A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.
OTHER License
Bot releases are visible (Hide)
Published by elrido about 6 years ago
This release fixes a low entropy key vulnerability in PrivateBin affecting legacy browsers
On 31st of July 2018, @cryptolok reported a cryptographic vulnerability in PrivateBin due to the incorrect use of SJCL when used on very old browsers. When creating a paste using any ZeroBin version or PrivateBin up to and including 1.1.1 on a browser without web crypto API support (Firefox<21, Chrome<15, Safari<5, IE<11) the key may have been generated without sufficient entropy. PrivateBin 1.2 was not affected, because the support for those browser versions got removed in the JS refactoring.
This release re-adds support for those legacy browsers and ensures they generate the key with sufficient entropy. In the next release of PrivateBin we will permanently drop legacy browser support and switch to the web crypto API exclusively. This release ensures that there is at least one release available that supports both legacy browsers and has the entropy issue fixed.
Further details on this is an issue and its implications can be found in our report on the vulnerability. It also describes methods to check if your browser is currently affected by the issue. If it is, please consider updating your browser.
If you are still using PrivateBin version 1.1.1 or ZeroBin, upgrading to this release will ensure that you retain legacy browser support and fix the low entropy key vulnerability in your current version. If you already upgraded to PrivateBin 1.2 and don't need to support these very old browser versions (released before October 2013) then you could consider skipping this release.
As usual, you can download the archive for a manual upgrade and can find more details in the installation instructions.
We also offer a Docker container that includes the recommended secure setup with the non-essential files and data outside of the web servers document root.
Note that this is the first release that is signed with the new signing key (fingerprint: 28CA 7C96 4938 EA5C 1481 D42A E11B 7950 E9E1 83DB
). This key is intended to be used for signing releases from now on.
Published by elrido about 6 years ago
This release adds QR code generation, inline display of video, audio, PDF and new translations to PrivateBin and a large refactoring of the JavaScript code.
A new button lets you generate a QR code of your newly created pastes URL. This allows for easy transfer of a pasted data from one mobile device to another.
When the optional file upload is enabled, uploaded videos, audio files and PDFs are displayed inline, like we did with images, as long as the visitors browser supports it. By default the file and paste upload is limited to a 2 MiB size.
Translations for Spanish, Occitan, Norwegian, Portuguese, Dutch and Hungarian have also been added since the last release.
The main change of this release, and the reason it took us so long since doing the last one, was the large refactoring and cleanup of the JavaScript logic of PrivateBin. The refactoring itself was done in early 2017. In parallel we introced mocha and JSverify running on nodeJS as a property based unit testing framework for the logic (à la QuickCheck). Many months were spent to cover more and more pieces of the logic.
In the end we covered all of the modular parts of the logic (879 of 1273 lines of code for a 69% code coverage), including the encryption wrapper functions for backward compatibility with older paste formats. The UI related parts of the code proved difficult to test, partly because in nodeJS the browsers document object model (DOM) is emulated using the JSdom library, the lack of an actual view port being present (so no scrolling, for example) and also due the event driven nature which contradicts the modular approach of unit testing. For many UI interfaces, large parts of the DOM has to be present, since emitting a single click event may trigger changes in many different parts of the UI. This is a shortcoming of the current structure of the UI logic, which we may need to improve further.
Still, the unit testing found many regressions and some issues that have been in the code for a long time without having been reported. It lays the necessary ground work for the future changes, especially the major changes planned for the encryption format.
Apart from the new QR code feature many new translations were added. All used libraries were upgraded, too. While no security issues were reported for any of these, they address some bugs that didn't affect us directly or improve compatibility with the latests browsers and PHP releases.
A new configuration option name
was introduced for those admins that like to replace the "PrivateBin" moniker in the template with their own site name.
As usual, you can download the archive for a manual upgrade and can find more details in the installation instructions.
We now also offer a Docker container that includes the recommended secure setup with the non-essential files and data outside of the web servers document root. We also started providing additional tools in Docker containers.
img
directoryMore details about the plans for future releases and on how you can help the project achieve them, can be found in the PrivateBin version 1.2 release announcements.
Published by elrido about 7 years ago
This release fixes leakage of configuration and raw pastes that can occur in some setups.
On 29th of September, @pstn reported a medium data leak vulnerability in PrivateBin. If either a) a non-apache webserver is used or b) apache has "AllowOverride" disabled and the installation was not secured by changing the path of sensitive folders, these can be accessed from the outside. This release fixes this by converting these files from INI/JSON to php files, so that they are protected even under those conditions.
Further details on why this is an issue and its implications can be found in our report on the vulnerability. It also describes methods to check if your server is currently affected by the issue.
Even if you are currently using an apache server and are not affected by this issue, we would advise to plan to update soon. Some of the sites affected by this reported that they had changed their webserver setup, inadvertedly becoming affected. You might do the same in the future, too, and forget to check your PrivateBin setups security.
Alternatively consider to securing your installation by changing the path of folders containing sensitive information. We have updated our installation instructions, stressing our security recommendations.
