Re: JS and security.



"Roger" <crosseyedpenguin@xxxxxxx> wrote in message
news:3s_Re.63787$Ji4.40484@xxxxxxxxxxxxx
> Jim Davis wrote:
>
>>
>> There's no sense (although I'm willing to be conviced) in attempting to
>> address hard security issues via JavaScript. Things like data
>> encryption, key management, credential management, etc should all be
>> centralized and rigidly controlled.
>>
>
> One good use for Javascript is the encryption of passwords before they are
> sent to the server. Most users use the same passwords for multiple
> applications, so sniffing out a users password on one application may
> lessen the security on other applications the user has access to.

I can see the point... but have two issues with this:

1) Doing "good" encryption is difficult to do in script (it's slow and
they're language issues). So, for the most part it'll be weak encryption
anyway.

2) In my opinion no passwords should be sent across an open pipe anyway: SSL
should always be used. This is MUCH stronger encryption that you'd get with
script and eliminates any benefit to manually encrypting the password.

However if you're unable to use SSL then this might be a "better that
nothing" solution.

> It is better for the user's point of view to never let the host have
> access to the user's raw password. Therefore, none of the dishonest
> employees with access to the user file on the host will have access to the
> user's password.

Ah - but you're not talking about encrption here (sorry to be a jerk - this
is a pet peeve of mine). This is called "hashing".

Encyption implies that you can retrieve the data again (to be plain
encyption implies unencryption). Hashing, on the other hand, is more like a
"fingerprinting" - it's an identification technology. While a fingerprint
can be used to identify somebody it can't be used to recreate the whole
person.

For hash generation I can definately see some use for doing it on the
client-side. There are still issues. (For example hashes, especially for
small values, aren't unique - so many possible passwords could have the same
hash - any of which would work to get into the user's account.)

But there is definately some value in it, you're right.

Jim Davis


.