Ghostbin #408
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#408
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Ghostbin is not really secure, because after creating an encrypted paste, it's possible to access it with javascript disabled, which means the content is not decrypted in the user's browser. Also, it requires cookies to even work at all, which shouldn't be needed.
Open Source Ghostbin Alternatives - AlternativeTo.net
https://alternativeto.net/software/ghostbin/?license=opensource
It can be self-hosted, though, if you're concerned about server-side security. But yeah, we're just recommending the main server.
I don't consider that secure, but maybe it's just me...
Regardless, Ghostbin should be the third option in the Paste Services section and not the first, and maybe it should be mentioned in the notes that encryption/decryption is not done in the browser.
Just FYI:
ghostbin.com runs outdated Apache 2.4.18 and outdated OpenSSH 7.2 P2. The security of the whole server setup isn't very exemplary. Furthermore, the TLS configuration supports insecure RC4 for encryption and weak cipher suites.
See also my comparison in #454
Discussion can continue in #454