM can be dumped.
If your app contains truly critical data you'll want to use encryption on the data outside of the executable, requiring either a strong password to access or a private/public key pair. Even then, once decrypted it will still have the same potential vulnerabilities as anything else. Like the old saying goes, local access = root. At that level it's all about controlling physical premises.
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
Re: encrypting content in standalone stack
True enough, but if I read his sentence correctly, he may be talking about stacks included in a 'standalone deployment', not parts of the actual standalone (like the IDE is deployed). I *think* that is what he actually means, I could be wrong though
@ markhinnebusch,
Richard pretty much covered what I understand your question to be, because broadly speaking, there is no way to accomplish what your talking about due to the way computers work at the most basic levels. Otherwise, DRM schemes would not exist (which don't work either depending on the skill level of the person trying to work around them).
But I do find some of your questions interesting thought puzzles nonetheless.
I assume you have some kind of default projects folder. even If you develop across a number of machines. This *should* work if the folder has the same name regardless of machine using the environment test (if your not in the IDE, you want to skip the test).What I would like is to be able to hide the field contents as well or, preferably, prevent the stack from being opened in the IDE at all if it is part of a standalone deployment.
Code: Select all
on preOpenStack
set the itemdelimiter to "/"
// you can set as many parts of the path as you want...
// determine which Os your on, either using case or if/then...
if "/home/Desktop" is not among the items of the long name of this stack then answer "nope!"
// change answer "nope!" to close/quit stack with destroy set to true...
end preOpenStack
You could also use any number of other qualifiers as a test, I would suspect. Just keep in mind this is not going to stop anyone determined and skilled enough from doing what they want.
*Edit - I shouldn't have to add this, but I sure hope your projects folder path doesn't include "home/Desktop"
The more specific the test, the less likely it is any deployment folder would be in the same place.
-
- VIP Livecode Opensource Backer
- Posts: 9838
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: encrypting content in standalone stack
It might be. I was responding to:
...but that might mean all sorts of things. Hopefully we'll learn more when he resurfaces.a stack that is part of a standalone app
In addition to the physical structure of his deployed assets, it'll be helpful to learn just how sensitive the data is and the scenarios in which it will be used. What's needed for nuclear secrets is a bit more costly than what would be practical for protecting a pumpkin bread recipe.
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
-
- Posts: 40
- Joined: Thu May 17, 2018 7:32 pm
- Location: Florida, USA
Re: encrypting content in standalone stack
It is somewhere between nuclear secrets and pumpkin bread, LOL. It is course material. What a meant were stacks included as copy files, not actually in the executable. The idea of checking location is a great idea, but overnight I had a thought. If the malicious user turns off messages before opening the stack, would the preOpen handler ever get called? I'm starting to think that there is really no way to avoid encryption. Sigh...
Thanks for the help!
mark
Thanks for the help!
mark
-
- VIP Livecode Opensource Backer
- Posts: 9838
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: encrypting content in standalone stack
Would it be practical to store the content externally from the UI? That would give you file encryption options.
You could also do that with a stack: read a stack file as binary into memory, encrypt it, write it to disk. To read, read as binary, decrypt, and use "go stack <variablename>" to open it from RAM.
You could also do that with a stack: read a stack file as binary into memory, encrypt it, write it to disk. To read, read as binary, decrypt, and use "go stack <variablename>" to open it from RAM.
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
Re: encrypting content in standalone stack
Richard's suggestions certainly have advantages over what I suggested, although still not unbreakable, it would certainly up the skill levels needed.
-
- Posts: 40
- Joined: Thu May 17, 2018 7:32 pm
- Location: Florida, USA
Re: encrypting content in standalone stack
I really like the idea of encrypting the entire stack! Thank you! I think this is pretty much foolproof.
-
- Posts: 40
- Joined: Thu May 17, 2018 7:32 pm
- Location: Florida, USA
Re: encrypting content in standalone stack
I'm posting my solution in case someone trips across this thread.
I wrote a livecode encrypt/decrypt utility and I encrypt the stacks before putting them on my server for download. When I start my livecode program, I look for those encrypted update stacks and if they exist, I save the old encrypted copy on the local machine (for recovery, in case of error) and download the new version. I close the existing stack, decrypt the new file and reopen the stack. I then hide the stack and delete the decrypted .livecode file. In this way, the decrypted stack only exists for a brief time on the disk. When the program closes, it encrypts the new stack and saves the encrypted copy to the user's disk. In this way, no .livecode files exist on the user's machine except for a very brief time.
To round things out, when the program starts, it looks at the environment and, if in standalone, checks to see if the livecode IDE is running. If so, it throws an error message and quits. At various points in the program, that check is made again. In this way, no nefarious user with livecode installed can open the decrypted files during their brief existence.
And, of course, all of the stacks are password protected to secure the scripts.
It still isn't foolproof, but it is good enough that the intellectual property owner is satisfied.
Thanks for all of your input.
--mark
I wrote a livecode encrypt/decrypt utility and I encrypt the stacks before putting them on my server for download. When I start my livecode program, I look for those encrypted update stacks and if they exist, I save the old encrypted copy on the local machine (for recovery, in case of error) and download the new version. I close the existing stack, decrypt the new file and reopen the stack. I then hide the stack and delete the decrypted .livecode file. In this way, the decrypted stack only exists for a brief time on the disk. When the program closes, it encrypts the new stack and saves the encrypted copy to the user's disk. In this way, no .livecode files exist on the user's machine except for a very brief time.
To round things out, when the program starts, it looks at the environment and, if in standalone, checks to see if the livecode IDE is running. If so, it throws an error message and quits. At various points in the program, that check is made again. In this way, no nefarious user with livecode installed can open the decrypted files during their brief existence.
And, of course, all of the stacks are password protected to secure the scripts.
It still isn't foolproof, but it is good enough that the intellectual property owner is satisfied.
Thanks for all of your input.
--mark