A relaxed definition of 'encrypt'



  • Ran
    across this bit of brilliance in an open-source PHP proxy package. 
    Apparently this developer's definition of encryption is a bit more
    relaxed than everyone else's.



    /encrypt***************************************<br>* This function encrypts the page before it is  
    sent out.                                     
    Returns the file as a string, encrypted       
    *
    **********************************************/
    function encrypt( $string )
    {
       for( $i = 0; $i < strlen( $string ) - 1; $i += 2 )
       {
          $temp = $string[$i];
          $string[$i] = $string[$i+1];
          $string[$i+1] = $temp;
       }
       return $string;
    }

                    </div>
                    
                    </div>


  •  What would the point of this even be?  Does it "decrypt" the "page" on the client side?  From the comment, it almost sounds like it's just mangling the "page" (output buffer?) which is just... bizarre...



  • Wow. This guy managed to design an encryption algorithm that is even weaker than ROT13.

    But I'm wondering the same thing as morbiuswilters. What's the point?



  •  As best I can tell, this proxy does the following.

    1.  Fetch the target page's HTML
    2.  'encrypt' the HTML as per the above function
    3. Send a web page to the browser with the 'ecrypted' web page embedded as a JavaScript string along with a function that 'decrypts' the string and displays it via document.write().
    4. Profit!

    Not sure if it's bad form or not to post follow on WTF-ery, but here is the code is all its glory:

    /Page***********************************<br>* Function changes updatedPageData so that the  
    file is encrypted while sending.              
    *
    **********************************************/

    function encryptPage(){
            $data2 = "";
            foreach (split("\n",eregi_replace("\r","",$this->updatedPageData)) as $a){
                $data = $this->encrypt(chop($a));
                $data = str_replace( "\", "\\", $data);
                $data = str_replace( """, "\"", $data);
                $data2 .= "document.write( c("".$data."") );\n";
            }
            $this->updatedPageData = ""
                . "<!-- URL Proxy Server\n"
                . "Javascript by Bob Matcuk\n"
                . "BMatcuk@Users.SourceForge.Net -->\n"
                . "<script language="Javascript">\n"
                . " function c(s){\n"
                . "    var fi = "";\n"
                . "    for( var i = 0; i < s.length-1; i += 2 ){\n"
                . "       fi = fi + s.charAt(i+1) + s.charAt(i);\n"
                . "    }\n"
                . "    if( i < s.length ){\n"
                . "       fi = fi + s.charAt(i);\n"
                . "    }\n"
                . "    fi = fi + "\n";\n"
                . "    return fi;\n"
                . " }\n" . " document.open();\n"
                . $data2
                . " document.close();\n"
                . "</script>\n";
        }



  • rBlialtn!

     



  • @Rootbeer said:

    rBlialtn!

    You win the thread.



  • @lscharen said:

                . "Javascript by Bob Matcuk\n"
                . "BMatcuk@Users.SourceForge.Net -->\n"

    Now we know who to punch.



  • The title reminds me of our "compression" algorithm, where we don't compress the file, but just throw out 90% of it.  "See, it's smaller!"



  • @morbiuswilters said:

    Now we know who to punch.

    For the JavaScript, sure, but what about the PHP?

     

    Edit: Woohoo, over 50 posts in only just over 3 years! I'm on fire!



  • @aihtdikh said:

    @morbiuswilters said:

    Now we know who to punch.

    For the JavaScript, sure, but what about the PHP?

    Do you actually think two people would independently invent this same exact "encryption" "method"?

     

    Seriously, do you?  Because the only thing keeping me from breaking out the liquor right now is the assumption that only one failed brain was involved in the creation of this.



  • @belgariontheking said:

    The title reminds me of our "compression" algorithm, where we don't compress the file, but just throw out 90% of it.  "See, it's smaller!"
    Someone got a patent on a compression method that basically separates the ones from the zeroes and compresses them independently. All the bits do come out on the other end, though some ordering information is lost. The compression ratio is amazing though! And the output of this algorithm is frequently itself compressible!

