[TW5] Encrypt Tiddler Plugin: now with batch encrypt of tiddlers (Plugin Release)

[Danielo Rodríguez]

Hello everyone.

I just updated my first plugin ( it's been a long time since I did it): Encrypt Tiddler plugin.

For those that don't know what it does this plugin adds the ability to encrypt your tiddlers individually. 

One of the new features of 2.1 version (very demanded by the community) is the ability to encrypt several tiddlers at once. This is now possible from the control panel.

Take a look at:

http://danielorodriguez.com/TW5-EncryptTiddlerPlugin/

[Felix Küppers]

Very nice Danielo!

--
You received this message because you are subscribed to the Google Groups "TiddlyWiki" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tiddlywiki+...@googlegroups.com.
To post to this group, send email to tiddl...@googlegroups.com.
Visit this group at http://groups.google.com/group/tiddlywiki.
To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/73b7ec5c-a675-40b7-9d4b-3c15c948111e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Jon]

Really useful, Danielo. Thanks.

 ps.

• I didn't try this, but theoretically you can apply double encryption by encrypting your wiki too.
  

When I tried this (dragging plugin to an opened, encrypted file in tiddlydesktop) I got an Uncaught node.js Error

Regards
Jon

[Danielo Rodríguez]

Hello Jon

El domingo, 5 de abril de 2015, 8:28:33 (UTC+2), Jon escribió:

Really useful, Danielo. Thanks.

Glad you find it useful

 

When I tried this (dragging plugin to an opened, encrypted file in tiddlydesktop) I got an Uncaught node.js Error

What do you mean exactly? That you are trying to install the plugin into an already encrypted wiki? I never tested this. Otherwise I don't see the relationship between applying double encryption with the fact that is not possible to install the plugin on an already encrypted wiki. They are different things.  

[Jon]

Hi Danielo,

I wouldn't have a use for the double encryption but the wiki I dragged the plugin to first happened to be already encrypted and then I got the error.
As you'd referred to double encryption, I was just reporting back my findings.

By the way, before I start using it properly, can you give any assurances as to how robust it is? In other words is there any chance of it not working for some reason and the tiddlers won't open?

Thanks
Jon

[Måns]

Hi Danielo

Great to have the ability to encrypt single tiddlers and even batch encrypt a bunch of tiddlers at once.

Thanks a lot :-)

I was wondering - will you consider to add confirmation when setting or clearing the encryption password?

To me it is too easy to hit a wrong key inadvertedly and when there is no confirmation dialog for writing the password a second time there is no chance that I will be able to find out what I wrote...

Of course I can make it a habit to double check the encryption by decrypting a tiddler before I save changes - but with a confirmation dialog this test would already have been done... - Just a thought...

Secondly - When I want to run the encrytion on a list of tiddlers with a specific tag eg. "topsecret" I have to specify a full list filter search string as searching for "topsecret" might give me more hits than I want....

I think it might be very convenient if you should tick (checkmark) those tiddlers on the list (search result) that you want to batch encrypt.

I some situations I want a student or his/her parents to be able to read tiddlers with personal content in a wiki which is readable by all students and parents.

Thank you again for your work on this plugin.

Cheers Måns Mårtensson

[Ed Dixon]

Thank you so much Daniello! I hadn't even had a chance to look at it since we discussed this just a week or so back you are amazing! Can not wait to see how it can be applied!

[Danielo Rodríguez]

El domingo, 5 de abril de 2015, 21:35:58 (UTC+2), Måns escribió:

Hi Danielo

Great to have the ability to encrypt single tiddlers and even batch encrypt a bunch of tiddlers at once.

Thanks a lot :-)

You're welcome, thanks for trying it.

 

I was wondering - will you consider to add confirmation when setting or clearing the encryption password?

To me it is too easy to hit a wrong key inadvertedly and when there is no confirmation dialog for writing the password a second time there is no chance that I will be able to find out what I wrote...

Of course I can make it a habit to double check the encryption by decrypting a tiddler before I save changes - but with a confirmation dialog this test would already have been done... - Just a thought...

It makes a lot of sense. It's a industry standard to ask for password confirmation when setting. I opened an issue to track it: https://github.com/danielo515/TW5-EncryptTiddlerPlugin/issues/4

Feel free to debate this there. I'm not sure how should this be implemented. As a popup when you hit encrypt? Just provide two password fields?

 

Secondly - When I want to run the encrytion on a list of tiddlers with a specific tag eg. "topsecret" I have to specify a full list filter search string as searching for "topsecret" might give me more hits than I want....

I think it might be very convenient if you should tick (checkmark) those tiddlers on the list (search result) that you want to batch encrypt.

This second suggestions is trickier. I know that is a bit "uncomfortable" to use a filter expression, but it is the most powerful and secure way. There is nothing that avoids you to use a search operator on the filter. Maybe if I set more "pre-built" filters this process would be easier. I can implement what you suggest by adding a special field to those tiddlers that should be encrypted, but then I have to modify the filter to match only those. Where should I modify the filter? Internally in the widget while processing? If so, how can I distinguish between no tiddlers selected or an user that wants to encrypt all the results? The idea is cool, but I'm not sure how to do this. Feel free to open a github issue and specify all your requirements.

