Securing Purchased Dashboard Widgets
Published by ColourMod July 19th, 2005 in UncategorizedThe biggest setback to the commercialization of Dashboard Widgets is securing a Widget so that it can’t be hacked. It is a relatively simple process to setup database verification of a Key or Username and Password provided by the user. The only problem, the files can be modified so that it skips the verification process altogether. The widgets that I’ve seen (I won’t mention what ones), requiring a Username and Password given at registration, can be easily modified to skip verification. This is assuming you know what you are doing.
While the average user who doesn’t know Javascript might never hack a widget to bypass authentication, others might, and this bothers me. So what can Widget developers do who don’t want their widgets hacked and modified? I’m not sure at this point what the solution. If anyone out there knows how to do this let me know.
2 Responses to “Securing Purchased Dashboard Widgets”
- 1 Trackback on Apr 9th, 2008 at 8:17 pm
Who can help me with .httpaccess ?
where i can fined full information about .httpaccess file syntaxis?