Hi all, recently I needed to do that so that I can send my drawings (mainly for approval) more secured. I have come across and used that site: URLCrypt.to - Keeping your links safe
Please give my your opinion about if it is any good because i honestly have no knowledge in that field.
I'll appreciate your feedback.
Thank you.
Hi,
Even though URLCrypt.to - Keeping your links safe checks out safe on Virustotal and google's safe browsing site, though check the hosting link at the bottom of the testing details for some ambiguity. It can be a bad practice to use an online service for something like this.
In all good faith you sent a link to an online site that if believed originates in the Kingdom of Tonga a sovereign state and archipelago in the Pacific ocean 5,212 km/3,239 miles to the East of Australia. That's what the .to in the urlcrypt link stands for.
The reasoning is you don’t know who’s behind the service, and anything done in a browser no matter how protected is questionable at best. The better way would be to have an encryption program on your computer and if need be send the un-encryption key by secure means to anyone you need to see your emails.
If I may ask; What are your reasons for encryption? I can understand the sensitivity of your drawings and it sounds like you might have them stored in a "cloud service", and concern whether or not the link would be scraped from the email by a spambot. It would help to know what browser(s) and email client(s) you use because some encryption works better with some browsers.
Meanwhile I'll see if I can round up the "troops" for more ideas and help.
If you are running a website you should set up encryption on your server. Unfortunately that can be expensive for a signed cert which all browsers look for. For personal use you might look for a site that does VPN through a browser. That creates a secured connection between you and the server. I've never looked into it though so I can't recommend any. However if the website already has encryption you shouldn't have to worry about it.
It's generally not a good idea to rely on third parties when you need privacy and protection for personal and confidential data. The fundamental problem it has is that "encrypting" links is, in fact, just eye candy and adds little or no real security.
For explaining this, I'm going to assume that you have some confidential file stored in a shared hosting and want to privately send it to someone else (correct me if I'm wrong).
In the most simplest of its options, you send the "encrypted" link and it redirects to the real file. Problem is, anyone getting the link just follows it and also gets the real file. This adds zero protection, you just exchanged one link for another, maybe more difficult to remember, but nothing else. Obfuscation at best. Adding the captcha option neither adds security, it just makes it harder for bots, but an human won't be deterred by this.
What about putting the link a password? Here is where the real security comes from. Anyone following the link will need the password to make any use of it (assuming no flaws in the site). But this creates another problem, how do you send the password securely? You need another means of delivering both the link and the password, as sending them together defeats the purpose.
There is a catch however: By creating such a link, you give the real link to the site! This means, anyone controlling the site knows the real link and can easily access the file, regardless of password. An additional problem is that the site where the file is stored also has full control of it, potentially exposing it if they really want.
Instead, I'll suggest something along the lines of what Anak said, encrypt the file locally, then upload it. This way, the storage service has just a meaningless chunk of data, and anyone getting the real link cannot make any use of it without the password. And you eliminate the link-obfuscating service altogether. There is still the problem of how to send the password securely, but that can be achieved by other means, like phone or a text message.
Doing so can be as easy as compressing the data in zip/7z/rar format and putting a password of it, that most people will know how to access it.
This only protects the data in-transit, a good thing, but doesn't prevents a bad guy from getting the link or making use of it. Neither VPN helps, it just encrypts the browser-VPN link, while the VPN-site is still in the plain, and again, the file is still unprotected. There are some free certificate authorities out there that browsers already trust, and may suffice for personal usage, but doesn't solve the particular problem at hand.
Generally i use firefox and have some local abv.bg mail service. So are most of the oldschool engineers that a have to deal with.
So the process is as follows. These colleages of mine ( not all but many of them) are retired and work from home on some projects we make. They use barely autocad and have skype ( or telegram) and mail from 15 years to say. They have no ideo of cloud and dropbox and other recent technologies. So to make it as simple as i can i make one .rar file with .dwg files inside. Quite often the size of the file is more than 100-200mb. After that i upload it to so site which generates me link. In the end i encrypt the received link and send it to the recipient. That's the whole process.
The other think that turned me to this kind of sending is that is easy and free.
( in response to "If you are running a website you should set up encryption on your server. Unfortunately that can be expensive for a signed cert which all browsers look for. For personal use you might look for a site that does VPN through a browser. That creates a secured connection between you and the server. I've never looked into it though so I can't recommend any. However if the website already has encryption you shouldn't have to worry about it.")
I sounds like it this might be too complicated but if you can get them to get crytomator then it would be much easier to send them things. It is also free.
Cryptomator: Free Cloud Encryption for Dropbox & Others
Malcolm
I am not sure how that is going to happen as i told you what type of people i am dealing with :) It's the same as showing my grandmother the smartphone:) I used that unpopular, as i see method, because it's easy and free and the recipient need to know only the password which i can tell him by the phone.
Hi,
It has taken me awhile to respond because I have been busy trying to track down some way to make what you are trying to do easier, but you have one condition that does not allow anything other than what you are already doing, that condition is working with your group, the old-school engineers (OSE).
I tried finding something to use on your machine or your Firefox (FF) browser:
- FF does have one obfuscation add-on but it does not hide well and only changes the letters of words that can still be read easily.
- Then there is Lock the Text, I installed this onto my version of FF but I still have not mastered it yet to where I can understand how it works so I can not endorse it, and with the passwords you can apply it seems like it would be too difficult for the OSE.
- As mentioned by earlier respondents to your thread there are JavaScript's | not to be confused with JAVA out there that seem promising but only work if you had some type of domain newsletter or blog that works from a server, programmers are shying away from javascript and moving more towards CSS, CSS works better with today's HTML code. This approach is more of a burden on you.