 

I some situations I want a student or his/her parents to be able to read tiddlers with personal content in a wiki which is readable by all students and parents.

I did not know that TW is being used in so cool ways. Nice to know

 

Thank you again for your work on this plugin.

Thank you for your suggestions. 

[Danielo Rodríguez]

El lunes, 6 de abril de 2015, 7:24:47 (UTC+2), Ed Dixon escribió:

Thank you so much Daniello! I hadn't even had a chance to look at it since we discussed this just a week or so back you are amazing! Can not wait to see how it can be applied!

Hello ED, you were one of my main motivations to get this working so... Let me know what do you get with it!! :)

Regards 

[Danielo Rodríguez]

El domingo, 5 de abril de 2015, 13:41:37 (UTC+2), Jon escribió:

Hi Danielo,

I wouldn't have a use for the double encryption but the wiki I dragged the plugin to first happened to be already encrypted and then I got the error.
As you'd referred to double encryption, I was just reporting back my findings.

And I'm grateful for that. Sorry if I did not sound like that.

 

By the way, before I start using it properly, can you give any assurances as to how robust it is? In other words is there any chance of it not working for some reason and the tiddlers won't open?

If you are talking about Encryption robustness it is as robust as the TW5 mechanism itself. Regarding reliability... it worked on all the scenarios I tried, but maybe there could be some of them that I didn't think about. I can't give you any guarantee but there is no rocket science involved so it should be reliable. But before using it in any production/important scenario, please try it out with some usage scenarios close to what you are going to use with it.

[Jon]

That's reassuring, thanks Danielo

Jon.

[Danielo Rodríguez]

El martes, 7 de abril de 2015, 15:21:25 (UTC+2), Jon escribió:

That's reassuring, thanks Danielo

Jon.

Sorry, I don't know if you are serious or it is just irony. 

[Jon]

Hi Danielo,

No I'm serious!
I'm a real novice in terms of all this stuff and I just wanted to gauge the risks of losing information before I used your plugin.
If you say it is based on the TW5 mechanism (and I don't really understand what that means!) then I'm reassured!

I would rather not use irony etc. on forums like this to avoid the risk of misunderstanding, particularly when there are multiple languages involved and responses may only be brief.

Regards
Jon

[Ed Dixon]

Jon, Don't feel bad I am no novice to development in general and understand many different web technologies and I still get lost understanding and working with TiddlyWIki! Under the hood lies a powerful beast that I have discovered pretty much negates the use of all that lower level stuff I have spent years working with and learning. It really is more of its own framework than a basic webpage and Jeremy elluded to the fact that the next Hangout (as far as I know yet to be scheduled) may provide serious considerations into treating it as such and I hope many here attend. 

What I think Daniello is referring to here is that he is using the native library built into TW5 to encrypt the individual tiddlers rather than a different one or one of his own design providing exactly the same level of security and vulnerability that the mechanism now used to encrypt the entire TW5 file has built in. More information about that is available from the developer docs at the main web site and staffords web site here :https://crypto.stanford.edu/sjcl/ Please do not interpret my answer too mean I am an expert at any of this. I answered this post because I know well that same state of confusion, have had fears many of my own questions could be misinterpreted, and I want you to know you are not alone in any of this. I also hope you will continue to ask questions where you find you need too. Jeremy does an excellent job of taking all this into consideration as he designs and directs things here to better help us and other users use TW5. 

Thanks, 

--
You received this message because you are subscribed to a topic in the Google Groups "TiddlyWiki" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/tiddlywiki/aNGoP1w52qM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to tiddlywiki+...@googlegroups.com.

To post to this group, send email to tiddl...@googlegroups.com.
Visit this group at http://groups.google.com/group/tiddlywiki.

To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/f56ac099-f863-4e04-8209-7562d7ee793a%40googlegroups.com.

[Jon]

Hi Ed,

Thanks for taking the time to make such a thoughtful reply. It was unexpected as I put Danielo's exchange down to a simple misunderstanding which hopefully is now resolved. What you said about TW is very interesting and helps me to put it into some context. I'll certainly keep asking questions (even though I know some of them will be a bit dumb!) and I'm very grateful for everything I've learned here from people on the forum.

Best wishes
Jon

[Danielo Rodríguez]

Hi Jon

 It was unexpected as I put Danielo's exchange down to a simple misunderstanding which hopefully is now resolved. 

Of course it is. I was not sure if you feel confident to use the plugin or not, that's why I have asked. Sorry if I sounded rude, but as you saw, too short answers could be sometimes misinterpreted.  Don't feel bad for asking, everyone here have asked a lot in order to understand Tiddlywiki.

Thank you for comments. Please let me know if you find bugs/problems using my plugin or if you have suggestions.

Regards.

