3

When a compiled .exe file is opened in notepad all of the string values are visible as plain text, there is a space between each letter but easy for anyone to read. This is the same not just for string objects but any object that has data inside quotes. My current method for securing this data is to put an encrypted string for the visible value and decrypt it upon use. However this still leaves the encrypted text visible in notepad along with its decryption key, leaving it a vulnerability to an attacker with persistence.

Is there a better way to hide this data? How can I make the .exe file have no, or very limited, readable text when opened in notepad?

DrPopTart
  • 111
  • 1
  • 8
  • 3
    If your program can read it, so can a determined hacker. – spender Mar 04 '13 at 17:03
  • What @spender said - if code is executing on a computer, a determined hacker can listen in on what it is doing. There are various ways of obfuscating/hiding values like this, but none of them are 100% foolproof. – JerKimball Mar 04 '13 at 17:06
  • Why exactly are you worried about the values within a textbox being visible? – Security Hound Mar 04 '13 at 17:16
  • You can only obfuscate this information. Since your program will always need the key to decrypt this data, you need to store the key somewhere, being accessible for the app, so it will be accessible for possible hackers and hence not be really secure. – Matt Mar 04 '13 at 17:17

0 Answers0