If you recall, back in December I put together a nifty public key encryption app for dummies. I never actually made it publicly available, but I did talk at length about the code. I promised to make it available shortly, but then other things got in the way. You know, things like Luke’s Setup Assistant (which is something I’m using on a daily basis these days).
Anyways, I went back, I polished the code a bit and I released it on GitHub.
I haven’t really made much changes to the code, but I did take some of the suggestions to heart. For example, someone mentioned that for an app targeted at clueless end users, I had awfully lot of text on each window. Most people don’t want to read an essay when they launch an app. They want to see icons and/or pictures. So I fixed up the GUI a bit to be a little bit more accessible and colorful:
MyTPK Main Window
This is how the application looks right now. The functionality is exactly the same as it was before but I simply added some graphics and I think it makes a whole world of difference. At least visually… Truth be told, I have not unleashed this tool onto a non-techie so I’m not entirely sure how it would do. But, this is still work in progress.
There are bunch of things I want to do with this project. For one, I want to limit the amount of in-memory copying that is done right now. Someone suggested CryptoStream and that is probably the way I will go. The UI still needs some polishing, I still need to put some version information / about box somewhere on the main window. Well, that and I want to make a CLI interface so you can use it in scripts…
If you think you will find it useful, you can download it from the official project page here. It is a stand-alone executable. Download it, run it, enjoy. You will need .NET 3.5 or better though.
As you probably noticed I just discovered GitHub Pages. It is a very nifty feature that lets you push html files into your repository, and have them automatically hosted and served for you. It basically works like this:
- You create a new branch for your project named gh-pages
- You push some files to it
- The files are automagically hosted at http://yourusername.githubcom/ProjectName
Or you can tell GitHub to generate a page for you via the Admin panel on the website. This is essentially what I did, though I then checked it out, and modified it a bit. The little Zip and Tar icons and the little band in the upper right corner are auto-generated features. And I must say I kinda like them. This is a really quick and easy way to generate a clean, relatively nice looking site for your project without spending too much time or effort on it. And if you do want spend time and effort on it, you can go nuts and build a very complex site.
So yeah, MyTPK is now open as promised. If you have any constructive criticism let me know. You can also submit bug reports/feature requests here.
“But if you’re sending the file, why did you click on «I’m the recipient»?”
“I’m a man, not a girl!”
Just kidding, it’s excellent. And the icons do make a great difference, they’ve made it much more understandable.
Terrific little piece of code. Thanks!
Jey. Runs with Mono. (Tested in OS X)
IceBrain wrote:
You know, sad part is that I can actually envision someone saying that. :P
@ jambarama:
Thank you sir.
@ Tobi:
Nice! Mono is quite amazing piece of code. I never cease to be amazed how you can take a .NET project that was coded for and compiled on Windows and seamlessly run it on Mac or Linux.
It just goes to show that the only real reason why .NET is not a platform independent framework like Java, is because Microsoft does not want it to be. And it’s their right of course. But I’m amazed the open source community was able to build cross platform alternative. :)
Looks pretty sharp! Putting those descriptive images in there adds a lot. For nitpicking, I think there should be some better feedback about the generated key status. If a key has already been generated, indicate so in an obvious way. Maybe even hide away key generation so that it happens automatically the first time, and it’s not in plain view of the user any other time after that.
I cloned your repository and built on Linux with Mono’s xbuild. I know very little about Mono and .NET, so I don’t know why this is, but I noticed it doesn’t include any of the images. Other than that it runs fine,
Linux build, Linux run
One big point I noticed is that the key files it generated, KEY and IV, are globally readable (644) by default. Security applications (GnuPG, OpenSSH) always turn off all the other permissions (600) and refuse to use private keys stored in files readable by other users (other than root, obviously) — this is actually quite involved, checking directory permissions and ownership all the way down to /. I don’t know if .NET gives you a portable interface to fixing this, since it’s a unix-style permissions vs. Windows permissions thing.
Your build run in Mono has the images, though things quite aren’t aligned as well as your screenshot above– (and Mono managed to pick even uglier widgets than before.
Luke’s build, Linux run
There’s a slight behavior difference too. In your build, clicking “close” in one of the modal dialogs closes the entire program (unexpected behavior if you ask me), but the Mono build does not.
Of course this is all academic since the target audience doesn’t include any Linux users. :-) And you also said it requires .NET 3.5, which doesn’t include Mono.
Ah, looking more closely, I see KEY and IV is the encrypted symmetric AES key and the private RSA key is stored away properly in a special key container. So they should be ok as-is.
An idea:
To make it easier for people, write 1) in front of the first line, 2) second line and add a 3rd line: 3) Recipient decrypts file. Or is that understood from the text?
/Mads
https://www.yousendit.com/business This is more on our conversation from before, I know it uses a third party, but perhaps companies should make their own implimentation of this if they don’t feel comfortable with their service?
And I really like this… Considering I encourage everyone to switch to GPG and wish corporations forced it, I wont be using it (I don’t have much need anyway) but its a great project none-the-less.
@ Chris Wellons:
Wow… Thank you for doing the testing for me. :)
That “close” issue is definitely unintended. I think it happens because the window used to be independent, and I just recently made them into modal dialogs. I bet that the issue is related to this.
@ Travis McCrea:
The problem with GPG is that it is an overkill for most companies and there are major roadblocks to implementation. We tested it at my workplace and found out that:
1. Most Outlook plugins suck. It actually seemed more convenient to spend the money and buy PGP licenses than deal with support of the GPG and related tools
2. Only small percentage of employees grasped the whole concept of private/public keys. Most people complained that key management was a needless hassle.
3. None of our clients used GPG or PGP. Using it internally just within company seemed silly.
We ended up setting up a dedicated Zimbra server, and then forcing it to only accept SSL connections, and then migrated all the users to it using the Zimbra Outlook Connector. Now all communication within the company is encrypted via SSL and it is 100% transparent and invisible to the user.
Our clients use like a dozen of different solutions. Few use the AES feature in Winzip (forcing us to buy Winzip licenses, ugh..). One company uses some proprietary product that got bought out, and then shitcanned by McAfee and therefore is no longer maintained or updated (yaay security!) and a bunch use dedicated web portals apparently made by PGP with the lovely default attachment size of 6MB or less. It’s a mess.
Before being forced to use it, how many of these old business guys knew how to use their email? Or how to do 90% of the things they are doing now? They did it because they were told “this is how we do things and you will learn”. I wish this is what we would do with GPG/PGP.
I am not saying this is what businesses will do… and I know on the short term and even near future it sucks for the IT guys. However, I just think its one of those things society should be forcing on people.
I am also not putting down the system that you guys created, it’s a great band-aid. However, it doesn’t solve the bigger issue of users being the weakest link in security.