In article <fimtub$fia$1@rumours.uwaterloo.ca>,
<dj3vande@csclub.uwaterloo.ca.invalid> wrote:
>In article <m3k5o1w0sq.fsf@somewhere.in.california.localhost>,
>Paul Pluzhnikov  <ppluzhnikov-nsp@charter.net> wrote: 
> 
>
>If it's a key that's already base64-encoded, rot13ing just the
>base64-encoded part and not any wrappers around it would actually be a
>somewhat evil thing to do.  That would give casual snoopers something
>that looks like a well-formed key but doesn't work.
>
>
>dave
>

(Not responding to this post directly, but to the thread in general)

Speaking of low-tech solutions, why not just make the program not
readable by the client person?  I.e., make it owned by you (the
implementor) and protected something like 711.

This will certainly stop strings (which was the original point), and
probably also anything based on debugging (on any modern, properly
configured Unix or Unix-like OS).

I'm surprised no one has mentioned this yet.

[ Post a follow-up to this message ]