Open maximusvladimir opened 11 years ago
Data is now encrypted, but keys are static. Keys should be generated in runtime.
Obviously this is not a priority.
Can this be pushed back since there is more important things to do? This can be taken care of post launch.
Added some cryptography helpers recently.
Removed milestone.
Currently, the data is streamlined directly through unsecured connections, potentially allowing data to be compromised. This could allow modifications and changes to data en-route, thus would allow rigging of the game.
The proposed solution would be to take advantage of
OSUtil.java
and generate a key using enigma methods. This fix should be permissible for the current time frame, as it will allow data to be secured as it is in transfer.(Pardon my outlandish language, as I have been listening to symphony.)