[Danielo Rodríguez]

Ed,

Thank you very much for your very good explanation. Now it is much clearer what I was trying to say. Feel free to write some documentation for the plugin if you want :D

Regards

[Måns]

Hi Danielo

Is it possible to "white list" some tiddler fields or create/maintain some sort of a "encrypted tiddler template" with predefined fields and/or additional tags?

Then it would be fairly easy to keep track of encrypted tiddlers and maybe even be able to keep a structure with them in systems like GSD5...

Cheers Måns Mårtensson

Den søndag den 5. april 2015 kl. 00.09.17 UTC+2 skrev Danielo Rodríguez:

[Danielo Rodríguez]

Hello Man's,

Would you mind to open a ticket on github? If not I'll try to do myself. Hope I don't forget about it!

[Mark S.]

Hello Danielo,

Could you take a moment to explain what encryption protocol you used, and what the bit equivalent would be? I recall that there was an encryption plugin for TWC that had had something like 56 bits.

Thanks!
Mark

[Alex Hough]

@jed, I think this is a useful perspective to develop

"I am no novice to development in general and understand many different web technologies and I still get lost understanding and working with TiddlyWIki! Under the hood lies a powerful beast that I have discovered pretty much negates the use of all that lower level stuff I have spent years working with and learning. It really is more of its own framework than a basic webpage"

I think many developers may think that there's not enough in TiddlyWiki to keep them interested. Exposing the nature of the 'powerful beast' to developer audiences, and others interested in technical and conceptual  beauty.

I have become interested in the Quine aspect of TiddlyWiki and Jeremy's inspiration,

Alex

--

You received this message because you are subscribed to the Google Groups "TiddlyWiki" group.

To unsubscribe from this group and stop receiving emails from it, send an email to tiddlywiki+...@googlegroups.com.

To post to this group, send email to tiddl...@googlegroups.com.
Visit this group at http://groups.google.com/group/tiddlywiki.

To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/6eb3e46a-b11b-46dc-ad1d-93c49ea5070b%40googlegroups.com.

[Jeremy Ruston]

Hi Mark

Could you take a moment to explain what encryption protocol you used, and what the bit equivalent would be? I recall that there was an encryption plugin for TWC that had had something like 56 bits.

TiddlyWiki uses the Stanford JavaScript Library with it's default settings of 128 bit encryption keys:

http://bitwiseshiftleft.github.io/sjcl/

Best wishes

Jeremy.

 

Thanks!
Mark


On Saturday, April 4, 2015 at 3:09:17 PM UTC-7, Danielo Rodríguez wrote:

Hello everyone.

I just updated my first plugin ( it's been a long time since I did it): Encrypt Tiddler plugin.

For those that don't know what it does this plugin adds the ability to encrypt your tiddlers individually. 

One of the new features of 2.1 version (very demanded by the community) is the ability to encrypt several tiddlers at once. This is now possible from the control panel.

Take a look at:

http://danielorodriguez.com/TW5-EncryptTiddlerPlugin/

--

You received this message because you are subscribed to the Google Groups "TiddlyWiki" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tiddlywiki+...@googlegroups.com.
To post to this group, send email to tiddl...@googlegroups.com.
Visit this group at http://groups.google.com/group/tiddlywiki.

To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/6eb3e46a-b11b-46dc-ad1d-93c49ea5070b%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--

Jeremy Ruston
mailto:jeremy...@gmail.com

[Mark Brown]

Love this plugin, Daniello. Really cool.

Any thoughts on how one might build on this to achieve something akin to user permissions?

I'd like to have different users of a tiddlywiki assigned permission to decrypt different groups of tiddlers. The user authenticates once then can automatically decrypt any tiddler that they have permission to.  What would be the best way of doing this?

My hunch is that it would need to involve per tiddler keys that are then encrypted with a user password, but I'm not exactly sure of what would work best.

[Ste Wilson]

Added this plugin to my tiddly wiki when it popped up but only just got round to using it.
Are you still developing this?
My thought was to put questions for the students and then hide the answers behind a password, telling the students how to work out the password, e.g. the first step in answering the question will give the access to the ans.

I've done a test run and it's good...however.....

Is it possible for the tiddler to 'stay encrypted' by which i mean that once a password is set for it the password stays with the tiddler even when it's been opened so that upon opening and editing the password doesn't need setting again? I'm envisioning having lots of different answer sets all with unique passwords and the more times i set it, the greater my chances of coking up and locking a tiddler away forever...

Also I would like to put the password clue on the encrypted side of the tiddler and this currently resets after unlocking. Is it possible for this to be persistent too?

Cheers in advance.

Stephen

stephenteacher.tiddlyspot.com

[Alex]

I am also interested in it.

As I understand, based on tiddler's content type, it could be rendered in a different way. So if there would be some special type, like encrypted/vnd.tiddlywiki, then different rendering logic could be applied. For example, if password is entered, the decrypted contents could be displayed, otherwise some generic message. All without changing the original tiddler.