Sign in to follow this  
pavel989

how do u options and settings

Recommended Posts

pavel989    114
ive been looking around for this for quite a while and i found nothing. How do programmers give the user options and settings within their applications, but make it so that they are not exposed outside of their application? Do they just encrypt settings files?

Share this post


Link to post
Share on other sites
theOcelot    498
Why not just keep the whole "settings" thing stable and robust enough that the users can even edit the config file themselves. XML might be a good idea here.

Assuming you really need to keep these settings to yourself, I guess you would just encrypt them.

Share this post


Link to post
Share on other sites
Telastyn    3777
Encryption isn't even the way. If the settings are on the machine, (and they have to be; at least in memory, or else your game/app couldn't use them at all) they're readily accessible by the user of the machine.

Share this post


Link to post
Share on other sites
Codeka    1239
There's no "way" to do it. My guess is, it might seem like a game/application has done something to "hide" the settings outside of the game itself, but in reality that's probably just a side-effect of how it's implemented.

For example, settings might be stored in a binary file.

Share this post


Link to post
Share on other sites
pavel989    114
well how about like, in an application which needs to store your password for something. Like an instant messenger, how do u block that from being known? where does it save it?


Id understand that its easier to do it from a remote system, and it would make sense that if an app is running locally, that the settings would be accessible, but about my password example?

Share this post


Link to post
Share on other sites
phresnel    953
The website clipperz.com have their user settings (i.e. passwords) in encrypted form on their servers, though only you can decrypt them with your password. If you lose your password, then your account is de facto lost, they can't decrypt them for you.

It is mostly open source, so maybe have a look, if interested (javascript).

Share this post


Link to post
Share on other sites
Telastyn    3777
Quote:
Original post by pavel989
well how about like, in an application which needs to store your password for something. Like an instant messenger, how do u block that from being known? where does it save it?


Id understand that its easier to do it from a remote system, and it would make sense that if an app is running locally, that the settings would be accessible, but about my password example?


It's stored on the system. It's probably obfuscated and (on systems with the capability) it's almost certainly set to be read only by the logged in user.

But still, easily accessed by anyone with physical access to the machine. Having a computer remember your password is convenient, but most people do disregard the trade-off.


note: this is distinctly different from the actual passwords you use to log in with; the computer doesn't remember those. The computer takes a mathematical hash (google for more info) of the password. You can't use the hash to login with, but you can verify that some password given hashes to the same result (and thus is very, very likely to be the same password the user originally gave to the system).

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this