Feed me bites
May 6, 2009 7:03 PM Subscribe
How do I share images securely through an RSS feed?
I have a series of images I would like to syndicate to myself, wherever I may be accessing Google Reader. I'd rather restrict "plaintext" access to only my computer, by some simple client-side encryption, if necessary. What's the easiest way of doing this?
There's an old encrypted RSS article that is exactly what I want, only for text. I'm not worried about local attacks.
Is there eg, a Greasemonkey script that would work? Am I neglecting that I would still have to host the images securely somehow? Right now I "host" from 127.0.0.1, solving several of the problems temporarily.
I have a series of images I would like to syndicate to myself, wherever I may be accessing Google Reader. I'd rather restrict "plaintext" access to only my computer, by some simple client-side encryption, if necessary. What's the easiest way of doing this?
There's an old encrypted RSS article that is exactly what I want, only for text. I'm not worried about local attacks.
Is there eg, a Greasemonkey script that would work? Am I neglecting that I would still have to host the images securely somehow? Right now I "host" from 127.0.0.1, solving several of the problems temporarily.
I don't use Google Reader, so I can't say if this would be compatible, but it occurs to me that if you used data URIs for the images you wouldn't have to worry about separately securing the images; for the purposes of transmission over the wire it would all be text.
posted by XMLicious at 8:54 PM on May 6, 2009
posted by XMLicious at 8:54 PM on May 6, 2009
Data URIs don't meet all of gensubuser's requirements, since they would be displayed by any browser without authentication. Also, they don't work at all in IE except in a limited way in IE8.
The main requirements are (I think): unencrypted RSS feed (for Google Reader) linking to encrypted (or at least authenticated) images. That way, even unauthorized people using the RSS feed will not see the images. Am I right?
posted by AndrewStephens at 9:24 PM on May 6, 2009
The main requirements are (I think): unencrypted RSS feed (for Google Reader) linking to encrypted (or at least authenticated) images. That way, even unauthorized people using the RSS feed will not see the images. Am I right?
posted by AndrewStephens at 9:24 PM on May 6, 2009
The code in the article appears to be proposing encrypting the content of the RSS feed in a manner that would require the pre-shared key provided only within the Greasemonkey script to decrypt. So if the images were data URIs within the encrypted content they definitely could not be displayed in just any browser; like all of the text content they could only be viewed in a browser with the Greasemonkey script installed in it.
posted by XMLicious at 12:15 AM on May 7, 2009
posted by XMLicious at 12:15 AM on May 7, 2009
Response by poster: Thanks for the attention. I waffled at the end of the askMe on the hosting. Surely there is a way to encrypt jpg's so they can first be uploaded anywhere. Data URI's look promising. IE is... doable.
posted by gensubuser at 2:54 AM on May 7, 2009
posted by gensubuser at 2:54 AM on May 7, 2009
Response by poster: Requirements are: real images only available for those with some key on client. Maybe authentication works in a non GR way... if it can be stored...
posted by gensubuser at 2:59 AM on May 7, 2009
posted by gensubuser at 2:59 AM on May 7, 2009
XMLicious, you are right, I misunderstood what you were proposing. I am not sure what the practical limit for data URI is, I know in IE8 they are limited to 32k. But IE doesn't have greasemonkey anyway.
posted by AndrewStephens at 4:10 AM on May 7, 2009
posted by AndrewStephens at 4:10 AM on May 7, 2009
Surely there is a way to encrypt jpg's so they can first be uploaded anywhere.
You would just convert each jpg to an image tag with a data URI in it and encrypt that, so that you'd be uploading a text file rather than an image.
I am not sure what the practical limit for data URI is, I know in IE8 they are limited to 32k.
If you had to use IE this could be solved by tiling multiple images together.
But IE doesn't have greasemonkey anyway.
Greasemonkey scripts are part of a broader category of "user scripts" for browsers. Alternatives for IE include gm4ie, IE7Pro, and Trixie.
posted by XMLicious at 7:15 PM on May 7, 2009
This thread is closed to new comments.
It would be possible to encrypt the images themselves and store them on any old server, and use Javascript to decode them on the client (like the linked article). But it would only work on some browsers (not IE) and I know of no off-the-shelf software you could use.
posted by AndrewStephens at 8:07 PM on May 6, 2009