Half a croissant, on a plate, with a sign in front of it saying '50c'
h a l f b a k e r y
non-lame halfbakery tagline

idea: add, search, annotate, link, view, overview, recent, by name, random

meta: news, help, about, links, report a problem

account: browse anonymously, or get an account and write.

user:
pass:
register,


             

Please log in.
Before you can vote, you need to register. Please log in or create an account.

personal pages

have your sensitive data online with strong encryption
  (+1, -2)
(+1, -2)
  [vote for,
against]

A web service where I can upload my personal pages, similarly to a blog. Difference is that these pages are encrypted. I have to enter a password to see them. I can enter to-do lists, personal links, address book, all my passwords, PIN numbers, etc. The point is to have these data online, so that I can access them when needed. This way I don't have to carry pieces of paper around, which is both a burden and a security risk.

Of course, you can't trust any provider with your personal data. But you don't need to with this system. You enter/edit your data in a textbox, and it is encrypted with strong encryption within the browser, before leaving your computer. The whole thing is transparent, open source javascript encryption. The server will store only the encrypted text, when you view it you decrypt it in your browser.

After usage clear browser cache and that's it. Additional mechanisms for integrity check, backup, etc. Of course the whole system is essentially the same as encrypting your own files and uploading via public ftp, but the key is to make it both usable and secure.

lkozma, Sep 18 2007

John Walker's JavaScrypt http://www.fourmilab.ch/javascrypt/
A good place to start. [jutta, Sep 18 2007]

[link]






       How does the browser decrypt the files?
marklar, Sep 18 2007
  

       It interprets a JavaScript program (that the user can examine) that encrypts before the data leaves the browser.   

       Hm, I want this to work, but I'm not quite seeing the complete chain of trust in the system.   

       If you're carrying your computer around, you don't need the central place.   

       So, you're somewhere else. You don't have your computer. Problem one, you need to trust the browser you're using. Problem two, you need to trust the JavaScript. Where do you get the code? You reload it each time. Even if you've inspected it once, it may have changed. How are you going to tell?   

       You can get it from a secure connection somewhere, but now you're trusting a site - so you could just have trusted the site with your secrets to begin with.
jutta, Sep 18 2007
  

       I suppose you can kinda do this with windows' built-in 'compress and email' when you right-click a file/folder. You only get crappy WinZip password encryption with that though.   

       Actually, I might start doing this to an unlimited space free email account (I'll probably use WinRar though).
marklar, Sep 18 2007
  

       Jutta, great points, haven't thought about that the javascript code itself can be changed/manipulated in a way that the individual user can not tell.
lkozma, Sep 18 2007
  

       Of course you could access this with a personal device like a PDA or cell phone that you regularly scan for changes.   

       I don't see where you need a special service for this. All your encryption is going to have to be on the equipment that you control, so all you need is an ftp site to store it.   

       But then, with the incredibly low price of storage these days, why not just carry all your encrypted documents with you? An eighty GB ipod can probably store more shopping lists and porn than you are likely to need on a trip to the mall, or even a weekend at grandma's place.
Galbinus_Caeli, Sep 23 2007
  
      
[annotate]
  


 

back: main index

business  computer  culture  fashion  food  halfbakery  home  other  product  public  science  sport  vehicle