Comments on: InfoEncrypt : Encrypt / Decrypt Text Online http://www.makeuseof.com/dir/infoencrypt-encrypt-decrypt-text-online/ Fri, 03 Feb 2012 19:40:00 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Brian http://www.makeuseof.com/dir/infoencrypt-encrypt-decrypt-text-online/#comment-100793 Brian Mon, 27 Jul 2009 17:18:42 +0000 http://www.makeuseof.com/dir/infoencrypt-encrypt-decrypt-text-online/#comment-100793 Please be aware that this site is utterly INSECURE! The plain text AND password are sent unsecured over the Internet, which basically means anybody connected to the net can read it. You can confirm this by viewing the source and seeing that there is minimal processing on the form before it is submitted, or by using an HTTP monitor or port sniffer and watch your plain text go right out onto the net. You really need to be wary of any online encryption service: the chances that someone will have access to your unencrypted message is very high, and even if its sent securely to the server, who’s to say they aren’t snooping your data? Finally, most of these services don’t even bother mentioning what encryption scheme is being used: which probably means they’re using one that some half-wit came up with and never bothered exposing to academic inspection to determine whether or not it’s actually strong against attacks. Shame on encodor.com for misleading users, and shame on makeuseof.com for not bothering to check into this at all. Please be aware that this site is utterly INSECURE! The plain text AND password are sent unsecured over the Internet, which basically means anybody connected to the net can read it. You can confirm this by viewing the source and seeing that there is minimal processing on the form before it is submitted, or by using an HTTP monitor or port sniffer and watch your plain text go right out onto the net.

You really need to be wary of any online encryption service: the chances that someone will have access to your unencrypted message is very high, and even if its sent securely to the server, who’s to say they aren’t snooping your data?

Finally, most of these services don’t even bother mentioning what encryption scheme is being used: which probably means they’re using one that some half-wit came up with and never bothered exposing to academic inspection to determine whether or not it’s actually strong against attacks.

Shame on encodor.com for misleading users, and shame on makeuseof.com for not bothering to check into this at all.

]]>