Yea I know all that.
This is specifically something for SDs and many APPs can run without any security keys needed. So if we can have SD accessed with the credentials derived outside of the APPâs code, then a whole lot more APPs can run without having to worry about losing info.
Lets face it, all the good APPs will be open sourced and no security info needed, since the APP will mostly act as an agent for the user and thus it is the users credentials being used. The malicious user already knows those credentials since they belong to them.
I think it would be bad programming practice to have security keys in an APP that is either Open Sourced or runs purely on the users PC.
I give it 1 day from release before the security info is extracted for every significant APP publicised. I base that on the current state of affairs. Hell the Chinese would probably have them in 1 hour if they thought it worthwhile.
There is a reason on shared computer systems that the Operating system segments its operations from the user code.
BUT you give me a great idea for APPs on SAFE. A secure data object (or many) that holds security keys etc, that can be indexed by the APP but not read by the APP/user. So the APP does
- asks the system to create/update a SD and gives the index to the SD credentials to the network, rather than credentials
- This special securedata object is tried to the specific copy of the APP. Since the APP is stored in immutable chunks the network has a one-to-one connection between special securedata object and the specific (copy/version of) APP
SO now the only hole to plug is an injection attack where a more capable cracker can inject code into the APP. Once that is solved then we can have similar operations to server-client databases without the server at all.
I am sure that crypto can solve even the injection attack [quote=âcretz, post:53, topic:8294â]
Are you saying that itâs ok for the maidsafe-built software to store this stuff in mem but not other apps?
[/quote]
I am not even implying that âstore this stuff in memâ But a mechanism that allows a APP to be totally open sourced but also have secure credentials that cannot be found by looking at code or memory or asking SAFE.
Impersonating Apps in SAFE is not possible, since the APP is stored on SAFE immutably, SAFE can set a one-to-one relationship between APP and its meta-data.
The only problem to solve then would be to detect if the APP is modified on the userâs machine (code injection attack). I am sure/hopeful crypto could come to the rescue somehow, because we have the userâs group to help there. Even a double variable salted checksum of the code can help detect code changes, but I am wondering if this has even been considered yet. APPs are very important and the security of SDs equally important. Otherwise every SD operated on will have to be owned by the user and transferred to the other and this eliminates real-time updates and only delayed-time updates applications by reverting back to servers and server-client operations