Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This gives me an idea. A secure web notebook where you can record things that only you can get out. They will be encrypted on the server basically, and your password will be used to decrypt them. Also you will use SSL to post. Is there any vault like this that's freely accessible?


The problem with such a service is that there's no practical way to figure out whether they're reading your data on the sly. (Even if your data is technically being encrypted on the client side, there's nothing to stop them from slipping in some extra JS one day to start sending your encryption key to their server.)


Only the super paranoid would bother using a service like this, and those people would require verifiable encryption on the client side.


They will be encrypted on the server basically

And now you have to trust the server.


LastPass has a "Secure Notes" feature which works this way.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: