HBCI data structures and Gnucash
Derek Atkins
derek@ihtfp.com
16 May 2002 09:44:33 -0400
Darius Powell <dariusp@ot.com.au> writes:
> Of course you should be able to request a download and supply the
> password which is not remembered.
>
> As for automatic downloads the password needs to be stored somehow and
> should probably be encrypted.
This is just a Bad Idea (TM). Sure, the password is encrypted while
it's stored, but where do you store the key that encrypts the
password? In _ANY_ batch system that requires encryption you _MUST_
store some key in plain text where the application can receive it.
> I haven't thought about this area in enough detail yet as it no doubt
> requires a large amount of thought.
I've been thinking of these issues (well, the security issues) for the past
15 years. You don't want to go there.
Personally, I don't really see the point of "automatic" transaction
retreival. Why can't you just connect to the bank when you start up
Gnucash? This is most certainly a required function anyway, because
sometimes users don't have control over the machines they use (for
exacmple in distributed computing environments, where cluster machines
are available for anyone to use at any time).
IMHO, all data transfers should be pushed/pulled at user-request. If
the user wants to setup a cron job to do it on their own, that's fine
-- that's at "user request". The point being at _most_ you'd want a
gnucash command-line option to pull down transactions, but you don't
want a separate standalone process.
-derek
--
Derek Atkins
Computer and Internet Security Consultant
derek@ihtfp.com www.ihtfp.com