Comment by feoren

Comment by feoren 8 days ago

0 replies

View on Hacker News

> I'm under the impression an executable binary shouldn't be easily read to find such credentials

If the computer can read it, and you have full control of the computer, then you can read it. Physical access is game over. Even if they encrypt it and put the encryption key in an HSM (probably not possible on an arbitrary client's machine anyway), at some point the game is going to decrypt that string and put it in memory. Memory that you can read.