Gophemeral
-
If I go to this site and your mascot isn't an adorable gopher I'm going to be serious disappointed.
-
@scottalanmiller said in Gophemeral:
If I go to this site and your mascot isn't an adorable gopher I'm going to be serious disappointed.
It's on the GitLab page lol.
-
@stacksofplates said in Gophemeral:
@scottalanmiller said in Gophemeral:
If I go to this site and your mascot isn't an adorable gopher I'm going to be serious disappointed.
It's on the GitLab page lol.
Nice
-
@scottalanmiller said in Gophemeral:
Nice
ID: 290080036515480068
Password: sbMo9N7ojt-wdChJ8lVqAsgs18PUjz_n -
@stacksofplates said in Gophemeral:
I wrote this utility. It's for sharing secrets or any sensitive data. Instead of just emailing or texting the data, you can create a message with this service and it will encrypt the data and store it. It will only allow the message to be viewed whatever number of times you specify. It gives you back a message ID and password that you pass on to your recipient and they can retrieve the message.
You can use the hosted version, which is limited to 50 characters, and 5 days of retention. Or you can run the server on your own.
By default the server will use Fauna as a backend, but you can specify to use a local BoltDB database. The utility can be downloaded from GitLab here and the same cli tool that runs the server also interacts with the server.
It sounds cool but I can't see how it will be more secure than just mailing the data?
I mean you are mailing the message ID and password needed to decrypt.
That's what I believe is called the key exchange problem and the reason for asymmetric encryption and public/private keys.
-
@Pete-S said in Gophemeral:
I mean you are mailing the message ID and password needed to decrypt.
You could mail one, and speak the other.
Many institutions send usernames and passwords through separate mediums.
-
@JasGot said in Gophemeral:
@Pete-S said in Gophemeral:
I mean you are mailing the message ID and password needed to decrypt.
You could mail one, and speak the other.
Many institutions send usernames and passwords through separate mediums.
OK, but a 150 character message is really pretty short... so you could do the same there, send half, speak half.
-
@Pete-S said in Gophemeral:
@stacksofplates said in Gophemeral:
I wrote this utility. It's for sharing secrets or any sensitive data. Instead of just emailing or texting the data, you can create a message with this service and it will encrypt the data and store it. It will only allow the message to be viewed whatever number of times you specify. It gives you back a message ID and password that you pass on to your recipient and they can retrieve the message.
You can use the hosted version, which is limited to 50 characters, and 5 days of retention. Or you can run the server on your own.
By default the server will use Fauna as a backend, but you can specify to use a local BoltDB database. The utility can be downloaded from GitLab here and the same cli tool that runs the server also interacts with the server.
It sounds cool but I can't see how it will be more secure than just mailing the data?
I mean you are mailing the message ID and password needed to decrypt.
That's what I believe is called the key exchange problem and the reason for asymmetric encryption and public/private keys.
And guess what happens if anyone other than you gets in your mail? Versus, what happens if anyone other than you gets ahold of the secret ID and password after you seen it. Huge huge difference, way more secure. These things are used all the time. Yes, email could be as secure, or even more... But in practice, it never is across the board.
-
@Pete-S said in Gophemeral:
@stacksofplates said in Gophemeral:
I wrote this utility. It's for sharing secrets or any sensitive data. Instead of just emailing or texting the data, you can create a message with this service and it will encrypt the data and store it. It will only allow the message to be viewed whatever number of times you specify. It gives you back a message ID and password that you pass on to your recipient and they can retrieve the message.
You can use the hosted version, which is limited to 50 characters, and 5 days of retention. Or you can run the server on your own.
By default the server will use Fauna as a backend, but you can specify to use a local BoltDB database. The utility can be downloaded from GitLab here and the same cli tool that runs the server also interacts with the server.
It sounds cool but I can't see how it will be more secure than just mailing the data?
I mean you are mailing the message ID and password needed to decrypt.
That's what I believe is called the key exchange problem and the reason for asymmetric encryption and public/private keys.
because there's still and abstraction and a view limit. If I send you a password over email and someone nabs it, you have no idea and they don't have to be watching real time. With this, if I send you a message ID and pass, you'd have to be watching real time and get the data before the recipient. And at that point, they'd know something is wrong because the message has either ran out of view, or is not the correct number of views.
-
@JasGot said in Gophemeral:
@Pete-S said in Gophemeral:
I mean you are mailing the message ID and password needed to decrypt.
You could mail one, and speak the other.
Many institutions send usernames and passwords through separate mediums.
This is anther way. If you really want to be secure, text the ID and email the password. Or call and give one of them.
