This release switches the used encryption and compression libraries and addresses several problems with mangled URLs and pastes.
We fixed several issues in this release. We now tell Chrome not to send the whole page, including the decrypted text, to it's translation services. Thanks to the use of blob instead of data URI's, Chrome can now deal with attachments larger then 2 MiB. The raw text mode escapes HTML correctly again (a regression introduced in 1.2). PrivateBin can now handle URLs mangled by Facebook.
Translations for Czech has been added since the last release.
We threat modeled the application in preparation for the changes in the API, JSON format and encryption.
The change to WebCrypto API means that the cryptographic functions are now handled by the browser integrated libraries instead of code that has to be transferred from the webserver to the client. While this can't prevent a malicious party to inject logic to extract the key or decrypted contents, it does increase the trust users can have in the cryptographic functionality of PrivateBin as well as speed up both initial page load as well as the en/decryption itself.
Server operators now have an additional configuration option that lets them disable compression. While the compression before encryption reduces the size of most text, source code, markdown pastes and text comments drastically, when having file upload enabled and mostly using an instance to share already compressed files (office documents, PNG or JPG images, etc.) this slows down the creation of the pastes unnecessarily and without gain. Furthermore some security minded administrators may wish to disable compression to avoid potential security risks that would make brute forcing keys easier for shorter, compressed pastes.
As usual we have also upgraded all used libraries to their latest releases. The identicon library now requires PHP 5.5, so this is the new minimum required PHP version.
Finally the newly used JSON format and API was taken as an opportunity to implement some, otherwise breaking, changes like the use of base58 for the hash key encoding instead of base64, which addresses the Outlook mail client stripping trailing equal signs from URLs. The number of iterations in the PBKDF2 key derivation got increased from 10k to 100k to make it more costly to brute force the password of a paste. The server now uses Fowler–Noll–Vo checksums instead of md5 to generate unique paste IDs.
Benefits of switching to the new release
Due to some rather annoying bugs in the raw paste view and with URLs mangled by Facebook and Outlook, we do recommend an upgrade on instances that are more widely used. While most users never encountered cases where the pastes got mangled in the deflate compression, users that frequently upload office documents and certain source code and compiler outputs would trigger this rather reliably. There are also several improvements that increase the security of the encryption.
We offer a Docker container that includes the recommended secure setup with the non-essential files and data outside of the web servers document root. Note that the latest docker containers use different user IDs then the older ones, so you will have to change the ownership of the attached data volume.
Changes since version 1.2.1
- ADDED: Translation for Czech (#424)
- ADDED: Threat modeled the application (#177)
- ADDED: Made compression configurable (#38)
- CHANGED: Minimum required PHP version is 5.5, due to a change in the identicon library
- CHANGED: Minimum required browser versions are Firefox 54, Chrome 57, Opera 44, Safari 11, Edge 16, due to use of WebCrypto API, async/await, ES6 & WebAssembly features - all Internet Explorer versions are incompatible
- CHANGED: JSON and encryption formats were changed to replace SJCL library by browser integrated WebCrypto API (#28, #74)
- CHANGED: Replaced rawdeflate.js with zlib.wasm to resolve decompression failures and gain compatibility with standard deflate implementations (#193, #260, #328, #434, #440)
- CHANGED: Increase PBKDF2 iterations to 100k (#350)
- CHANGED: Replaced last use of MD5 with Fowler–Noll–Vo checksum which produces the exact length we need for the paste ID (#49)
- CHANGED: Simplified some PHP code & renamed PrivateBin class into Controller, to make MVC pattern use more obvious (#342)
- CHANGED: Upgrading libraries to: identicon 1.2.0, random_compat 2.0.18, jQuery 3.4.1, Showdown 1.9.0, DOMpurify 1.0.11 & kjua 0.6.0
- FIXED: Prevent Chrome from sending content of paste to Google for translation (#378)
- FIXED: To support attachments larger then 2 MiB in newer Chrome versions, we switched to blob instead of data URIs (#432)
- FIXED: Since Outlook strips trailing equal signs in links, the key in URL hash is now base58 encoded, instead of base64 (#377)
- FIXED: Facebooks started injecting parameters into shared URLs for tracking that lead to inaccessible pastes (#396)
- FIXED: Properly escaped HTML in raw text mode (#358)
- FIXED: Made download links better readable in the dark bootstrap theme (#364)
- FIXED: Allow Letsencrypt bot to access on apache servers (#413)
Help wanted & greatly appreciated
Apart from the large tasks that require deeper insight and time, there are also smaller issues were help is wanted, topics open to debate and of course many languages that still remain to be translated. We are also still looking for additional long term maintainers among our frequent issue helpers.
If you are interested in helping with any of these points, we have prepared a development guide including design goals, code structure and tools that should get you started.
Plans for future releases
The next release will focus on user interface improvements.
Appendix A - Browser feature compatibility
|Browser/Feature||async/await||Web Crypto API||WebAssembly||ECMAScript 2015 (ES6)||first version to support all features||Release date|
Except for Internet Explorer, all major browsers support the new features since March to September 2017. Internet Explorer 11 lacks support for WebAssembly (used for zlib compression) and async/await. The WebCrypto API is based on
Promise interfaces and we use
await to avoid having to rewrite large code segments from synchronous function calls to
Promise-based, asynchronous logic. In light of this, we decided to drop support for Internet Explorer, as Windows users that can't install other browsers can use PrivateBin with the Edge browser instead.