Messages

1

iCam Support / Re: Is iCam Broker Server secure? I am concerned about my user name /password !!

« on: September 29, 2009, 06:45:19 PM »

Thanks for the quick reply.  Is there a whitepaper that discusses this in more detail for those of us who need a bit more assurance that the security issues have been thoroughly hashed out (pun intended)?

For example, it sounds as if you're adding extra source to the hash for the "private" exchange.  Is this source static?  Upon what is it based?  Who knows how it's derived?

2

iCam Support / Re: Is iCam Broker Server secure? I am concerned about my user name /password !!

« on: September 29, 2009, 05:09:07 PM »

Sorry, still not getting it.  If there's no cryptographic nonce that's exchanged between the source and the icam app, and the authentication is being brokered by your servers based on a static hash of the username and password, then what's to prevent you (or someone who's compromised your server) from just replaying the hash that is sent?