secretbox-decoding

[Jirido]

Hi. I might be faar out sailing here but had to ask. So I use rclone to mount some 10Gb google drives that I got access to with my g-mails locally. Like on my laptop and phone and so on. On them mounts I also mount encryption layers (crypt) so google cant snoop or scan my files. I'm a bit political and not the generally trusting type. I just like to keep mine to me. It just feel fine.
Rclone encrypt this layer with secretbox. Now I use this free phpbb forum that has no real space or shell coming with it. Of course I have some big sound files I would like to publish on my forum, speeches. They are all together some Gb's worth. So it makes sense to use cloudflare to cache them for me to avoid google having to share to much. And also then I would prefer to not store my sound files unencrypted in their cache.. So it made sense to me to look for a script that would receive the files at the end user and decrypt them after the TLS decryption, before they are passed off to the browser and storage.

Your script here is the closest thing I found. I'm not a programmer but an old toothless punk that lives on an old ship https://imgur.com/a/xuReX4u so My hope is that you, that seem to do a fair bit of opensource coding, might find it in your heart to either point me to such a script or cobble together something useful (and explain how to set it to catch the streams of some links).
The crypt drive mount has a password in the rclone config ( it is for a sub folder to the plain mount) and it is not very important that this password is secret as the files anyway are gonna be openly accessible. It is good thou that the key is begotten first at the site. It may be put hard coded in to the script or maybe it could be loaded in a plain text from some other domain(not cached at CF) or even reside in the sites html or something like that. The files are not meant to be secret per see but just not automatically audio to text transcribed and then scanned automatically either at google or cloudflare. Well I get that I'm a bit paranoid, but things are moving about a bit strangely nowadays in my mind and eyes.

so drive+Xsalsa20>TLS>-->cloudflare>noTLS>ev cloudflare encryption-decryption>TLS>-->client>noTLS>Xsalsa20DecryptionScript>plain file>browser>drive or stream.

There is some options with rclone to encrypt file names as well as content.

My guess is that with this solution the g-drive - hotlink thing could become more attractive as a "poor man's" option as it at least stop automatic scanning.

Well, All this with a stubborn hope. Ivano-jirido

[jwerle]

Hi @Jirido 👋🏼
It sounds like you are caught between the devil and the deep blue sea with privacy/anonymity. Let me get back to you after digesting this!

[Jirido]

Nice.. You seem like a sharp dude, For me it often is blurry around how, in the scheme of all things moving about, to catch things that a function gonna work with and then how to pass it on to where it was going. Even if often know what I want to get done ; ) I begun to think that maybe if i gave the links a class somehow or if the links should call the script with an argument of the actual link or.. well But I guess you will know.

If you look for some broader application to this secretbox-encoding and (maybe decoding) this one guy has this cool "org-web" org-file editor that works with different of this free or non free storage's. And as I live on the road, edit files on the run (you know how it is on the streets, your shit gets stolen.. specially your phone) ..and still prefer to be secretive in front of e-corp(while using their resources), I suggested him to look in to the secretbox solution that rclone and also you use here.

He thought it could be a good thing for his foss app but that it was out of the scope of his ability. So I thought of your thing here when I woke up this morning and saw that he had answered.. Maybe you two are a fit from, well I like to say hell as I know hell is from the goddess Hel before the guys that did run the Odin/Asa war good thing expelled her and Europe's early Samoyed originated(same as your native culture in a way) pagan culture to the underground and made her the death goddess and shit bucket or what ever. For me here in the Scandinavia helvete(swedish) - helviti(finnish) -> "Hel viet" would be "whole-we or "the we of whole" as "hel" is old old, even pre sweedish word for whole, and "vi" is the word we.
Hole(cave), hull, hill, hall, whole, holy, hell and hälle (the ground rock,earth her self)
So the collective or gathering around what is whole.
It is a bit like the vedic concept around the the "being" (that what is!) and "it's" absolute aspect.. The inner light that, yes is both death and life. Or to say the truth, there is only life.
So no bad intention meant from me when I express myself from my culture and see you as a potential holy fit from hell.

One can't miss an opportunity to stifle the, with the "norm culture" very resonant, spread of Asa respect now when they start to sell them selfs even as the opposition to them selfs under their main cloak of god and goth, good and goat. Typical normal black magic of fake conflicts and double bookings to claim the status of being the origin and exclude an deeper seeing.

I hope I did not disrespect 100 of your toes by jumping around erratically, ranting against the spawns of the self ointing valhall wanabe goates and limp d**ks.. Damned I can hardly stop. It is one of this mornings I guess..

Anyway here is a link to web-org if you feel inspired at some moment DanielDe/org-web#132. Thanks for cooking with your brain on this problem.