org-crypt: Secure encrypted message against inadvertent change

org-crypt: Secure encrypted message against inadvertent change

[AW]

I'm using org-crypt. All text below a heading with the tag :crypt: becomes 
encrypted with saving the file and looks like this:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v2

hQEOAxn9DjwjX2oYEAQAgLl/58dss1VVgmRb1rGIaNV2I5P+smcDjhWa5/arTMPE
9wjxHUpU/HSflCwnV5609H3J9ZSVubCpaUbV3Da0jnDUJuljFbSqapRym1PW0hFn
ApfLwze3HTj+A3eODf+p3kbDjFnII9Rfn7lWQ/6OmMrisQbvbsWzS3K/crgqu+cD
/j6m3nDURonKGStv5h7sgaSRuLGzqXvHXEnS+d1ad1ZomgTD4abZNvDYt9Y039FE
xYwRphWSBs+vtQ34resZewCa4s7h5SES5j839vQPWI4VyA4uRrfzYATHnHtoxfwA
RQWzUTeS16FFBxnjqqTXGXqH9go25Ovnl1Np9c2H7veH0lQB/hpwGbUJRnYCx5Nd
UlZ/U+aKQJl3aD+ulgOxJhTQNb9ToXxMpwS3FitsZHVh8OaRBLdgjRVFstWw3NhT
RTQ3Og0+ts34iKW+u+2ock/LqiDYFx4=
=+xma
-----END PGP MESSAGE-----

I really hope this example will not irritate your email software.

My notebook has one of those large touchpads and once in a while I hit it and 
go on with typing, but the cursor shifted to text somewhere else and I'm 
adding letters to a completely different paragraph, before I notice and 
correct it.

Well, this evening I added some letters inadvertently inside a PGP message, 
because the touchpad shifted to cursor to an encrypted paragraph. If I saved 
the file, the encrypted paragraph would have become un-decryptable (I tested 
this: decrypting no longer is possible).

Unfortunately I won't always realise what happened, e.g. if I don't watch 
while dictating into a speech recognition (Dragon Nat. Speak.).
 
And the encrypted parts are not needed often. So the destroyed PGP message 
might make it into my backups and if I try to encrypt it a year later...

Why isn't the text between 

-----BEGIN PGP MESSAGE-----

and

-----END PGP MESSAGE-----

read-only as a default ?

Really, an inadvertent change can destroy valuable information and it i

Re: org-crypt: Secure encrypted message against inadvertent change

[gershman]

If it helps, though aside from the question, all GPG lines (except the last 2) are 64 chars(if memory serves).  A little scripting and decryption should be plausible (possible in reasonable time), especially if chars were only added and not deleted/changed.

On August 23, 2015 2:31:26 PM PDT, AW <alexander.willand@t-online.de> wrote:
>I'm using org-crypt. All text below a heading with the tag :crypt:
>becomes 
>encrypted with saving the file and looks like this:
>
>-----BEGIN PGP MESSAGE-----
>Version: GnuPG v2
>
>hQEOAxn9DjwjX2oYEAQAgLl/58dss1VVgmRb1rGIaNV2I5P+smcDjhWa5/arTMPE
>9wjxHUpU/HSflCwnV5609H3J9ZSVubCpaUbV3Da0jnDUJuljFbSqapRym1PW0hFn
>ApfLwze3HTj+A3eODf+p3kbDjFnII9Rfn7lWQ/6OmMrisQbvbsWzS3K/crgqu+cD
>/j6m3nDURonKGStv5h7sgaSRuLGzqXvHXEnS+d1ad1ZomgTD4abZNvDYt9Y039FE
>xYwRphWSBs+vtQ34resZewCa4s7h5SES5j839vQPWI4VyA4uRrfzYATHnHtoxfwA
>RQWzUTeS16FFBxnjqqTXGXqH9go25Ovnl1Np9c2H7veH0lQB/hpwGbUJRnYCx5Nd
>UlZ/U+aKQJl3aD+ulgOxJhTQNb9ToXxMpwS3FitsZHVh8OaRBLdgjRVFstWw3NhT
>RTQ3Og0+ts34iKW+u+2ock/LqiDYFx4=
>=+xma
>-----END PGP MESSAGE-----
>
>I really hope this example will not irritate your email software.
>
>My notebook has one of those large touchpads and once in a while I hit
>it and 
>go on with typing, but the cursor shifted to text somewhere else and
>I'm 
>adding letters to a completely different paragraph, before I notice and
>
>correct it.
>
>Well, this evening I added some letters inadvertently inside a PGP
>message, 
>because the touchpad shifted to cursor to an encrypted paragraph. If I
>saved 
>the file, the encrypted paragraph would have become un-decryptable (I
>tested 
>this: decrypting no longer is possible).
>
>Unfortunately I won't always realise what happened, e.g. if I don't
>watch 
>while dictating into a speech recognition (Dragon Nat. Speak.).
> 
>And the encrypted parts are not needed often. So the destroyed PGP
>message 
>might make it into my backups and if I try to encrypt it a year
>later...
>
>Why isn't the text between 
>
>-----BEGIN PGP MESSAGE-----
>
>and
>
>-----END PGP MESSAGE-----
>
>read-only as a default ?
>
>Really, an inadvertent change can destroy valuable information and it i

