FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Unzip password-protected ZIP file in RAM?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Unzip password-protected ZIP file in RAM? [message #183452 is a reply to message #183450] Fri, 25 October 2013 19:30 Go to previous messageGo to previous message
The Natural Philosoph is currently offline  The Natural Philosoph
Messages: 993
Registered: September 2010
Karma:
Senior Member
On 25/10/13 18:18, Robert Heller wrote:
> At Fri, 25 Oct 2013 14:51:38 +0200 Gilles <nospam(at)nospam(dot)com> wrote:
>
>>
>> Hello
>>
>> This is a newbie question.
>>
>> While travelling, I keep an .htaccess-protected text files with
>> e-mails/passwords, credit card numbers, etc.
>
> You really don't want to do this!

Indeed. te way I did this on a laptop which given where we were
operating was very vulnerable to theft, as to used a USB pen drive,
which was only inserted in the laptop when it was fully attended.

The data in the drive (it as a mySQL database) was encrypted using an
mysql encryption function -AES_ENCYPT('data','key') - and the key was in
the actual PHP code on the laptop hard drive.


that meant that the data was secure if the pen drive was lost, and the
computer didn't have the data on it anyway, although it had the means to
decrypt it.

what it did mean that the loss of other the pen drive or the laptop was
no big deal. the sort of thieves would be likely to be uninterested in
the data anyway, and it wouldn't look like 'windows' anyway so they
would probably wipe it.

The pen drive was formatted EXT2 IIRC so didn't read in a windows
machine anyway.

So it would take a criminal linux hacker to discover the data, which
wasn't named in an obvious way, and the laptop as well, or a knowledge
of what algo was in use, and a lot of patience to get the data back.

So that's what I would do: format a USB stick pen drive with a Linux
format (assuming you are using linux) and set up an instance of apache
on the lappie to serve internally via php the contents of an encrypted
DB on the USB stick pen drive.

Always remove the pen drive after use.



>
>>
>> To make it more secure, I was thinking of compressing the file as a
>> password-protected ZIP file, and access it through a PHP script that
>> would unzip it in RAM and display the contents, so that a clear text
>> version is no longer necessary.
>
> This probably not really much better.
>
>>
>> What do you think? Can PHP do this?
>>
>> It's 5.3.13 running on a hosted *nix server.
>>
>> Thank you.
>>
>


--
Ineptocracy

(in-ep-toc’-ra-cy) – a system of government where the least capable to
lead are elected by the least capable of producing, and where the
members of society least likely to sustain themselves or succeed, are
rewarded with goods and services paid for by the confiscated wealth of a
diminishing number of producers.
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: i have a idea and i want to make it work with just another video script "javs"
Next Topic: splitting list into columns
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sun Nov 10 05:03:33 GMT 2024

Total time taken to generate the page: 0.04598 seconds