So, what does this boil down to? I might get some discussion from fellow members that my endorsement of what you are already doing is not safe, but if you feel comfortable and okay with doing it, then okay, do it.
This is from your post #5 and I took the liberty of shortening your quote(s), clicking on the orange dot beside your name will take you directly to the post the quote came from:
And later on in your post #8If I understand correctly:
- You compress the .dwg file with the .rar program and upload it to the so site that generates a link to the file, then use urlcrypt on that so site link, and add a password to the urlcrypt link to give to the OSE.
- Another layer of security would be to set a password to the compressed .dwg/.rar file if you are not already doing it, the added burden for you would be to give two passwords to whoever you phone.
- Is your desire to encrypt the link because of spambots or do you have another reason? The only other reason I can think of is to hide the link from engineers that would try to do harm to your drawings.
In my research I used whois.com to see where the URLCrypt.to - Keeping your links safe link goes to and found information that shows the registrant and administrator of urlcrypt Markus Schneider is based in Homburg Germany, there is even an email, address, and phone number if you wanted to contact him to address your concerns about security.
Some reasons for using an offshore domain could be; Price, domain availability, and site ranking. So if it works for you and you are comfortable with using it continue using it.
Then clicking on the related domain ispapi.net I found:Code:urlcrypt.to Domain: urlcrypt.to Created on: Sat Apr 16 06:38:25 2016 Last edited on: Sat Apr 16 06:38:25 2016 Expires on: Sun Apr 16 06:38:25 2017 Primary host add: None Primary host name: ns1211.ispapi.net Secondary host add: None Secondary host name: ns2202.ispapi.net Results from checking SOA records for listed servers: ns3178.ispapi.net: 2016052200 ns2202.ispapi.net: 2016052200 ns1211.ispapi.net: 2016052200 END related domain names ispapi.net
Code:ispapi.net Domain Information Domain: ispapi.net Registrar: 1 API GMBH Registration Date: 2008-10-05 Expiration Date: 2017-10-05 Updated Date: 2016-10-06 Status: clientTransferProhibited Name Servers: ns1011.ispapi.net ns2011.ispapi.net ns3011.ispapi.net Registrant Contact Name: Markus Schneider Street: Zweibruecker Strasse 26 City: Homburg State: Saarland Postal Code: 66424 Country: DE Phone: +49.684192430 Email: email@ispapi.net Administrative Contact Name: Markus Schneider Street: Zweibruecker Strasse 26 City: Homburg State: Saarland Postal Code: 66424 Country: DE Phone: +49.684192430 Email: email@ispapi.net Technical Contact Name: Markus Schneider Street: Zweibruecker Strasse 26 City: Homburg State: Saarland Postal Code: 66424 Country: DE Phone: +49.684192430 Email: email@ispapi.net Raw Whois Data Domain Name: ISPAPI.NET Registry Domain ID: 1522833768_DOMAIN_NET-VRSN Registrar WHOIS Server: whois.1api.net Registrar URL: http://www.1api.net Updated Date: 2016-04-28T08:19:29Z Creation Date: 2008-10-05T15:20:23Z Registrar Registration Expiration Date: 2017-10-05T15:20:30Z Registrar: 1API GmbH Registrar IANA ID: 1387 Registrar Abuse Contact Email: email@1api.net Registrar Abuse Contact Phone: +49.68416984x200 Domain Status: clientTransferProhibited - http://www.icann.org/epp#clientTransferProhibited Registry Registrant ID: Registrant Name: Markus Schneider Registrant Organization: Registrant Street: Zweibruecker Strasse 26 Registrant City: Homburg Registrant State/Province: Saarland Registrant Postal Code: 66424 Registrant Country: DE Registrant Phone: +49.684192430 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: email@ispapi.net Registry Admin ID: Admin Name: Markus Schneider Admin Organization: Admin Street: Zweibruecker Strasse 26 Admin City: Homburg Admin State/Province: Saarland Admin Postal Code: 66424 Admin Country: DE Admin Phone: +49.684192430 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: email@ispapi.net Registry Tech ID: Tech Name: Markus Schneider Tech Organization: Tech Street: Zweibruecker Strasse 26 Tech City: Homburg Tech State/Province: Saarland Tech Postal Code: 66424 Tech Country: DE Tech Phone: +49.684192430 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email: email@ispapi.net Name Server: ns1011.ispapi.net 194.50.187.11 Name Server: ns2011.ispapi.net 194.0.182.11 Name Server: ns3011.ispapi.net 193.227.117.11 DNSSEC: unsigned URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/ >>> Last update of WHOIS database: 2017-01-28T09:14:51Z <<< For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en. ; This data is provided for information purposes, and to assist persons ; obtaining information about or related to domain name registration ; records. We do not guarantee its accuracy. ; By submitting a WHOIS query, you agree that you will use this data ; only for lawful purposes and that, under no circumstances, you will ; use this data to ; 1) allow, enable, or otherwise support the transmission of mass ; unsolicited, commercial advertising or solicitations via E-mail ; (spam); or ; 2) enable high volume, automated, electronic processes that apply ; to this WHOIS server. ; These terms may be changed without prior notice. ; By submitting this query, you agree to abide by this policy. related domain names 1api.net icann.org internic.net
You just want to send a link securely and nothing else?
Try: Privnote - Send notes that will self-destruct after being read
Privnote Privacy Policy
How Privnote Really Works - Pablo Hoffman
If you want to be really secure you'd have to use encrypted email to send the link.
Quote