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: org-crypt: Secure encrypted message against inadvertent change

[John Kitchin]

I am not sure if you put the comment on this post:
http://kitchingroup.cheme.cmu.edu/blog/2014/09/13/Make-some-org-sections-read-only/

but it is possible to setup a hook that makes headings read-only. You
could do that for headings tagged crypt, for example.

AW writes:

> I'm using org-crypt. All text below a heading with the tag :crypt: becomes
> encrypted with saving the file and looks like this:
>
> -----BEGIN PGP MESSAGE-----
> Version: GnuPG v2
>
> hQEOAxn9DjwjX2oYEAQAgLl/58dss1VVgmRb1rGIaNV2I5P+smcDjhWa5/arTMPE
> 9wjxHUpU/HSflCwnV5609H3J9ZSVubCpaUbV3Da0jnDUJuljFbSqapRym1PW0hFn
> ApfLwze3HTj+A3eODf+p3kbDjFnII9Rfn7lWQ/6OmMrisQbvbsWzS3K/crgqu+cD
> /j6m3nDURonKGStv5h7sgaSRuLGzqXvHXEnS+d1ad1ZomgTD4abZNvDYt9Y039FE
> xYwRphWSBs+vtQ34resZewCa4s7h5SES5j839vQPWI4VyA4uRrfzYATHnHtoxfwA
> RQWzUTeS16FFBxnjqqTXGXqH9go25Ovnl1Np9c2H7veH0lQB/hpwGbUJRnYCx5Nd
> UlZ/U+aKQJl3aD+ulgOxJhTQNb9ToXxMpwS3FitsZHVh8OaRBLdgjRVFstWw3NhT
> RTQ3Og0+ts34iKW+u+2ock/LqiDYFx4=
> =+xma
> -----END PGP MESSAGE-----
>
> I really hope this example will not irritate your email software.
>
> My notebook has one of those large touchpads and once in a while I hit it and
> go on with typing, but the cursor shifted to text somewhere else and I'm
> adding letters to a completely different paragraph, before I notice and
> correct it.
>
> Well, this evening I added some letters inadvertently inside a PGP message,
> because the touchpad shifted to cursor to an encrypted paragraph. If I saved
> the file, the encrypted paragraph would have become un-decryptable (I tested
> this: decrypting no longer is possible).
>
> Unfortunately I won't always realise what happened, e.g. if I don't watch
> while dictating into a speech recognition (Dragon Nat. Speak.).
>
> And the encrypted parts are not needed often. So the destroyed PGP message
> might make it into my backups and if I try to encrypt it a year later...
>
> Why isn't the text between
>
> -----BEGIN PGP MESSAGE-----
>
> and
>
> -----END PGP MESSAGE-----
>
> read-only as a default ?
>
> Really, an inadvertent change can destroy valuable information and it i

