Luke Posted April 4, 2016 Report Share Posted April 4, 2016 Hello everyone! I'm in the process of developing and beta testing simFDR, which is a new flight data recorder for Flight Simulator as well as a cloud logbook service. It's based around the code that Delta Virtual and Air France / KLM Virtual have used for over a decade. It's a really, really good, high-fidelity flight data recorder for flight simulation. While our mission is centered around logging every flight in every aircraft (not just for Virtual Airlines) we do have an extensive VA integration API. You can read about it here: https://www.simfdr.com/va_api.do Would anyone be interested in writing a VA plugin that handles these four web services for phpVMS? I believe simFDR offers radically better flight data fidelity than any other recorder or ACARS package out there, and this would be a great addition to a VA. While simFDR is intended to be commercial product, my goal is to make it free for Virtual Airlines to use. Of course, any feedback suggestions or ideas are always welcome. Cheers! Luke 1 Quote Link to comment Share on other sites More sharing options...
magicflyer Posted April 5, 2016 Report Share Posted April 5, 2016 I noticed you do use MD5 as a hash function for user authentication. Be sure to read about the security vulnerabilities(It's the first article I could find about the topic) associated with MD5 function. Other than, this looks promising. Best of luck, again. Quote Link to comment Share on other sites More sharing options...
Luke Posted April 7, 2016 Author Report Share Posted April 7, 2016 I noticed you do use MD5 as a hash function for user authentication. This is incorrect - I don't use MD5 in authentication at all. Virtual Airlines can provide us a list of their users' email address, which are hashed using an algorithm of their choice. While MD5 is an option, it's not the only one. This is only used when linking a simFDR account to a virtual airline ID and is a way of providing some mechanism of privacy. Worst case, even if someone gets the data and reverse engineers the hash, they get an e-mail address. Our own authentication schemes are proprietary, but involve a combination of 2048-bit RSA keys, AES encryption and 256-bit SHA hashes. Other than, this looks promising. Best of luck, again. Thanks! Luke Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.