Apart from updating the libraries and the javascript files, make sure that your PHP process can also write to the cfg folder. The next call to your privatebin installation will convert the conf.ini
file into conf.php
. Accessing pastes will convert these, too. Additionally we also are hooking into the purge mechanism to gradually convert pastes that are not frequently accessed.
Note: @rugk has updated his expired pgp key. The fingerprint stayed the same, but you may need to update it.
.php
file extension for configuration and data files, to avoid leaking data in unprotected installations.Published by elrido almost 8 years ago
This release adds Italian and Russian translations to PrivateBin and fixes an XSS and a database issue.
Fortunately the CSP headers introduced in version 1.0 suppressed the XSS issue in modern browsers. But older browsers would still be affected when clicking on the "Raw text" button of a markdown formatted paste containing JavaScript. The issue was introduced with the change in version 1.0 that displays markdown code instead of the rendered HTML in the "raw" mode.
The other fixed issue concerns the automatic purging of outdated pastes, which was introduced in version 1.0. When using the database model instead of the default file based store, pastes set to "never" expire were always purged, too.
If you are using the database model instead of the filesystem one and offer pastes that "never" expire, then you should upgrade or disable the purge by setting the batchsize
to 0 in your configuration.
Apart from fixing the XSS issue, markdown pastes containing HTML code will now be properly displayed in the "raw" mode.
Both of these issues affected only version 1.0. There are of course many more benefits in switching to this release, if you are still using a version of PrivateBin or ZeroBin before 1.0.
When updating please make sure to adjust the cspheader
setting. We recommend you to either comment the setting out in order to use our default recommend CSP header or adjust the header so it matches the new default one (mainly just add the referrer no-referrer;
part).
We wish you a happy new year!
Published by rugk about 8 years ago
This is the first release of PrivateBin after renaming the ZeroBin fork. We decided to use the version number 1.0 for this release as we consider PrivateBin now very mature and feature complete. We recommend everyone to update as this version features many security improvements.
The renaming of ZeroBin to PrivateBin is done to highlight the huge developments (over 500 commits) which have happened since ZeroBin stopped being actively maintained by its original creator Sébastien Sauvage in 2014. By choosing to release version 1.0 we also want to emphasize the many feature changes - according to semantic versioning - and want to show that PrivateBin is now considered mature. Hence a version number smaller than 1.0 just does not seem suitable for PrivateBin anymore.
Make sure your system has some source for cryptographically safe random numbers! Either use PHP 7 or one of the supported fallbacks: libsodium, open_basedir access to /dev/urandom
, mcrypt or com_dotnet. The previous workaround using mt_rand()
was removed, as it leads to unsafe and predictable numbers.
Otherwise, as usual, only the files need to be updated. The tmp
folder for the compiled RainTPL templates can be removed, since we switched to a more lightweight template approach due to RainTPL not being maintained anymore. Have a look at or template documentation to learn how to upgrade your custom template to the new system.
There are some new options in the configuration file. If you are updating from an older ZeroBin install and want to keep existing pastes accessible, make sure to enable the option zerobincompatibility
. Otherwise more secure settings are used which break compatibility with ZeroBin.
As a user of a ZeroBin instance nothing changes. As soon as the server administrator upgrades to PrivateBin, you can continue using it. We took great efforts to ensure that existing pastes are still fully compatible with the current release.
Since version 0.22 we added a Slowene and Chinese translation, an (optional) URL shortener button, a preview tab to help you chose the right format for your content and many other small user interface improvements to make your life a bit more comfortable.
With this release we have improved the security of PrivateBin as we have now addressed most concerns raised in a security audit of the original ZeroBin in 2014.
Furthermore we switched to AES Galois/Counter mode, which is considered a stronger encryption mode then the previously used AES Counter mode with CBC-MAC authentication. The main benefit here is that the authentication (as the pastes/comments are sent over network you want to ensure that your content is not accidentally or maliciously manipulated) is done on the encrypted text instead of the plain text. The potential parallelization of CCM could not be implemented in the single threaded Javascript environment of webbrowsers, anyway.
We also make use of a new browser security feature called Content Security Policy, which prevents XSS attacks in an effective way. It blocks any third party scripts and resources to be executed in the context of the application.
Additionally we started using the new subresource integrity (SRI) browser feature to avoid loading manipulated scripts under man-in-the-middle attacks. Additionally this allows privacy aware users to easily check for manipulated scripts in the source code of the website and to compare them to the hashes of the official PrivateBin release of that version.
To ensure that PrivateBins code is of high quality we added various code quality checkers and subsequently improved the code. These analysers also helped us to find some potential vulnerabilities.
If you have further questions or issues have a look at the new FAQ.
We hope you will enjoy the new PrivateBin!
Published by elrido over 8 years ago
Published by elrido over 8 years ago
This minor release addresses an issue with the database store in version 0.21. If you use the database model please consider updating.
Published by elrido over 8 years ago
[formatter_options]
sectiondefaultformatter
can be set, it defaults to "plaintext". Thesyntaxhighlighting
configuration got deprecated.zerobin.js
got a major refactoring:
Published by elrido over 8 years ago
Published by elrido over 8 years ago
Published by elrido over 8 years ago