26 Feb
2005
26 Feb
'05
2:15 p.m.
I had been using Jotz (until it became Bloatz), then MacJournal and
tried DevonThink (which I may still purchase--it's pretty cool). But
since I have TM open all the time anyway I have an "info" project where
I store various bits of data. There's no RTF or images but I can live
without them and I like the portability of plain text.
What I would like is an on-the-fly encryption -- i.e. select the text
and run a command to encrypt it (with a pre-set password). Then I could
store bank data etc securely.
Any tips on how this might be done? I know there is command-line
encryption of various kinds but I'm not sure how I could store a
password w/in TM for global use.
thanks!
Paul
PS looking forward to the new PHP bundle!
26 Feb
26 Feb
2:53 p.m.
On Feb 26, 2005, at 15:15, Paul Nordstrom August wrote:
What I would like is an on-the-fly encryption -- i.e.
select the text
and run a command to encrypt it (with a pre-set password). Then I
could store bank data etc securely.
You can set the password as a custom shell variable for TextMate, go to
preferences / advanced (name it e.g. TM_PASSWD). Then use this command
to encrypt input (which you'd probably set to “selected text”) as
AES-128:
openssl enc -e -aes128 -base64 -pass env:TM_PASSWD
To decrypt the block again, use this command:
openssl enc -d -aes128 -base64 -pass env:TM_PASSWD
Anyone who has access to your TextMate preferences file would be able
to read the password. If this is sufficient security, then I'd suggest
the above. You could also provide the password directly to the command
using: “-pass pass:<password>”, this is less secure than the variable
because other processes running on your machine might be able to
intercept launch arguments.
If you need better security, you could have the command ask for the
password (e.g. using an applescript dialog) and maybe cache it in a
file (readable only by current user) and maybe even have that file
removed after n minutes.
3 Mar
3 Mar
12:18 a.m.
This is good... for a start.
alright some dark scripting magic below (enter this EXACTLY as it is
below, including newlines):
openssl enc -e -aes128 -base64 -pass:`osascript -e "set answr to \"\"
tell app \"Finder\"
activate
display dialog \"Please enter your secret magic word:\" default answer
answr buttons{\"OK\"} default button 1
set answr to text returned of the result
return the answr
end tell
"`
Please also note that the example that Alan gave is somewhat inaccurate
in how it handles base64 encodings. I do not have the time right now to
resolve this issue (will play with it tonight and send you the actual
decryption command too). Now you do not have to worry about
environmental variables or TM preferences security (btw. the security
implications now are that nobody should be doing a process list on your
system at the time of the encryption... that could compromise the
password, but the timing must be very accurate).
Now, who in this forum said that Applescript is useless and did not
want to implement it in TM ;) ?
Nick
On Feb 26, 2005, at 8:53 AM, Allan Odgaard wrote:
On Feb 26, 2005, at 15:15, Paul Nordstrom August
wrote:
What I would like is an on-the-fly encryption --
i.e. select the text
and run a command to encrypt it (with a pre-set password). Then I
could store bank data etc securely.
You can set the password as a custom shell variable for TextMate, go
to preferences / advanced (name it e.g. TM_PASSWD). Then use this
command to encrypt input (which you'd probably set to “selected text”)
as AES-128:
openssl enc -e -aes128 -base64 -pass env:TM_PASSWD
To decrypt the block again, use this command:
openssl enc -d -aes128 -base64 -pass env:TM_PASSWD
Anyone who has access to your TextMate preferences file would be able
to read the password. If this is sufficient security, then I'd suggest
the above. You could also provide the password directly to the command
using: “-pass pass:<password>”, this is less secure than the variable
because other processes running on your machine might be able to
intercept launch arguments.
If you need better security, you could have the command ask for the
password (e.g. using an applescript dialog) and maybe cache it in a
file (readable only by current user) and maybe even have that file
removed after n minutes.
______________________________________________________________________
For new threads USE THIS: textmate(a)lists.macromates.com
(threading gets destroyed and the universe will collapse if you don't)
http://lists.macromates.com/mailman/listinfo/textmate
11:49 a.m.
hi everyone,
I've had a "perfect storm" of cable modem crashes (must move to DSL I
think), new laptop (12" good, 15" much better! :), and many travels but
I wanted to thank everyone for the advice since I posted this request a
week or so ago.
I think Nick is on the right track with the applescript -- no reason
really not to take advantage of it -- but even the 'simpler'
suggestions are good ones. I guess in large part it depends on the
physical security of the actual computer and the ultimate sensitivity
of the data being stored.
