MastodonTech.de

xoron :verified:File encryption with a browser.I've been exploring the <a href="https://infosec.exchange/tags/WebCryptoAPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebCryptoAPI</a> and I'm impressed!When combined with the <a href="https://infosec.exchange/tags/FileSystemAPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#FileSystemAPI</a>, it offers a seemingly secure way to <a href="https://infosec.exchange/tags/encrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#encrypt</a> and <a href="https://infosec.exchange/tags/store" class="mention hashtag" rel="nofollow noopener" target="_blank">#store</a> files directly on your device. Think <a href="https://infosec.exchange/tags/localstorage" class="mention hashtag" rel="nofollow noopener" target="_blank">#localstorage</a>, but with <a href="https://infosec.exchange/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#encryption</a>!I know <a href="https://infosec.exchange/tags/webapps" class="mention hashtag" rel="nofollow noopener" target="_blank">#webapps</a> can have <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> vulnerabilities since the code is served over the web, so I've <a href="https://infosec.exchange/tags/OpenSourced" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSourced</a> my demo! You can check it out, and it should even work if <a href="https://infosec.exchange/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosted</a> on <a href="https://infosec.exchange/tags/GitHubPages" class="mention hashtag" rel="nofollow noopener" target="_blank">#GitHubPages</a>.Live Demo: <a href="https://dim.positive-intentions.com/?path=/story/usefs--encrypted-demo" rel="nofollow noopener" translate="no" target="_blank">https://dim.positive-intentions.com/?path=/story/usefs--encrypted-demo</a>Demo Code: <a href="https://github.com/positive-intentions/dim/blob/staging/src/stories/05-Hooks-useFS.stories.js" rel="nofollow noopener" translate="no" target="_blank">https://github.com/positive-intentions/dim/blob/staging/src/stories/05-Hooks-useFS.stories.js</a>Hook Code: <a href="https://github.com/positive-intentions/dim/blob/staging/src/hooks/useFS.js" rel="nofollow noopener" translate="no" target="_blank">https://github.com/positive-intentions/dim/blob/staging/src/hooks/useFS.js</a>IMPORTANT NOTES (PLEASE READ!): * This is NOT a product. It's for <a href="https://infosec.exchange/tags/testing" class="mention hashtag" rel="nofollow noopener" target="_blank">#testing</a> and <a href="https://infosec.exchange/tags/demonstration" class="mention hashtag" rel="nofollow noopener" target="_blank">#demonstration</a> purposes only. * It has NOT been reviewed or audited. Do NOT use for sensitive data. * The "password encryption" currently uses a hardcoded password. This is for demonstration, not security. * This is NOT meant to replace robust solutions like <a href="https://infosec.exchange/tags/VeraCrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#VeraCrypt</a>. It's just a <a href="https://infosec.exchange/tags/proofofconcept" class="mention hashtag" rel="nofollow noopener" target="_blank">#proofofconcept</a> to show what's possible with <a href="https://infosec.exchange/tags/browser" class="mention hashtag" rel="nofollow noopener" target="_blank">#browser</a> <a href="https://infosec.exchange/tags/APIs" class="mention hashtag" rel="nofollow noopener" target="_blank">#APIs</a>.<a href="https://infosec.exchange/tags/Encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#Encryption</a> <a href="https://infosec.exchange/tags/Cryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cryptography</a> <a href="https://infosec.exchange/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> <a href="https://infosec.exchange/tags/Frontend" class="mention hashtag" rel="nofollow noopener" target="_blank">#Frontend</a> <a href="https://infosec.exchange/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Privacy</a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://infosec.exchange/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDevelopment</a> <a href="https://infosec.exchange/tags/Coding" class="mention hashtag" rel="nofollow noopener" target="_blank">#Coding</a> <a href="https://infosec.exchange/tags/Developer" class="mention hashtag" rel="nofollow noopener" target="_blank">#Developer</a> <a href="https://infosec.exchange/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#Tech</a> <a href="https://infosec.exchange/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#FOSS</a> <a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#GitHub</a> <a href="https://infosec.exchange/tags/MastodonDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#MastodonDev</a> <a href="https://infosec.exchange/tags/Programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#Programming</a> <a href="https://infosec.exchange/tags/WebStandards" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebStandards</a> <a href="https://infosec.exchange/tags/FileSystem" class="mention hashtag" rel="nofollow noopener" target="_blank">#FileSystem</a> <a href="https://infosec.exchange/tags/WebAPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebAPI</a> <a href="https://infosec.exchange/tags/ProofOfConcept" class="mention hashtag" rel="nofollow noopener" target="_blank">#ProofOfConcept</a>

xoron :verified:Send files privately. No cloud. No trace.<a href="https://glitr.io" rel="nofollow noopener" translate="no" target="_blank">https://glitr.io</a>I’m working towards something for <a href="https://infosec.exchange/tags/secure" class="mention hashtag" rel="nofollow noopener" target="_blank">#secure</a> / <a href="https://infosec.exchange/tags/private" class="mention hashtag" rel="nofollow noopener" target="_blank">#private</a> / <a href="https://infosec.exchange/tags/simple" class="mention hashtag" rel="nofollow noopener" target="_blank">#simple</a> <a href="https://infosec.exchange/tags/P2P" class="mention hashtag" rel="nofollow noopener" target="_blank">#P2P</a> <a href="https://infosec.exchange/tags/filetransfer" class="mention hashtag" rel="nofollow noopener" target="_blank">#filetransfer</a>. It isnt as “simple” as it could be, im still working on it, but ive got it down to:Zero-installation as a <a href="https://infosec.exchange/tags/PWA" class="mention hashtag" rel="nofollow noopener" target="_blank">#PWA</a>Zero-registration by using local-only storage<a href="https://infosec.exchange/tags/P2P" class="mention hashtag" rel="nofollow noopener" target="_blank">#P2P</a>-authentication using <a href="https://infosec.exchange/tags/WebCryptoAPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebCryptoAPI</a>Fast <a href="https://infosec.exchange/tags/datatransfer" class="mention hashtag" rel="nofollow noopener" target="_blank">#datatransfer</a> using <a href="https://infosec.exchange/tags/WebRTC" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebRTC</a>It’s far from finished, but i think ive got it “usable” enough to ask for feedback on it.When comparing this project to things like <a href="https://infosec.exchange/tags/wormhole" class="mention hashtag" rel="nofollow noopener" target="_blank">#wormhole</a>, <a href="https://infosec.exchange/tags/onionshare" class="mention hashtag" rel="nofollow noopener" target="_blank">#onionshare</a>, <a href="https://infosec.exchange/tags/localsend" class="mention hashtag" rel="nofollow noopener" target="_blank">#localsend</a>, <a href="https://infosec.exchange/tags/syncthing" class="mention hashtag" rel="nofollow noopener" target="_blank">#syncthing</a>, <a href="https://infosec.exchange/tags/croc" class="mention hashtag" rel="nofollow noopener" target="_blank">#croc</a>, <a href="https://infosec.exchange/tags/sphynctershare" class="mention hashtag" rel="nofollow noopener" target="_blank">#sphynctershare</a> and countless others. the key difference in my approach is that its a <a href="https://infosec.exchange/tags/webapp" class="mention hashtag" rel="nofollow noopener" target="_blank">#webapp</a> thats ready to go without any "real" setup process. you just need a browser.I’m aware there are things like <a href="https://infosec.exchange/tags/SFTP" class="mention hashtag" rel="nofollow noopener" target="_blank">#SFTP</a> and several other established protocols and tools. I started doing this because I was learning about <a href="https://infosec.exchange/tags/WebRTC" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebRTC</a> and it seems suprisingly capable. This isnt ready to replace any existing apps or services.(Note: I know you guys are typically interested in <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#opensource</a> code. this project is a spin-off from a bigger project: <a href="https://github.com/positive-intentions/chat" rel="nofollow noopener" translate="no" target="_blank">https://github.com/positive-intentions/chat</a>)Let me know what you think about the app, features and experience you would expect from a tool like this.---SUPER IMPORTANT NOTES TO PREVENT MISLEADING:These projects are not ready to replace any existing apps or services.These projects are not peer-reviewed or security audited.The chat-app is <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#opensource</a> for transparency (as linked above)... but the file-app is not open souce at all (especially spicy when not reviewed or audited.).All projects behind positive-intentions are provided for testing and demo purposes only.

