[–] shmapf 10y ago ↗ Is it me or is the page being served over an unencrypted channel a gaping security hole?I presume it encrypts on the client side, but whats to stop a man in the middle swapping the javascript so it sends the attacker your files? [–] elix0rmelt 10y ago ↗ https://zipit.io/ [–] elix0rmelt 10y ago ↗ They should disable the http version. [–] colept 10y ago ↗ Yes thank you, I should have taken care of this sooner.It now force redirects, hats off to CloudFlare for being free SSL provider.
[–] elix0rmelt 10y ago ↗ https://zipit.io/ [–] elix0rmelt 10y ago ↗ They should disable the http version.
[–] colept 10y ago ↗ Yes thank you, I should have taken care of this sooner.It now force redirects, hats off to CloudFlare for being free SSL provider.
[–] ToastyMallows 10y ago ↗ Is this open source? The JavaScript that encrypts the file (sjcl.js) is minified and I don't feel like spending hours trying to figure out what it does. Is this a JavaScript library that was reused from somewhere? [–] tstiegler 10y ago ↗ It's SJCL, a pretty popular JS crypto library.https://crypto.stanford.edu/sjcl/ [–] ToastyMallows 10y ago ↗ Nice! Thanks for this.Having a file encrpyt to an HTML file is pretty interesting, something I've never considered before. Very portable. [–] srpeck 10y ago ↗ I really like the portability and accessibility of HTML files, especially as very thin local apps.Here is one of my projects playing with that concept: https://github.com/srpeck/markdowned
[–] tstiegler 10y ago ↗ It's SJCL, a pretty popular JS crypto library.https://crypto.stanford.edu/sjcl/ [–] ToastyMallows 10y ago ↗ Nice! Thanks for this.Having a file encrpyt to an HTML file is pretty interesting, something I've never considered before. Very portable. [–] srpeck 10y ago ↗ I really like the portability and accessibility of HTML files, especially as very thin local apps.Here is one of my projects playing with that concept: https://github.com/srpeck/markdowned
[–] ToastyMallows 10y ago ↗ Nice! Thanks for this.Having a file encrpyt to an HTML file is pretty interesting, something I've never considered before. Very portable. [–] srpeck 10y ago ↗ I really like the portability and accessibility of HTML files, especially as very thin local apps.Here is one of my projects playing with that concept: https://github.com/srpeck/markdowned
[–] srpeck 10y ago ↗ I really like the portability and accessibility of HTML files, especially as very thin local apps.Here is one of my projects playing with that concept: https://github.com/srpeck/markdowned
[–] anaran 10y ago ↗ Encryption password entry in the clear in a dialog!That should at least be <input type="password"> [–] davidcollantes 10y ago ↗ I think it is on purpose, as you are only asked to type it once. Type the wrong thing, and no way to decrypt the file.
[–] davidcollantes 10y ago ↗ I think it is on purpose, as you are only asked to type it once. Type the wrong thing, and no way to decrypt the file.
10 comments
[ 3.1 ms ] story [ 36.8 ms ] threadI presume it encrypts on the client side, but whats to stop a man in the middle swapping the javascript so it sends the attacker your files?
It now force redirects, hats off to CloudFlare for being free SSL provider.
https://crypto.stanford.edu/sjcl/
Having a file encrpyt to an HTML file is pretty interesting, something I've never considered before. Very portable.
Here is one of my projects playing with that concept: https://github.com/srpeck/markdowned
That should at least be <input type="password">