[sword-devel] encryption and integrity checking.

Ben Morgan benpmorgan at gmail.com
Wed Mar 11 05:23:50 MST 2009

On 11/03/2009, Peter von Kaehne <refdoc at gmx.net> wrote:
> One of the problems which has come up again and again when discussing
> with publishers has been the worry that texts which are released to
> CrossWire become an easy target for abuse - either commercial abuse with
> texts of some commercial importance or, more worrying to me at least -
> manipulation of texts by cults and other entities.

This problem is understandable, but (to my way of thinking) unavoidable.

What possible solutions could we offer to provide text encryption and
> integrity checking in a plausible way which would not violate GPL and
> goes beyond our current practice of simply incorporating a key into the
> conf files?

You can't stop it (this is a non-expert view). Anyone can make their own
frontend and pull out the text, really. At least some form of cipher
protection is provided - unlike some other bible software's module

Some things that could affect the ease of copying:
We could put the key elsewhere. Then copying the module wouldn't copy the
Not allow use of certain utilities (mod2imp, etc.) on modules with cipherkey
Generate a module for each user with a different cipherkey, then you may be
able to track where a text came from.

But these won't keep out a persitent user.

This is a serious and important question. I am aware of several texts
> which we did not get or where people hesitate because this is not
> possible right now.

I understand that publishers view this as important, but hiding the
encryption procedure is about the only approach I can think of - and not all
that good in an opensource library. Maybe we can just point out flaws in
other technologies to "reassure" the publishers... ;)

God Bless,
Multitudes, multitudes,
    in the valley of decision!
For the day of the LORD is near
    in the valley of decision.

Giôên 3:14 (ESV)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.crosswire.org/pipermail/sword-devel/attachments/20090311/22bb40dd/attachment-0001.html>

More information about the sword-devel mailing list