[Greasemonkey] greasemonkey for secure data over insecure networks / sites

John gm at plsek.id.au
Tue Jul 19 02:36:07 EDT 2005


Mark Pilgrim wrote:

>You could embed encrypted data in regular web pages,
>display:none by default, and the script could come along and embed a
>form for decrypting it, and/or auto-decrypt it.  This points to the
>concept of a partially-encrypted web, ordinarily invisible, and a
>generic GM script that decrypts and displays it.  That gives me the
>kind of woody I haven't had since I first learned about GM in the
>first place.
>
>  
>
Funny you should say that ... I'm using the concept in a slightly 
different way

first: there's actually another way to "embed" small lengths of 
encrypted (or non encrypted) data ...

eg, <font junk="Hello world"></font> ... easily uncovered by pure css 
(in Moz/FF etc anyway)
font[junk]:after{content:attr(junk);}

I kinda use this (purely in an acedmic way :p ) on a forum I frequent, I 
only started using some homegrown encryption because people were 
starting to wonder why some of my posts were matching searches on words 
that didn't appear in my posts!!! Of course, I had to write the 
greasemonkey script to auto decrypt, but that was a cinch ;-)

John



More information about the Greasemonkey mailing list