--
Professor John Kitchin
Doherty Hall A207F
Department of Chemical Engineering
Carnegie Mellon University
Pittsburgh, PA 15213
412-268-7803
@johnkitchin
http://kitchingroup.cheme.cmu.edu

Re: org-crypt: Secure encrypted message against inadvertent change

[AW]

Am Sonntag, 23. August 2015, 19:54:51 schrieb John Kitchin:
> I am not sure if you put the comment on this post:
> http://kitchingroup.cheme.cmu.edu/blog/2014/09/13/Make-some-org-sections-rea
> d-only/
> 
> but it is possible to setup a hook that makes headings read-only. You
> could do that for headings tagged crypt, for example.

Dear John,

thank you. I simply changed "read_only" to "crypt" in the functions you 
developed. This functions prevent a change of encrypted text, which I think is 
really an improvment.

===================

(defun org-mark-readonly ()
  (interactive)
  (org-map-entries
   (lambda ()
     (let* ((element (org-element-at-point))
            (begin (org-element-property :begin element))
            (end (org-element-property :end element)))
       (add-text-properties begin (- end 1) '(read-only t))))
   "crypt")
 (message "Made readonly!"))


(defun org-remove-readonly ()
  (interactive)
  (org-map-entries
   (lambda ()
     (let* ((element (org-element-at-point))
            (begin (org-element-property :begin element))
            (end (org-element-property :end element))
            (inhibit-read-only t))
         (remove-text-properties begin (- end 1) '(read-only t))))
     "crypt"))

(add-hook 'org-mode-hook 'org-mark-readonly)


===================

Thus before I can use "org-decrypt-entry" I have to put the cursor under the 
headline with the tag ":crypt:" and call "org-remove-readonly".

I  S U G G E S T  to  put this into org-crypt and change the commands org-
decrypt-entry and org-encrypt-entry: Encrypted text shall be read-only, and 
org-decrypt-entry removes this.

Sorry, I'm a user without knowledge of Lisp, unfortunately I can't do that 
myself. But it would be a valuable improvement of org-crypt.

Regards,

Alexander

> 
> AW writes:
> > I'm using org-crypt. All text below a heading with the tag :crypt: becomes
> > encrypted with saving the file and looks like this:
> > 
> > -----BEGIN PGP MESSAGE-----
> > Version: GnuPG v2
> > 
> > hQEOAxn9DjwjX2oYEAQAgLl/58dss1VVgmRb1rGIaNV2I5P+smcDjhWa5/arTMPE
> > 9wjxHUpU/HSflCwnV5609H3J9ZSVubCpaUbV3Da0jnDUJuljFbSqapRym1PW0hFn
> > ApfLwze3HTj+A3eODf+p3kbDjFnII9Rfn7lWQ/6OmMrisQbvbsWzS3K/crgqu+cD
> > /j6m3nDURonKGStv5h7sgaSRuLGzqXvHXEnS+d1ad1ZomgTD4abZNvDYt9Y039FE
> > xYwRphWSBs+vtQ34resZewCa4s7h5SES5j839vQPWI4VyA4uRrfzYATHnHtoxfwA
> > RQWzUTeS16FFBxnjqqTXGXqH9go25Ovnl1Np9c2H7veH0lQB/hpwGbUJRnYCx5Nd
> > UlZ/U+aKQJl3aD+ulgOxJhTQNb9ToXxMpwS3FitsZHVh8OaRBLdgjRVFstWw3NhT
> > RTQ3Og0+ts34iKW+u+2ock/LqiDYFx4=
> > =+xma
> > -----END PGP MESSAGE-----
> > 
> > I really hope this example will not irritate your email software.
> > 
> > My notebook has one of those large touchpads and once in a while I hit it
> > and go on with typing, but the cursor shifted to text somewhere else and
> > I'm adding letters to a completely different paragraph, before I notice
> > and correct it.
> > 
> > Well, this evening I added some letters inadvertently inside a PGP
> > message,
> > because the touchpad shifted to cursor to an encrypted paragraph. If I
> > saved the file, the encrypted paragraph would have become un-decryptable
> > (I tested this: decrypting no longer is possible).
> > 
> > Unfortunately I won't always realise what happened, e.g. if I don't watch
> > while dictating into a speech recognition (Dragon Nat. Speak.).
> > 
> > And the encrypted parts are not needed often. So the destroyed PGP message
> > might make it into my backups and if I try to encrypt it a year later...
> > 
> > Why isn't the text between
> > 
> > -----BEGIN PGP MESSAGE-----
> > 
> > and
> > 
> > -----END PGP MESSAGE-----
> > 
> > read-only as a default ?
> > 
> > Really, an inadvertent change can destroy valuable information and it i
> 
> --
> Professor John Kitchin
> Doherty Hall A207F
> Department of Chemical Engineering
> Carnegie Mellon University
> Pittsburgh, PA 15213
> 412-268-7803
> @johnkitchin
> http://kitchingroup.cheme.cmu.edu

