August 15, 2013 at 12:39Scrambls - protection of your intellectual property and encryption in social networks
Hello, dear harazhiteli! Many people today are interested in the security of their personal data, and especially correspondence. And this is not surprising, given the NSA scandal and other factors. There is also a certain problem with social networks and cloud services: nothing else belongs to us , that is, our posts on social networks are their property, not ours, as our data in cloud storage does not belong to us.
And how to get out of this situation? The guys at Scrambls seem to have already solved this problem!
So what does scrambls do? It encrypts the text entered by the user before sending it to the server (for example, when posting a comment in FB), and if an encrypted fragment is found on the page, decrypts the text and displays it in its original form. In this case, the user chooses whether everyone can decrypt his record, or only select users.
Illustrative example:
[scrambls} dfeJD40wC1c јиіЗєзјЄѕсѕЧѕЯЫЙјХ {] - the text visible to all users scrambls
[scrambls} dfeJD44Mybb јаѕХїЇїЛјЍјвіЩіВіВ {] - the text visible only to people from the group created
How it works
To work with scrambls you need to install a browser plugin and log in to their site. When entering text surrounded by double dogs into the input, the plug-in encrypts the message with a private key. If it detects the [scrambls} and {] markers on the page, the plugin will decrypt everything in between. In this case, all encryption operations occur on the client, and the server on which the encrypted text lies, only transfers the data. With encryption, of course, you can select the group that is allowed to view the text.
The plugin adds an additional toolbar with scramble settings. This is how it looks in my Firefox:
For Chrome, the plugin is made more accurately, this is the button:
Visually decrypted text on the page is highlighted with a special background; when you hover over a message, a hint is displayed indicating the group for which the message is intended.
Also a very good feature is the change of encrypted message group without re-encryption. This is possible due to the uniqueness of the key for each message.
If you don’t have a plugin, or if the scramble message came through a regular messenger, you can use the online encoder / decoder.
Security
What do the developers themselves write about scrambls security?
Quote from the site (english)
Scrambls employs a custom algorithm that is optimized for presentation on social media sites. Each post is uniquely keyed and the key length is sufficiently long for most web posts.
Scrambls is 'social security'. We make no assertion that the encoding is unbreakable. And because the transformations are applied on the client, outside of any secure execution environment (like most commercial security solutions), the keys are vulnerable to a local attack. SSL is employed to ensure client to server communications.
Rest assured that we will be quick to employ enhanced security platforms as they become available. As a division of Wave Systems , which has a 20 year history in endpoint security, we believe in the future of real information protection.
For those who are interested, scrambls is specifically architected to allow for partners to integrate their own key servers and algorithms. Please see developer.scrambls.com .
Scrambls is 'social security'. We make no assertion that the encoding is unbreakable. And because the transformations are applied on the client, outside of any secure execution environment (like most commercial security solutions), the keys are vulnerable to a local attack. SSL is employed to ensure client to server communications.
Rest assured that we will be quick to employ enhanced security platforms as they become available. As a division of Wave Systems , which has a 20 year history in endpoint security, we believe in the future of real information protection.
For those who are interested, scrambls is specifically architected to allow for partners to integrate their own key servers and algorithms. Please see developer.scrambls.com .
Transfer:
Scrambls implements its own encryption algorithm, optimized for communication through social networks. Each post is encrypted with a unique key, the length of which is sufficient for ordinary posts on the social network.
Scambls - social encryption. We do not claim that it is not possible to crack it. All conversions are done on the client, outside a secure environment (like most commercial security solutions), encryption keys are vulnerable to local attacks. SSL is used only to ensure the security of data transfer between the client and server.
Be sure that if more advanced security systems appear on the client, we will implement them very quickly. As a division of Wave SystemsWith 20 years of security experience, we believe in the future of true data protection.
For those who are interested. Scrambls is designed to integrate external key servers and algorithms. See developer.scrambls.com .
In general, a fairly good security procedure. If you are interested in technical details, you can read the documentation on developer.scrambls.com, everything is described there in great detail. If desired, you can arrange them in a separate article.
In general, the guys speak very convincingly, right? By the way, they have not only plug-ins for browsers, but also a mobile version for iOS (allows you to work with Twitter) and a Scrumbls for files client that allows you to encrypt files and folders before sending them to the cloud. The client for files is available only under Windows, so I could not test it.
It seems to me that Scrambls is a very interesting thing. Although I would like a less intrusive (and more stable) plugin for Firefox.
PS: [scrambls} dfeJD4ixnda ѕмѕС ІЖИЅјншЖ јЕјЇїЙїЎјІіЉѕИєрѕЗѕЬіНчГ hkfb {]