Hi Christof,

Perhaps you could add a comment to the WISH item for native table encryption?

>Hi Alex,
>
>well, security is a topic that seems to have same appeal to FoxPro developers as writing a device driver. *g*
>
>However, it's an increasingly important topic. Customers demand more security (without paying more, of course). Computers are more and more connected making even more application subject to an attack. VFP is - compared to other tools - unsecure in its default settings, because it is so flexible.
>
>What sense does it make to encrypt tables and modify the EXE with all kind of encryption/compression tools if it's so easy to run FXP code inside that EXE which then can access all tables, copy all VCX files out of the system datasession, collect passwords or perform a memory dump? What good is encryption for if a weak password protects a small table like the user login table. Everyone could copy it on a disk and run a brute-force attack against it at home. If the password never changes it doesn't matter if it takes a few months. Why would someone spend a lot of time to protect data in tables and then do a MODIFY REPORT? Try this in VFP 7 or older: Create an EXE that contains a VCX and put MODIFY REPORT into the main program. Build the EXE and protect it with your favorite tool. Copy the EXE into a different directory and execute it, right click, select "Data environment", right click, select "Add...". In the open table dialog enter the name of the VCX file you included into the EXE
>with the ".vcx" extension - ignoring the fact that it's not listed in the current directory - and see what has been added to the data environment.
>
>What would happen to a consultant who believed in data and code encryption and signed that his application is "secure"? I certainly wouldn't want to be in that situation, especially not in the US with its strange (well, for Europeans, anyway) liability laws. I think it's important to raise the awareness of security issues within the VFP community. I talked about this at DevCon in Frankfurt and from the reaction of the audience it was pretty clear that this wasn't a topic many thought that much about before.
>
>--
>Christof