Home arrow JavaScript arrow JavaScript OpenPGP Tool, Node.js 0.6.3 Available
JAVASCRIPT

JavaScript OpenPGP Tool, Node.js 0.6.3 Available


The latest update of Node.js, version 0.6.3, is now available. The new version of the JavaScript-based framework that aids in building highly scalable internet applications comes equipped with some fixes plus enhanced functionality that is highlighted by the addition of Node Package Manager, or NPM.

Author Info:
By: Alejandro Gervasio
Rating: 5 stars5 stars5 stars5 stars5 stars / 6
December 02, 2011

print this article
SEARCH DEVARTICLES

The latest update of Node.js, version 0.6.3, is now available. The new version of the JavaScript-based framework that aids in building highly scalable internet applications comes equipped with some fixes plus enhanced functionality that is highlighted by the addition of Node Package Manager, or NPM.

The integration of NPM into Node.js gives its users a simplified, yet solid avenue for packaging and distributing libraries of code.  NPM has become accepted as the community standard when it comes to Node.js packaging, so its addition is one that is welcome with open arms.  While the NPM addition is a step in the right direction for Node.js, version 0.6.3 does come with some problems of its own, such as the incorrect installation of man pages.  An upcoming 0.6.4 release will supposedly take care of the issue, and it will also include the option to forego installation of NPM to accommodate those using customized versions of the manager.  At the time of this writing, no timetable has been issued regarding a 0.6.4 release date.

Beyond the NPM integration, Node.js 0.6.3 includes a fix to offer support in the native Windows version for paths in excess of 260 characters long.  Issues with paths relative to drives have been corrected as well.  A full list of fixes in version 0.6.3 can be found in the change log.

Node.js is published under a MIT license and can be downloaded from the Node.js website, http://nodejs.org/#download.  Node.js 0.6.3 is available as source code, or in a Windows or Mac version.

For more on this topic, visit http://www.h-online.com/open/news/item/Node-js-0-6-3-integrates-NPM-1386287.html

Recurity Labs Makes Webmail Encryption Easy with New OpenPGP JavaScript Tool

Recurity Labs, a company that specializes in the analysis of systems and software for security vulnerabilities, has just released a tool that simplifies the process of encrypting and decrypting webmail messages.  Dubbed GPG4Browsers, the tool is a JavaScript implementation of the OpenPGP specification that works as an extension with Google Chrome and is capable of serving Gmail users.

Although GPG4Browsers is classified as a prototype by its creators, it does support nearly all of the OpenPGP standard’s hash functions and asymmetric/symmetric ciphers.  OpenPGP encrypts and digitally signs messages and other data through the use of public key cryptography.  It’s primarily used to secure email messages and is based on the program that is commonly referred to as PGP, or Pretty Good Privacy.

GPG4Browsers’ main appeal comes from the fact that it is browser-based.  By running inside the browser, it eliminates the need for any installed software or a dedicated email client.  Normally, the setup required to get a PGP variant to function with a specific email client in a local computer environment is cumbersome.  Not only does it require some technical knowledge, but it involves installing the system on the actual computer, importing private and public keys into the keyring, or local database, as well as configuring the email client.  GPG4Browsers simplifies the entire process by handling the technical aspects and making it portable.

While GPG4Browsers does offer several advantages, it is still in its infancy stage, and does come with some limitations.  At this time, the release will not generate private keys, but such functionality is expected to be included with future releases, as there is a dedicated menu for the task.  Public and private keys can be imported without any trouble, however.  When using Gmail, a lock icon that is black in color will appear in the address bar.  Clicking on the lock activates a dialog where a user can compose an encrypted or digitally signed message.  If an encrypted message arrives in Gmail, a notification is displayed that asks if the user wants to open the message using GPG4Browsers.  As long as data compression is not used, GPG4Browsers can decrypt messages singed with GNU Privacy Guard, or GnuPG, which is a highly-used open source PGP implementation.

Another limitation of using an OpenPGP JavaScript implementation such as GPG4Browsers was explained by the tool’s developers: “Since memory-wipe of private data and validation of a secure execution environment cannot be achieved in JavaScript this implementation should not be used in environments where the confidentiality and integrity of the transmitted data is important.”

Keeping that in mind, the use of GPG4Browsers should be avoided on computers that are deemed vulnerable or infected with malware.  Users can boot from a live Linux CD or another read-only environment, however, as a workaround.

GPG4Browsers’ functionality is currently limited to Google Chrome.  Whether or not it will work with other browsers in the future remains to be seen.  Downloading the tool must be done manually via Chrome, and it must be installed as an unpacked extension. 

To download the tool, click on the small wrench icon in the top left-hand corner of the Chrome browser.  Select Tools followed by Extensions.  Check the box next to Developer Mode and click the Load unpacked extension button.  Select the source code folder containing the manifest file, and select the Allow in incognito option.  Additional details can be found at the official GPG4Browsers page, http://gpg4browsers.recurity.com/.

For more on this topic, visit http://news.techworld.com/applications/3320031/openpgp-javascript-tool-allows-webmail-encryption/


DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

All JavaScript Tutorials
More By Alejandro Gervasio


blog comments powered by Disqus
JAVASCRIPT ARTICLES

- Project Nashorn to Make Java, JavaScript Wor...
- JavaScript Virus Attacks Tumblr Blogs
- Google Releases Stable Dart Version, JavaScr...
- Khan Academy Unveils New JavaScript Learning...
- Accessing Nitro? There`s an App for That
- JQuery 2.0 Leaving Older IE Versions Behind
- Fastest JavaScript Engine Might Surprise You
- Microsoft Adjusting Chakra for IE 10
- Brendan Eich: We Don`t Need Google Native Cl...
- An Overview of JavaScript Statements
- An Overview of JavaScript Operators
- Overview of JavaScript Variables
- More of the Top jQuery Social Plugins
- The Top jQuery Social Plugins
- More of the Top jQuery Slider Plugins

Watch our Tech Videos 
Dev Articles Forums 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Weekly Newsletter
 
Developer Updates  
Free Website Content 
Contact Us 
Site Map 
Privacy Policy 
Support 

Developer Shed Affiliates

 




© 2003-2017 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap
Popular Web Development Topics
All Web Development Tutorials