|
|
| Line 1: |
Line 1: |
| − | ==General Questions==
| + | #REDIRECT [[HidekiBin Support]] |
| − | | |
| − | ===What is HidekiBin?===
| |
| − | | |
| − | It's a site to store small texts
| |
| − | | |
| − | ===Where is HidekiBin?===
| |
| − | | |
| − | <tt>>http://hidekibin.hidekisaito.com</tt>
| |
| − | | |
| − | ===Is there any way to integrate HidekiBin better on my desktop?===
| |
| − | | |
| − | If you use [http://chrome.google.com Google Chrome], there is a [https://chrome.google.com/webstore/detail/hidekibin/lajfamdikjjifolocnajaojbfofngblk Chrome Application] for HidekiBin.
| |
| − | | |
| − | ===Is this possible to specify IP address to access to the service? (As opposed to relying on DNS?)===
| |
| − | | |
| − | Yes, if you have IPv6. Use: <tt>http://[2607:f298:1:103::302:2417]/</tt>
| |
| − | | |
| − | ===Did you make it?===
| |
| − | No, I do not claim ownership of the code, as it is an adaptation of [http://sebsauvage.net/wiki/doku.php?id=php:zerobin ZeroBin]. HidekiBin may be incorporating some original changes, but they are usually for cosmetic changes that does not affect core functionality.
| |
| − | | |
| − | ===How does it work?===
| |
| − | | |
| − | The system is based on ZeroBin. The system supports all the features [http://sebsauvage.net/wiki/doku.php?id=php:zerobin ZeroBin] supports.
| |
| − | | |
| − | ===How can it be used?===
| |
| − | | |
| − | You can use it to share snippets of text.
| |
| − | | |
| − | Other ideas including:
| |
| − | | |
| − | * Send your awesome source code to your friend to prove your worthiness (syntax highlighting is cool!)
| |
| − | * Using as a scratchpad to send text from one machine to another
| |
| − | * Writing a love letter you are not going to send
| |
| − | | |
| − | ===Why is the site not using SSL/TLS?===
| |
| − | From December 2014, this site supports SSL/TLS. Point your browser to <tt>https://hidekibin.hidekisaito.com</tt>. However, because it is using [[wikipedia:Server Name Indication|DNI]] based SSL/TLS, older browser may not work.<ref>Use of [https://letsencrypt.org Let's Encrypt] certificates are being planned once it's available.</ref>
| |
| − | | |
| − | ===Isn't JavaScript based crypto bad idea?===
| |
| − | In a sense, you are trusting that the host is sending correct (uncompromised) script everytime you use the service. So if in the case of breach, it is possible someone might replace cryptographic script. It could be that someone between host and you may replace script to compromise your security. That's why I'd recommend you to use tools like GnuPG with HidekiBin. This way, even the script is compromised, your content is still safe.
| |
| − | | |
| − | But keep in mind there are a lot of other ways way worse and less obvious things that malicious parties can do to compromise your security, such as key logger, screen captures and other data on your computer. Use of HidekiBin won't help you protect against such attacks.
| |
| − | | |
| − | If you are in doubt, I invite you to attempt to verify [http://hidekibin.hidekisaito.com/js/ HidekiBin JavaScript] files with [http://help.hidekisaito.com/hidekibin/jssign signature by myself].
| |
| − | | |
| − | ===What it should not be used for===
| |
| − | | |
| − | As this is mainly being an experimental service, it should not be used for exchanging sensitive information.
| |
| − | | |
| − | There's no claims regarding the integrity of the system. Generally, you shouldn't be putting anything you wouldn't be comfortable writing using other services.
| |
| − | | |
| − | ===Is there any way to delete a paste?===
| |
| − | | |
| − | If you've kept Delete link URL when you created your paste, yes. Otherwise, no.
| |
| − | | |
| − | ===I lost part of my URL and I am getting error when I try to retrieve the text, can you help me recover the content?===
| |
| − | | |
| − | No, I don't even have a way to do that. Essentially this means your paste is practically gone for good.
| |
| − | | |
| − | ===I try to post Burn After Reading message to Facebook and even the first person accessing gets expired message===
| |
| − | Facebook and many other social network visit the URL in question to generate snippet to post on the site. Therefore, by the time intended user visit the paste in question, it is already invalidated at the time you paste your URL on those networks.
