The security open-source code #8590
Replies: 2 comments
-
THERE IS A VIDEO THAT SHOWS HOW EASY IS THAT - https://www.youtube.com/watch?v=vPgI3R1zpo0 |
Beta Was this translation helpful? Give feedback.
-
Uhhh, I am so sick of answering this question... There is no such thing as a secure way to put an API key in an application. No matter how many layers of awkwardness you put between your tokens and plain text strings, you are shipping code that knows how to unpick them. If you ignore that advice, buy into some illusion of security like pyarmor and get hacked as a result then that is entirely on you because you asked for it. If you have shipped an application with a token in it, you should consider it already breached, revoke it now, then redesign your application so that users can generate and insert their own, user-specifc API keys. |
Beta Was this translation helpful? Give feedback.
-
so today i found out about a github project named - mysterium so it a self-engineering tool for pyc and .exe(properly .exe made using pyinstaller) code, so the difference between an appropriated and well respected self-engineering tool like ghidra (I say that because to use ghidra you need to know assembly) and this repository is that it very easy. Like you dont need to know assembly to do it. And it scares me because most of my projects have in them api, tokens, password and other sensetive information and as evreyone else I'm scared to be hacked.
This is a question more to the pyinstallers devs or people that know more than I do and I want to hear you guys think and how to secure my code because if you can find this type of app on githib imagine what is hidden under out eyes.
Thanks for reading. Waiting your response :)
Beta Was this translation helpful? Give feedback.
All reactions