PanoTools mailing list archive

Mailinglist:PanoTools
Sender:Fulvio Senore
Date/Time:2005-Jun-15 22:12:37
Subject:Some info. Was: Re: Re: New version of PTViewer

Thread:


PanoTools: Some info. Was: Re: Re: New version of PTViewer Fulvio Senore 2005-Jun-15 22:12:37 

Yuval Levy ha scritto:

>>I think there's a bit of confusion here, which is my fault.
>>I was asking for the docs on encryption because I already have a
>>Photoshop CS script that creates the .ptv fiels for Fulvio's PTViewer,
>>I was just asking for the docs so I could update my script to include
>>the encryption scheme.
>>
>>After thinking about my request, I realized it was a bad idea to make
>>it public because of the type of security being added.
>>
>>I don't really say more than that.
>>
>>Eric
>>    
>>
>
>Oups, sorry, I really did not see a request for the docs on encryption on the message I replied to. I must be blind.
>
>The only thing I can help you with is the old jpa jpb jpc encryption schemes from Helmut's original version.
>
>I haven't heard from Fulvio since he released 2.8beta5. I asked him for documentation and for help to split a pano into .ptv files so that I can use it for testing.
>
>Following your message I went to your site and found PTslicer. Thank you Eric! So at least the splitting problem is solved. Now I will wait for Fulvio's answer, although from the ongoing discussion we are having I am not sure about what level of encryption strength he implemented in 2.8beta5.
>
>Yuv
>  
>
I have sent the information to Eric, so he'll be able to update his 
photoshop script, and I have answered to Yuval too.

I suppose that this is the right occasion to give some info about the 
encryption level. It is not very high, but I suppose that it will be 
high enough for most users. Anyway it is reasonably high and it did not 
require too much work. For this reason I will not make public the 
details about the encryption scheme: a good hacker will still be able to 
break it, but at least he will have to work a lot more.

Basically the image is encrypted with the domain name that will serve 
it. When ptviewer loads an encrypted image it decrypts it with the 
current domain name. If the two domain names are the same the image is 
correctly decrypted. If the image is stolen the two domains are 
different so the decrypted image is garbage. Since the ptv file does not 
contain the encryption key it should not be possible to create a 
general-purpose hacked version of ptviewer that will directly show 
stolen images. The stealer would need to change the ptv file and this 
will require a rather large amount of work.

It is also possible to allow local viewing for the encrypted pano. This 
is useful if you develop a site in your local computer and then you 
deploy it to the server: You will be able to use the same image. The 
downside is that this option makes the encryption weaker, since the ptv 
file will contain the encryption key: local viewing will require it. It 
could be possible to create a hacked version of ptviewer that will be 
able to show any ptv file of this kind, even in the internet.

You will have to trade between ease of use and encryption strenght.

Fulvio Senore




 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/PanoTools/

<*> To unsubscribe from this group, send an email to:
    #removed#

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/

Next thread:

Re: A Warning - Carl von Einem - 05-06-16 10:10

Previous thread:

"Sneak preview": Subway building site Vienna - Bernhard Vogl - 05-06-15 02:05

back to search page