how do u options and settings
Author
ive been looking around for this for quite a while and i found nothing.
How do programmers give the user options and settings within their applications, but make it so that they are not exposed outside of their application?
Do they just encrypt settings files?
Why not just keep the whole "settings" thing stable and robust enough that the users can even edit the config file themselves. XML might be a good idea here.
Assuming you really need to keep these settings to yourself, I guess you would just encrypt them.
Assuming you really need to keep these settings to yourself, I guess you would just encrypt them.
Author
its not that i really wanna do it, im just interested in how you would.
but is encryption the only way?
but is encryption the only way?
Encryption isn't even the way. If the settings are on the machine, (and they have to be; at least in memory, or else your game/app couldn't use them at all) they're readily accessible by the user of the machine.
There's no "way" to do it. My guess is, it might seem like a game/application has done something to "hide" the settings outside of the game itself, but in reality that's probably just a side-effect of how it's implemented.
For example, settings might be stored in a binary file.
For example, settings might be stored in a binary file.
Author
well how about like, in an application which needs to store your password for something. Like an instant messenger, how do u block that from being known? where does it save it?
Id understand that its easier to do it from a remote system, and it would make sense that if an app is running locally, that the settings would be accessible, but about my password example?
Id understand that its easier to do it from a remote system, and it would make sense that if an app is running locally, that the settings would be accessible, but about my password example?
The website clipperz.com have their user settings (i.e. passwords) in encrypted form on their servers, though only you can decrypt them with your password. If you lose your password, then your account is de facto lost, they can't decrypt them for you.
It is mostly open source, so maybe have a look, if interested (javascript).
It is mostly open source, so maybe have a look, if interested (javascript).
Quote:Original post by pavel989
well how about like, in an application which needs to store your password for something. Like an instant messenger, how do u block that from being known? where does it save it?
Id understand that its easier to do it from a remote system, and it would make sense that if an app is running locally, that the settings would be accessible, but about my password example?
It's stored on the system. It's probably obfuscated and (on systems with the capability) it's almost certainly set to be read only by the logged in user.
But still, easily accessed by anyone with physical access to the machine. Having a computer remember your password is convenient, but most people do disregard the trade-off.
note: this is distinctly different from the actual passwords you use to log in with; the computer doesn't remember those. The computer takes a mathematical hash (google for more info) of the password. You can't use the hash to login with, but you can verify that some password given hashes to the same result (and thus is very, very likely to be the same password the user originally gave to the system).
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