| |
| − | | |
| − | In addition, some messaging system like Skype may have the same issue. So no, you can't do "first one to visit..." campaign using HidekiBin. You may want to use short expiry instead.
| |
| − | | |
| − | ===What URL shortener works with HidekiBin?===
| |
| − | Use of URL shortener is not recommended when using HidekiBin. If you use URL shortner, you should remember that key will be stored on shortner service, making it less secure.
| |
| − | | |
| − | Having said that Goo.gl and Bit.ly should work. Other shorterner may work, but I haven't tested them.
| |
| − | | |
| − | ===What can go wrong?===
| |
| − | FAQ at Zerobin project page has some information about security.
| |
| − | | |
| − | If you feel like you need to actually protect your content, consider using tools like GnuPG.
| |
| − | | |
| − | ===Why should I trust you?===
| |
| − | Ugh, if you can't trust me, host your own...
| |
| − | | |
| − | ===How can you prove me no cleartext of my message is not being transmitted.===
| |
| − | Wireshark it, or if you are using Google Chrome, try chrome://net-internals and find out what's being transmitted… You can also see the source of the resulting paste, which would have something like:
| |
| − | | |
| − | <blockquote><tt>[{"data":"{\"iv\":\"aD0sJ8wcVAjmYyZwwXJJ3A==\",\"v\":1,\"iter\":1000,\"ks\":128,\"ts\":64,\"mode\":\"ccm\",\"adata\":\"\",\"cipher\":\"aes\",\"salt\":\"U8KyWrk8V2w=\",\"ct\":\"GE4JCRMNi6HXOfDrePiu3CHLScc=\"}","meta":{"expire_date":1373591794,"postdate":1370999794,"remaining_time":2591933}}]</tt></blockquote>
| |
| − | | |
| − | instead of actual text. (This is visible, as when it is viewed as a source, it won't execute Javascript.)
| |
| − | | |
| − | ===Is there any guarantee that the paste is stored for specified time?===
| |
| − | In short, no. Service may shut down, I might scrape old data in an effort to save some disk space, etc. The service is provided as-is and I do not assume any liabilities arising from your use of this service. Whether that is due to lost data, data breach, and any direct or indirect damages in consequence of using this service.<ref>Because of the way the system works even if a data breach occurs, it is technically very hard for the offender to decrypt the message, but I won't guarantee its safety.</ref>
| |
| − | | |
| − | ===Is it logged?===
| |
| − | I maintain five days worth of logs, and the system derives statistical information about the site. This is mainly to diagnose problems the service may be encountering. If you are in doubt, use Tor or VPN services.
| |
| − | | |
| − | The full URL including key is not logged into the system, so it is mostly difficult (even impossible) for me to access to any of pastes submitted. (Unless, referring site has the full URL.)
| |
| − | | |
| − | After five days, the logs are discarded but some statistical information will remain on the system. (The service provider may keep more log than I do, but the same limitation applies in terms of what information they can get from it.)
| |
| − | | |
| − | ===Why the name of the site is so egotastic?===
| |
| − | Because it was for my own use but decided to open it up for everyone.
| |
| − | | |
| − | ==Error Messages==
| |
| − | * Could not decrypt data (Wrong key ?) - This means your key is not valid.
| |
| − | * Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL ?) - This means your URL does not contain a key. (You may also see if you try to visit URLs generated by referrer.)
| |
| − | * Paste does not exist, has expired or has been deleted. - For some reason the system could not find the paste requested. Either it's deleted, expired, or corrupted somehow
| |
| − | * Please wait 10 seconds between each post. - You need to wait 10 seconds.
| |
| − | * Wrong deletion token. Paste was not deleted. - Perhaps wrong delete URL was presented.
| |
| − | * You are unlucky. Try again. - It is highly unlikely you will see this error, as probability of encountering this error is 50% after 18446744073709551616 pastes are created. Try again if you do see this error.
| |
| − | * Invalid data. - Data presented by user side script is wrong. Either script is compromised, or your browser may be interpreting script wrong. Try with different browser and/or move to different network environment if possible.
| |
| − | * Server error. - Something wrong with server. Try again later.
| |
| − | | |
| − | ==Footnotes==
| |
| − | <references />
| |
| − | | |
| − | [[Category:HidekiBin]]
| |
| − | [[Category:Support Information]]
| |
| − | [[ja:HidekiBinサポート情報]]
| |
