Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The use case for a document like this is a little different from .htaccess. This is something you can share, email, host, etc and have some security in transit and at rest. Yes, .htaccess password protects on the web server, but that is one specific use case and requires a lot of machinery and specific environment. JavaScript is everywhere. And this is a static HTML document in the sense that there is no server side rendering.


I'm not seeing much of a use case tbh, in the sense that I cannot see myself going for something like this.

If it's really sensitive I wouldn't put it on an accessible page and then have to worry about password sharing, server-side security/possible spoofing, etc etc

So if I can share the password securely and/or have it somewhere safe, why don't I use that system for the content itself? because of html formatting, storage, etc? seems like a much easier problem to solve than the threat model of sensitive stuff shared on the web.

I'm trying to imagine concrete situations that I'd go for something like this and I cannot quite think of any. Silo-ing stuff behind a login is so much more versatile. Generally not putting sensitive stuff on the web works so well when you can send essentially anything point-to-point using so many widely used protocols including Signal, LINE or Whatsapp, or a simple email, which you can use to send encrypted 7z files for good measure.


I would not use this for anything. Existing tools are better in every way. It is a cool idea though.


Why not use a password protected word document if those are your use-cases?


You definitely could. But I think there are more computers with web browsers than there are computers that can read encrypted Microsoft Word documents.


On client systems, PDF readers are as ubiquitous as browsers. An encrypted PDF should do the job better than Word.


Similar use case. I would not use this for anything important. If you just want to shuffle data around with something similar just use something like KeePassX, lets you attach files. Much more configurable with regards to KDF parameters and such.


But doesn't Word use CBC? Apparently from upthread that's E_ALWAYS_BAD.


Ahh, well, this is actually a field where I know a lot. Since it is my job. Let me distill up thread.

1. Don’t implement the underlying crypto yourself

2. CBC is hard to get right

3. There are a lot of esoteric attacks and if you have a nation state attacking you they could exploit them, but they won’t because they will just put some crap on your systems and do it easier.

Also this is a very simple use case to get authenticated CBC correct with. So, the real answer is “don’t do this, but it is probably okay in this one use case, assuming they didn’t implement all of this themselves (e.g the crypto algorithms themselves)

You should still listen to tptacek though. Use an authenticated crypto mode :)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: