You mean to say that when I go in the back with my gf thinking that no one is paying attention, there's really someone in a booth somewhere watching us? Pervs!
That's only because you're secretly scarfing down bags of chips, popcorn, and assorted vending machine junk because you didn't eat anything all day and can't figure out why a zero calorie diet doesn't work...
You don't un-MD5, you MD5 on both ends. MD5 the password on the client, MD5 on the server, compare the results. The hash will have collisions so this does introduce the possibility of false positives, but that should be small and hard to predict without knowing the password for a good hash algorithm.
You can prevent replays by generating a random one time use key and using that in the MD5 hash on both ends to confirm the secrete and the random key. That way, once it has been used once it is no longer valid thus defeating the replay.
Unfortunately, the login process is only one issue. You still have to protect the session id or they can hijack that and gain access.
Silly people. How many of you would go to work if your boss decided that paying you was unnecessary and that you should learn to be less "greedy." We live in capitalistic society, if you want something you have to pay for it. The rest of you communists can go to Cuba.
You're whining. Multiple stores is good for both you and the customer. If you don't like one store then don't sell in it. Now you have options, and if options are too much for you to handle then maybe you aren't cut out for selling apps in the first place. This isn't charity, you're making money here. Do what it takes or get out of the business.
Slashdot Mirror
That's not entirely true: http://static.ddmcdn.com/gif/stryker-4.jpg
You mean to say that when I go in the back with my gf thinking that no one is paying attention, there's really someone in a booth somewhere watching us? Pervs!
That's only because you're secretly scarfing down bags of chips, popcorn, and assorted vending machine junk because you didn't eat anything all day and can't figure out why a zero calorie diet doesn't work...
I haven't even started reading the old one.
You don't un-MD5, you MD5 on both ends. MD5 the password on the client, MD5 on the server, compare the results. The hash will have collisions so this does introduce the possibility of false positives, but that should be small and hard to predict without knowing the password for a good hash algorithm.
You can prevent replays by generating a random one time use key and using that in the MD5 hash on both ends to confirm the secrete and the random key. That way, once it has been used once it is no longer valid thus defeating the replay. Unfortunately, the login process is only one issue. You still have to protect the session id or they can hijack that and gain access.
Silly people. How many of you would go to work if your boss decided that paying you was unnecessary and that you should learn to be less "greedy." We live in capitalistic society, if you want something you have to pay for it. The rest of you communists can go to Cuba.
You're whining. Multiple stores is good for both you and the customer. If you don't like one store then don't sell in it. Now you have options, and if options are too much for you to handle then maybe you aren't cut out for selling apps in the first place. This isn't charity, you're making money here. Do what it takes or get out of the business.