Loading ...
Sorry, an error occurred while loading the content.

Re: [json] Re: JSON Obfuscation via Compression

Expand Messages
  • f3l
    http://www.west.co.tt/matt/js/redbug/redbug.html he alzo zips his source, WARNING: the demo may slow down your browser. ... -- //f3l
    Message 1 of 5 , Dec 21, 2005
    • 0 Attachment
      http://www.west.co.tt/matt/js/redbug/redbug.html
      he alzo zips his source, WARNING: the demo may slow down your browser.

      On 12/20/05, TCQ <despam2004@...> wrote:
      >
      > > Obfuscation will not give you good security. If you want security
      > for your data, then the most straightforward way is to use https for
      > your JSON requests.
      >
      > I agree and am doing the https route but since I am mostly building
      > intranet applications, I am more worried about making it easy for
      > internal users to extract information that we do not want them easy
      > access to. Eg. Customer Lists, etc.
      >
      > Being a huge fan of JavaScript application design, I love to leverage
      > JavaScript for preformance boosting by storing data in JS files and
      > using the caching of the clients browser. But, having such large lists
      > on their machine is not a smart thing to do unless you make it very
      > difficult to extract the data.
      >
      > By obfuscating the data, it will take much more than a joe user to
      > extract useful data in a timely manner. Compression is just an added
      > benefit.
      >
      > > On the other hand, compression would reduce bandwidth, and might
      > well provide a performance boost. Have a look at Dean Edwards' packer
      > > (http://dean.edwards.name/packer/) <http://dean.edwards.name/packer/%29>for a javascript compressor that
      > > provides good compression while not relying on slow javascript
      > > implementations of compression algorithms to expand again.
      >
      > Sweet. That is exactly the code I was thinking of.
      >
      > Thanks!
      >
      >
      >
      >
      > ------------------------------
      > YAHOO! GROUPS LINKS
      >
      >
      > - Visit your group "json <http://groups.yahoo.com/group/json>" on
      > the web.
      >
      > - To unsubscribe from this group, send an email to:
      > json-unsubscribe@yahoogroups.com<json-unsubscribe@yahoogroups.com?subject=Unsubscribe>
      >
      > - Your use of Yahoo! Groups is subject to the Yahoo! Terms of
      > Service <http://docs.yahoo.com/info/terms/>.
      >
      >
      > ------------------------------
      >



      --
      //f3l
      http://www.geocities.com/kyoosho/


      [Non-text portions of this message have been removed]
    • Martin Cooper
      ... This may be more than you re looking for, but you might want to take a look at Dojo ShrinkSafe: http://alex.dojotoolkit.org/shrinksafe/ -- Martin Cooper I
      Message 2 of 5 , Dec 21, 2005
      • 0 Attachment
        On 12/20/05, TCQ <despam2004@...> wrote:
        >
        > Has anybody hacked a simple zipping algorithm for JavaScript terse
        > literal constructs such as Arrays and Objects (JSON)?


        This may be more than you're looking for, but you might want to take a look
        at Dojo ShrinkSafe:

        http://alex.dojotoolkit.org/shrinksafe/

        --
        Martin Cooper


        I am doing so much data piping through these constructs and for
        > security reasons would like to obfuscate the data. A very simple zip
        > algorithm could be used to acomplish and improve performance with out
        > the IE goofienss of g-ziping.
        >
        > I am willing to pay a small performance hit client and server side for
        > this for the added data security.
        >
        > Anybody seen such a hack?
        >
        > {id:"JsD"}
        >
        >
        >
        >
        >
        >
        >
        >
        > Yahoo! Groups Links
        >
        >
        >
        >
        >
        >
        >
        >


        [Non-text portions of this message have been removed]
      Your message has been successfully submitted and would be delivered to recipients shortly.