Security Corner

May 7 2010   2:03AM GMT

Software for Secure Computing: Hivelogic’s Enkoder Form



Posted by: Ken Harthun
Tags:
Email security
Encryption
Software for Secure Computing
spam

Spam email is the primary distribution channel for malicious content, so it behooves us to do everything possible to prevent our email addresses from being harvested by web-crawling robots. Posting your email address on any public-facing web page is almost sure to get you on spammers’ lists, yet most webmasters do just that. What’s one to do? There has to be some secure way to allow visitors to contact you, right?

Enter Hivelogic’s Enkoder Form, a tool that encrypts your email address and converts the result into a self evaluating JavaScript. The browser is able to properly display the address, but an email harvesting robots will find nothing they can use. I tried it out with “foo@fooey.com” just to see what would happen. Here’s what I got:

<script type="text/javascript">
//<![CDATA[
<!--
var x="function f(x){var i,o=\"\",ol=x.length,l=ol;while(x.charCodeAt(l/13)!" +
"=48){try{x+=x;l+=l;}catch(e){}}for(i=l-1;i>=0;i--){o+=x.charAt(i);}return o" +
".substr(0,ol);}f(\")41,\\\"MEOZPO120\\\\@RLt\\\\600\\\\J500\\\\100\\\\600\\" +
"\\310\\\\ ZA>r\\\\t\\\\>38|5;y=:v1:6!q?;n&/\\\"\\\\&n\\\\j330\\\\{ (7+5`530" +
"\\\\bPSX420\\\\@]XYSt\\\\\\\\]Wn\\\\@ZAEJG310\\\\t230\\\\@@VK200\\\\@430\\\\"+
"=6sp~npj`8azv771\\\\ds`j\\\"(f};o nruter};))++y(^)i(tAedoCrahc.x(edoCrahCmo" +
"rf.gnirtS=+o;721=%y;2=*y))y+41(>i(fi{)++i;l<i;0=i(rof;htgnel.x=l,\\\"\\\"=o" +
",i rav{)y,x(f noitcnuf\")"                                                   ;
while(x=eval(x));
//-->
//]]>
</script>

To see it in action, check out http://kenharthun.com/test.html. You can see that it works perfectly.

There are two forms on the site, The Basic Form and The Advanced Form. The Advanced Form can be used to encode anything you want, web pages, plain text, etc. I encoded this paragraph with it and got this result:

<script type="text/javascript">
//<![CDATA[
<!--
var x="function f(x){var i,o=\"\",l=x.length;for(i=l-1;i>=0;i--) {try{o+=x.c" +
"harAt(i);}catch(e){}}return o;}f(\")\\\"function f(x,y){var i,o=\\\"\\\\\\\""+
"\\\\,l=x.length;for(i=0;i<l;i++){if(i<2)y++;y%=127;o+=String.fromCharCode(x" +
".charCodeAt(i)^(y++));}return o;}f(\\\"\\\\gjereld\\\\\\\\177\\\\\\\\\\\"\\" +
"\\z|fdt~}<7B\\\\\\\\177}k\\\\\\\\177;}o{?TVM\\\\\\\03BJTJ[\\\\\\\\tEE\\\\" +
"\\\14YFJ\\\\\\\20B[GQ\\\\\\\31\\\\\\\26cP\\\\\\\\\\\\\\\\\\\\\\\3" +
"2y]NW\\\\\\\\\\\\\\\\`\\\\\\\07-1)e'),i\\\\\\\36#)m\\\\\\\17+&0<011v\\"+
"\\\\\217+7u|\\\\\\\\t6:@ \\\\\\\06\\\\\\\25\\\\\\\05\\\\\\\13\\\\" +
"\\\05\\\\\\\02\\\\\\\14I,\\\\\\\04\\\\\\\36\\\\\\\00N\\\\\\\1" +
"4\\\\\\\21\\\\\\\37R\\\\\\\21\\\\\\\21U\\\\\\\03\\\\\\\04\\\\\\" +
"\35\\\\\\\35Z\\\\\\\17\\\\\\\23]\\\\\\\33nbmga%giq}bbbj.v\\\\\\\\" +
"177d2du{b98P:~r~q{EE\\\\\\\02WLLU\\\\\\\07XHXJK_O_X\\\\\\\21EZ@]\\\\\\"+
"\26^L\\\\\\\31[UX\\\\\\\35YP4a6+-6f5-:?'8wlfkai\\\"\\\\,2)\\\"(f};)lo" +
",0(rtsbus.o nruter};)i(tArahc.x=+o{)--i;0=>i;1-l=i(rof}}{)e(hctac};l=+l;x=+" +
"x{yrt{)67=!)31/l(tAedoCrahc.x(elihw;lo=l,htgnel.x=lo,\\\"\\\"=o,i rav{)x(f " +
"noitcnuf\")"                                                                 ;
while(x=eval(x));
//-->
//]]>
</script>

Again, to see it in action, check out http://kenharthun.com/test2.html.

This isn’t the perfect tool by any means. Bear in mind what the developer has to say.

This tool is only useful for protecting an email address on a web page you’ve designed in HTML. It probably cannot be used when sending email, when posting your address into a web form, or when adding comments to a forum.

Enkoder isn’t the only tool out there by an means, but it’s quick and convenient and you only need to do it one time for each email address you want to use on your websites.

Besides, anyone calling themselves “Secret Space Agency” gets my patronage any day.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: