zerobin

An client side encrypted pastebin
Download

zerobin Ranking & Summary

Advertisement

  • Rating:
  • License:
  • zlib/libpng License
  • Price:
  • FREE
  • Publisher Name:
  • Sam et Max

zerobin Tags


zerobin Description

zerobin is a Python client side encrypted pastebin that can run without a database.- Try it: 0bin.net- Get the source on github- Report a bug0bin allows anybody to host a pastebin while welcoming any type of content to be pasted in it. The idea is that one can (probably...) not be legally entitled to moderate the pastebin content as he/she has no way to decrypt it.It's an Python implementation of the zerobin project. It's easy to install even if you know nothing about Python.For now tested with IE9, and the last opera, safari, chrome and FF.How it worksWhen creating the paste:- the browser generate a random key;- the pasted content is encrypted with this key using AES256;- the encrypted pasted content is sent to the server;- the browser receives the paste URL and add the key in the URL hash (#).When reading the paste:- the browser makes the GET request to the paste URL;- because the key is in the hash, the key is not part of the request;- browser gets the encrypted content et decrypt it using the key;- the pasted decrypted content is displayed and code is colored.Key points:- because the key is in the hash, the key is never sent to the server;- therefor it won't appear in the server logs;- all operations, including code coloration, must happens on the client;- the server is no more than a fancy recipient for the encrypted data.Other features- automatic code coloration (no need to specify);- pastebin expiration: 1 day, 1 month or never;- burn after reading: the paste is destroyed after the first reading;- clone paste: you can't edit a paste, but you can duplicate any of them;- code upload: if a file is too big, you can upload it instead of using copy/paste;- copy paste to clipboard in a click;- get paste short URL in a click; own previous pastes history; visual hash of a paste to easily tell it appart from others in a list.Technologies used- Python- The Bottle Python Web microframework- SJCL (js crypto tools)- jQuery- Bootstrap, the Twitter HTML5/CSS3 framework- VizHash.js to create visual hashes from pastes- Cherrypy (server only)What does 0bin not implement?- Request throttling. It would be inefficient to do it at the app level, and web servers have robust implementations for it.- Hash collision prevention: the ratio "probability it happens/consequence seriousness" is not worth it- Comments: it was initially planed. But comes with a lot of issues so we chose to focus on lower handing fruits.Product's homepage


zerobin Related Software

About SoftwareSea