Silk Road forums

Discussion => Security => Topic started by: goblin on July 01, 2013, 07:56 pm

Title: Anybody hear of javascript "pgp" encryption?
Post by: goblin on July 01, 2013, 07:56 pm
Does anybody know about this service whereby you can get any text encrypted in PG  (so they say) by using javascript? It's Javascript PGP Encryption Service at CLEARNET: http://www.hanewin.net/encrypt/PGcrypt.htm

A customer sent me his information supposedly encrypted and it was a failure. I got a "An error has occurred: encryption session key is bad" message.

I looked at the website and it looks and feels sketchy, to say the least. Plus it obviously didn't work anyway.

goblin
Title: Re: Anybody hear of javascript "pgp" encryption?
Post by: comsec on July 01, 2013, 08:01 pm
Lot's of sites use java to encrypt in the browser before sending, like Hushmail or Countermail. Browser encryption is dangerous and leaky tell the guy to use real pgg, point him to some thread here that spoonfeeds a how-to
Title: Re: Anybody hear of javascript "pgp" encryption?
Post by: goblin on July 01, 2013, 08:06 pm
Sounds like solid advice.