use Perl

• I don't think that serial numbers would help. (Score:2)

  by Ovid (2709)

  And merlyn writes: If Netscape had only embedded a unique serial number in each browser, and not invented cookies, people would have done The Right Thing. {sigh}

  While that's an interesting idea, I see a couple of problems. The big one is obvious: everyone is going to scream about their privacy and they would be right. Can you imagine the field day that spammers would have once they realized they could map the serial number to a set of preferences and a name? Our government has made it clear that the
  • Re:I don't think that serial numbers would help. (Score:1)

    by brentdax (2147) on 2002.12.22 14:06 (#15583) Homepage Journal

    It can be done safely if one is careful to embed some sort of anti-tampering device (like a MD5 hash), but despite having heard of that, I've never seen it actually done.

    So then a clever hacker will just MD5 the new price. That worked well. :^)

    The bottom line is that you have to have some of the data be held in a trusted store, so you might as well avoid the need for checking for tampering by just using a product ID of some sort.

    Reply to This

    Parent

    • Re:I don't think that serial numbers would help. (Score:2)

      by Ovid (2709)

      The MD5 hash works by having a secret key of data kept on the server. The hidden fields are used with the secret key to ensure that creating a new MD5 hash is non-trivial. The hacker would likely be forced to brute force the key. This would be more difficult than a typical crack because there could be many hidden fields and the attacker would have to try different combinations of them. That, combined with a random enough secret key would make the MD5 hash relatively secure. I guess I should have mentio