I'm going to play around with this idea and see how it works...
cheers
Paul
On 3 Mar 2005, at 09:18, Nick Hristov wrote:
This is good... for a start.
alright some dark scripting magic below (enter this EXACTLY as it is
below, including newlines):
openssl enc -e -aes128 -base64 -pass:`osascript -e "set answr to \"\"
tell app \"Finder\"
activate
display dialog \"Please enter your secret magic word:\" default answer
answr buttons{\"OK\"} default button 1
set answr to text returned of the result
return the answr
end tell
"`
Please also note that the example that Alan gave is somewhat
inaccurate in how it handles base64 encodings. I do not have the time
right now to resolve this issue (will play with it tonight and send
you the actual decryption command too). Now you do not have to worry
about environmental variables or TM preferences security (btw. the
security implications now are that nobody should be doing a process
list on your system at the time of the encryption... that could
compromise the password, but the timing must be very accurate).
Now, who in this forum said that Applescript is useless and did not
want to implement it in TM ;) ?
Nick
On Feb 26, 2005, at 8:53 AM, Allan Odgaard wrote:
On Feb 26, 2005, at 15:15, Paul Nordstrom August
wrote:
______________________________________________________________________
For new threads USE THIS: textmate(a)lists.macromates.com
(threading gets destroyed and the universe will collapse if you don't)
http://lists.macromates.com/mailman/listinfo/textmate What I would like is an on-the-fly encryption --
i.e. select the
text and run a command to encrypt it (with a pre-set password). Then
I could store bank data etc securely.
You can set the password as a custom shell variable for TextMate, go
to preferences / advanced (name it e.g. TM_PASSWD). Then use this
command to encrypt input (which you'd probably set to “selected
text”) as AES-128:
openssl enc -e -aes128 -base64 -pass env:TM_PASSWD
To decrypt the block again, use this command:
openssl enc -d -aes128 -base64 -pass env:TM_PASSWD
Anyone who has access to your TextMate preferences file would be able
to read the password. If this is sufficient security, then I'd
suggest the above. You could also provide the password directly to
the command using: “-pass pass:<password>”, this is less secure than
the variable because other processes running on your machine might be
able to intercept launch arguments.
If you need better security, you could have the command ask for the
password (e.g. using an applescript dialog) and maybe cache it in a
file (readable only by current user) and maybe even have that file
removed after n minutes.
______________________________________________________________________
For new threads USE THIS: textmate(a)lists.macromates.com
(threading gets destroyed and the universe will collapse if you don't)
http://lists.macromates.com/mailman/listinfo/textmate
12:22 p.m.
>> On Feb 26, 2005, at 15:15, Paul Nordstrom
August wrote:
>>
>>> What I would like is an on-the-fly encryption -- i.e. select the
>>> text and run a command to encrypt it (with a pre-set password).
>>> Then I could store bank data etc securely.
>>
Not sure if this is what you're asking for, but have you considered
turning on File Vault? It encrypts and decrypts your home folder on the
fly. If someone gains access to your computer, everything will be safe.
Regards,
JJ
26 Feb
26 Feb
3:53 p.m.
Op 26-feb-05 om 15:15 heeft Paul Nordstrom August het volgende
geschreven:
What I would like is an on-the-fly encryption -- i.e.
select the text
and run a command to encrypt it (with a pre-set password). Then I
could store bank data etc securely.
Why not save it on an encrypted disk image? If you'd like portability
to Windows machines, I don't know if that would work. If that's
important, buy PGP.
--
Regards, Charles.
27 Feb
27 Feb
3:44 p.m.
On Feb 26, 2005, at 10:53 AM, Nednieuws wrote:
If that's important, buy PGP.
Or use gpg...
--
__ ____
/ / / __/ Brian Lalor
/ _ \/__ \ blalor(a)bravo5.org
/_.__/____/ http://bravo5.org/
7:33 p.m.
On 27. feb 2005, at 16:44, Brian Lalor wrote:
On Feb 26, 2005, at 10:53 AM, Nednieuws wrote:
I wouldn't recomend pgp/gpg for stuff like this. Clearly a symetric
approach will do fine, such as an encrypted loop-back filesystem mount
(if Mac OS lets you do stuff like that).
--
Sune :: http://cyanite.org/
"And now there is merely silence, silence,
silence, saying all we did not know."
If that's important, buy PGP.
Or use
gpg...
5840
days inactive
5845
days old
7 comments
7 participants
participants (7)
-
Allan Odgaard -
Brian Lalor -
John Johnson -
Nednieuws -
Nick Hristov -
Paul Nordstrom August -
Sune Foldager