Aral BalkanNative support for ed25519/x25519 in the browser would be a huge step forward for in-browser/client-side cryptography.Looks like Google is holding up our ability to use it in production.(Firefox and Safari both have support enabled by default.)<a href="https://caniuse.com/mdn-api_subtlecrypto_sign_ed25519" rel="nofollow noopener" translate="no" target="_blank">https://caniuse.com/mdn-api_subtlecrypto_sign_ed25519</a><a href="https://mastodon.ar.al/tags/ed25519" class="mention hashtag" rel="nofollow noopener" target="_blank">#ed25519</a> <a href="https://mastodon.ar.al/tags/x25519" class="mention hashtag" rel="nofollow noopener" target="_blank">#x25519</a> <a href="https://mastodon.ar.al/tags/cryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptography</a> <a href="https://mastodon.ar.al/tags/browsers" class="mention hashtag" rel="nofollow noopener" target="_blank">#browsers</a> <a href="https://mastodon.ar.al/tags/web" class="mention hashtag" rel="nofollow noopener" target="_blank">#web</a> <a href="https://mastodon.ar.al/tags/mozilla" class="mention hashtag" rel="nofollow noopener" target="_blank">#mozilla</a> <a href="https://mastodon.ar.al/tags/apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#apple</a> <a href="https://mastodon.ar.al/tags/google" class="mention hashtag" rel="nofollow noopener" target="_blank">#google</a> <a href="https://mastodon.ar.al/tags/firefox" class="mention hashtag" rel="nofollow noopener" target="_blank">#firefox</a> <a href="https://mastodon.ar.al/tags/safari" class="mention hashtag" rel="nofollow noopener" target="_blank">#safari</a> <a href="https://mastodon.ar.al/tags/chrome" class="mention hashtag" rel="nofollow noopener" target="_blank">#chrome</a> <a href="https://mastodon.ar.al/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacy</a> <a href="https://mastodon.ar.al/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://mastodon.ar.al/tags/WebCryptoAPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebCryptoAPI</a>

AHgAnyone tried to sign a text with <a href="https://mastodon.social/tags/JS" class="mention hashtag" rel="nofollow noopener" target="_blank">#JS</a> <a href="https://mastodon.social/tags/WebCryptoApi" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebCryptoApi</a> and verify with <a href="https://mastodon.social/tags/PHP" class="mention hashtag" rel="nofollow noopener" target="_blank">#PHP</a> openssl_verify()? Tried alpine based PHP 7.4, 8.1, 8.2 (with error message) and 8.3 (without error message). Also tried centos / almalinux 8 with php 7.4 (with error message)."error0909006CPEM routinesget_nameno start line"But pub key as pem is fine (exportKey method as spki and base64 encoded).Maybe someone tested it sucessfully and could tell me some details of the test setup like base os, php version, ... ?

Aral Balkan<a href="https://mastodon.social/@dietrich" class="u-url mention" rel="nofollow noopener" target="_blank">@dietrich</a> This is huge; thanks for sharing.<a href="https://mastodon.ar.al/tags/SmallWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#SmallWeb</a> <a href="https://mastodon.ar.al/tags/ed25519" class="mention hashtag" rel="nofollow noopener" target="_blank">#ed25519</a> <a href="https://mastodon.ar.al/tags/WebCryptoAPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebCryptoAPI</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#webcryptoapi