I know of a simple way to run external Activ scripts without risking computer security. This method could be applied to older versions of Activ E-Book Compiler, but the beta 5.0 series provides you with new "GoSub" routines which would make it easier to do.
The general idea is not to "block" all external Activ scripts (as some want you to do) but to put a unique "security code" in each one of them ! And that's easy enough -- with some basic knowledge.
First, select the non-variable part of your external script (i.e. words that won't change). You can then, for example, write a small internal FILEREAD string-handling script that checks the external script for the third character in the first line ( a letter "t" perhaps) and the twelfth character in the second line (maybe a "g" is expected this time) and so on... It finally compares the total word count of the external script with the known one.
Only if those values match will the external script finally be executed. That way, no one can attack your ebook with a malicious external script because they won't know what you initially chose to validate your ebook script security. Appending extra code to your otherwise intact external script won't work either - because that would exceed the total word count and fail validation.
GoSub routines could perform various security checks to a number of external Activ scripts.
Ebook Friends, for the freedom of thought, don't disable you E-Books... Make them better !!
Posted on: 8:45 pm on April 29, 2010
fkapnist
You might be asking: But what if I want to distribute external Activ scripts to "trusted users" who can modify the scripts to match their local system configurations? No problem. Decide how many lines of code you will permit trusted users to insert into the script. You will leave XX (dummy padding) at the bottom of your script for this - lines for trusted users to fill in. Then, instead of a word count, a total line count is performed with the above-mentioned validation checks. That way, you know the script is authentically yours and that your registered users can add the number of lines of code to it that you will allow.
Wouldn't it be cool to see a feature like this built into the next Activ Complier? Just paste your external script codes into a text box. Click a button and the script validation routines are set automatically. Decide if the script will be distributed to trusted users, select the number of code lines they can add, and presto - you're done!
With any business, it is up to the individual owner of said business to ensure the success of the business. You may make more or less than any sample figures or results that might be quoted on our web sites or other publications. All business involves risk, and many businesses do not succeed. Further, Answers 2000 Limited does NOT represent that any particular individual or business is typical, or that any results or experiences achieved by any particular individual/business is necessarily typical.
Disclosure:
Our company's websites' content (including this website's content) includes advertisements for
our own company's websites, products, and services,
and for other organization's websites, products, and services.
In the case of links to other organization's websites,
our company may receive a payment, (1) if you purchase products or services,
or (2) if you sign-up for third party offers, after following links from this website.
Unless specifically otherwise stated, information about other organization's products and services,
is based on information provided by that organization,
the product/service vendor, and/or publicly available information - and should
not be taken to mean that we have used the product/service in question.
Additionally, our company's websites contain some adverts which we are paid
to display, but whose content is not selected by us, such as Google AdSense ads. For more
detailed information, please see Advertising/Endorsements Disclosures
Our sites use cookies, some of which may already be set on your computer. Use of our site
constitutes consent for this. For details, please see Privacy.
Click privacy for information about our company's privacy, data collection and data retention policies, and your rights.
