Anybody have good advice on the following?
If my app uses text files to implement save and load functions, how can they be protected or hidden or whatever, basically so the user cannot just go into the folder containg them and edit them, thus ruining their app, the same goes for image files used for example. How is this done usually? I understand that image files can be built into the binary as resources, but for data that needs writing to that can't be the option.
Thought for the day:FLTK: "The most fun you can have with your clothes on.""Are you sure your sanity chip is fully screwed in sir?" (Kryten)
Stroustrup:
"If I had thought of it and had some marketing sense every computer and just about any gadget would have had a little 'C++ Inside' sticker on it'"
How high do you want to raise the bar?
If someone is determined enough, they'll find a way to do it.
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
Switch to all binary files, and encrypt them. Make the sensitive files have attributes of hidden.
Not a sure cure all, but it's something to stop the merely curious.
If it's Windows you could use the relative obscurity of isolated storage.
cheers, I take it is just a case of being creative with your cunning then and there is no one typical way to do this. The binary file is an interesting one, never crossed my mind, i think that would deter most people, its not for any shady reasons as such, i just dont want it to be obvious there is a file laying around that can be fiddled with, the work is only aimed at users that just want to switch computers on and have them send their emails no questions asked etc.
Thought for the day:FLTK: "The most fun you can have with your clothes on.""Are you sure your sanity chip is fully screwed in sir?" (Kryten)
Stroustrup:
"If I had thought of it and had some marketing sense every computer and just about any gadget would have had a little 'C++ Inside' sticker on it'"
I keep all my credit card numbers, and all passwords to my bank accounts on an encrypted volume. The application I use is cheap... it used to be freeware but then got bought out by a company. The application is called DriveCrypt.
Here's how it works: You can create a small encrypted container file, or encrypt an entire hard drive (not the one your OS is on). You should be the admin on your computer. The driveCrypt app can have a password just to open the it.
When this is done, the container file (.dcv extension) cannot be erased, altered etc. I tried one time to do this, the only way to delete the .dcv container file is to check a button, to allow deletion instance of 1 time only while you are logged into you DriveCrypt program.
There are numerous powerful encryption algorithms the app lets you choose from. When you open an encrypted volume, on windows the volume will pop up just like you added a new hard drive with its own directory and label. So you can do things just like de-frag or chkdsk.
One caveat however, and it bears mentioning at least several times: If you forget or loose your password for the encrypted volume, you will loose everything. There is no backdoor for this application.
You can even create, say a 1 GB encrypted volume and save it on your thumb drive on your key chain.
You can also take an uncompressed .wav file and then create an embedded encrypted volume inside that. What this amounts to, is a CD when played in a CD player will play my favorite Mozart or Nirvana tunes, but yet if you plop the CD in my computer drive it will play the music there too. But if I open DriveCrypt and point it to my computer's cd player, I can open a SECRET encrypted file there. How it works?
Uncompressed sound .wav files has more bits - or data that the human ear does not need to utilize. So the program takes about 1/2 of those bits - truncates them - and then uses those
bits to use for an encrypted volume.
So for a standard 750 MB CD, aprox. 325 MB of data bits are available for creation of your secret encrypted volume. Imagine, for a moment, listening to the late Mr. Cobain belting out "Smells Like Teen Spirit" knowing that all of your sensitive banks accounts, etc. are embedded inside his music! Scary.
If you have large amounts of data, you can create an encrypted container the size of a DL DVD data disc. (8+ GB) and then burn each volume onto a DL DVD. The possiblities are endless.
Finally, with the utility open, you can choose to have the .dcv volume hidden. I haven't tried that. What that does, is if someone uses the explorer,
they wont see it. Period.
Windows VISTA/7 also has a utility to encrypt a folder. I have never tried it.
Again, if you forget your password, you will loose all of your data.
Last edited by Char*Pntr; 08-27-2010 at 10:54 AM. Reason: Forgot to mention hidden volumes...
You could also go for a SQLite database to store this info as well.
you can write an application agent module, similar to those used by antiviruses, media player etc. like winamp uses it's agent to maintain file association and prohibits other apps from changing it.
this module should be launched at system startup and lock the app files. and when the app is launched it can be done through a script that firsts stops the agent and then launches the app. this way if user cannot modify the file, although the OS environment configuration will matter greatly and the idea may not be entirely portable.
You could write hidden files to a secret directory (I recommend a super secret directory for maximum protectioin) in /tmp. Make sure the user knows that if the user is to edit cache data, the program will not be able to function properly.
