[JDEV] Encrypting logs

Thomas Parslow (PatRat) patrat at rat-software.com
Mon Sep 3 08:49:04 CDT 2001


I'm going to be adding logging functionality to my client but I'm a
bit uncomfortable about storing it in plain text by default.

One way I though of doing things was to encrypt it all using the users
jabber password, this would work fine until the user decided to change
they're password using a different client...

Maybe I could use a password stored in private XML storage on the
server, the password could itself be encrypted using a locally stored
password, thus an attacker would need access to both the users machine
and the users Jabber account in order to decrypt they're log files.

Does any one have any thoughts on this or has anyone found a good way
of doing it?

Thomas Parslow (PatRat) ICQ #:26359483
Rat Software
Please leave quoted text in place when replying

More information about the JDev mailing list