4 comments
Is the source code available for review?
maybe encrypt in localhost then send to another securely is another option? <a href="https://github.com/nuwainfo/ffl" rel="nofollow">https://github.com/nuwainfo/ffl</a>
also decrypt using webcryto
Looks nice, but I just can’t imagine the use case where you care about security enough to encrypt a file, but not enough that you trust a random website with it.
Here's the other one I know of that has some degree of trust (non browser based also available)<p><a href="https://pteo.paranoiaworks.mobi/en/" rel="nofollow">https://pteo.paranoiaworks.mobi/en/</a><p>It says it is client side you could also download the page with what and open the html file for added assurance
I see the point, keep in mind encryption etc all runs client side. would obviously never recommend to encrypt anything sensetive or critical on a website :D
While that's all well and good. The problem is a website can update it's code every time you load it. So while the user can audit nothing is being sent, they would have to do this every time they load it.<p>While I think the UI is super nice here. I'd personally stick to a trusted tool from an org and project with a good reputation and long history.
Could we automate the auditing of the website every time it runs?
agreed, i'll see if there's a good way for me to prove when and what changed maybe be uploading to github and keeping it open source
[flagged]
[flagged]