Re: org-crypt: Secure encrypted message against inadvertent change

[AW]

Am Montag, 24. August 2015, 20:42:01 schrieb AW:
> Am Sonntag, 23. August 2015, 19:54:51 schrieb John Kitchin:
> > I am not sure if you put the comment on this post:
> > http://kitchingroup.cheme.cmu.edu/blog/2014/09/13/Make-some-org-sections-r
> > ea d-only/
> > 
> > but it is possible to setup a hook that makes headings read-only. You
> > could do that for headings tagged crypt, for example.
> 
> Dear John,
> 
> thank you. I simply changed "read_only" to "crypt" in the functions you
> developed. This functions prevent a change of encrypted text, which I think
> is really an improvment.
> 
> ===================
> 
> (defun org-mark-readonly ()
>   (interactive)
>   (org-map-entries
>    (lambda ()
>      (let* ((element (org-element-at-point))
>             (begin (org-element-property :begin element))
>             (end (org-element-property :end element)))
>        (add-text-properties begin (- end 1) '(read-only t))))
>    "crypt")
>  (message "Made readonly!"))
> 
> 
> (defun org-remove-readonly ()
>   (interactive)
>   (org-map-entries
>    (lambda ()
>      (let* ((element (org-element-at-point))
>             (begin (org-element-property :begin element))
>             (end (org-element-property :end element))
>             (inhibit-read-only t))
>          (remove-text-properties begin (- end 1) '(read-only t))))
>      "crypt"))
> 
> (add-hook 'org-mode-hook 'org-mark-readonly)
> 
> 
> ===================
> 
> Thus before I can use "org-decrypt-entry" I have to put the cursor under the
> headline with the tag ":crypt:" and call "org-remove-readonly".
> 
> I  S U G G E S T  to  put this into org-crypt and change the commands org-
> decrypt-entry and org-encrypt-entry: Encrypted text shall be read-only, and
> org-decrypt-entry removes this.
> 
> Sorry, I'm a user without knowledge of Lisp, unfortunately I can't do that
> myself. But it would be a valuable improvement of org-crypt.

I wrote to the person mentioned in org-crypt.el as maintainer and received the 
message that he no longer uses org-mode and no longer maintains org-crypt.el.

What a pity, org-mode is better than ever.

Re: org-crypt: Secure encrypted message against inadvertent change

[Hymie!]

AW <alexander.willand <at> t-online.de> writes:


> Dear John,
> 
> thank you. I simply changed "read_only" to "crypt" in the functions you 
> developed. This functions prevent a change of encrypted text, which I
think is 
> really an improvment.

This is awesome.  But I have a follow-up questions.

This function marks my buffer as "modified".  Is there any way to
automatically have the org-mark-readonly function turn off the modified flag?

This isn't a major problem, just a nicety.

--hymie!



> 
> (defun org-mark-readonly ()
>   (interactive)
>   (org-map-entries
>    (lambda ()
>      (let* ((element (org-element-at-point))
>             (begin (org-element-property :begin element))
>             (end (org-element-property :end element)))
>        (add-text-properties begin (- end 1) '(read-only t))))
>    "crypt")
>  (message "Made readonly!"))

> 
> (add-hook 'org-mode-hook 'org-mark-readonly)