     (The best part? The patent application even mentions the counting problem that proves the algorithm can't possibly work, but brushes it aside saying something like "but the present invention doesn't aimt to compress every possible pattern, just one of them".)



  • @joelkatz said:

    Someone got a patent on a compression method that basically separates the ones from the zeroes and compresses them independently. All the bits do come out on the other end, though some ordering information is lost. The compression ratio is amazing though! And the output of this algorithm is frequently itself compressible!
    Does it get a special mention in the comp.compression FAQ?



  • @belgariontheking said:

    The title reminds me of our "compression" algorithm, where we don't compress the file, but just throw out 90% of it.  "See, it's smaller!"
     

    Reminds me of the high school programming contest my team entered (we were in 10th grade, if memory serves).  The project we had to complete beforehand was an image compression algorithm; we'd be scored on runtime, compressed size, and final image quality (assuming we used lossy compression).  We opted for run-length encoding on R, G, and B separately, after dropping the least significant two bits of each color.  Unfortunately, we screwed up somewhere and zeroed out every color.

    We got a decent runtime score and a fantastic compression size score, but I don't think a completely black image made the 'quality' cut...

    TRWTF is that we didn't get the worst score.



  • @morbiuswilters said:

    What would the point of this even be?  Does it "decrypt" the "page" on the client side?  From the comment, it almost sounds like it's just mangling the "page" (output buffer?) which is just... bizarre...

    It looks like it'd be a relatively fast way to bypass filtering proxies that block sites based on keywords...



  • @joelkatz said:

    Someone got a patent on a compression method that basically separates the ones from the zeroes and compresses them independently. All the bits do come out on the other end, though some ordering information is lost.
     

    Could be part of a de facto fraud where they try to trick stupid investors into pouring lots of money into "the company that holds a patent on a break-through compression algorithm". I've seen this happening before.



  • @ammoQ said:

    @joelkatz said:

    Someone got a patent on a compression method that basically separates the ones from the zeroes and compresses them independently. All the bits do come out on the other end, though some ordering information is lost.
     

    Could be part of a de facto fraud where they try to trick stupid investors into pouring lots of money into "the company that holds a patent on a break-through compression algorithm". I've seen this happening before.

     

     

    Richard Stallman (the guy that runs Linux) said that was LZW

     




  • @Helix said:

    Richard Stallman (the guy that runs Linux) said that was LZW

    What.  In.  The.  Fuck.



  • @morbiuswilters said:

    @Helix said:

    Richard Stallman (the guy that runs Linux) said that was LZW

    What.  In.  The.  Fuck.

    It’s true. Everyone in the world that claims to be a Linux user is really just Richard Stallman in disguise. You can tell from the smell.



  • @snover said:

    It’s true. Everyone in the world that claims to be a Linux user is really just Richard Stallman in disguise. You can tell from the smell.

     

    LIES!  I shower regularly.

    scratches his unshaven neckbeard



  •  and eats

    Something From His Foot

     



  • @morbiuswilters said:

    @Helix said:

    Richard Stallman (the guy that runs Linux) said that was LZW

    What.  In.  The.  Fuck.

    I'm pretty sure Richard Stallman does run Linux, as do millions of others.



  • @Ilya Ehrenburg said:

    @morbiuswilters said:

    @Helix said:

    Richard Stallman (the guy that runs Linux) said that was LZW

    What.  In.  The.  Fuck.

    I'm pretty sure Richard Stallman does run Linux, as do millions of others.

    You don't think he runs HURD?  Besides, if that's what Helix (the guy that posts comments to TDWTF) meant it's an absurd way to describe RMS.



  • @morbiuswilters said:

    @Ilya Ehrenburg said:

    @morbiuswilters said:

    @Helix said:

    Richard Stallman (the guy that runs Linux) said that was LZW

    What.  In.  The.  Fuck.

    I'm pretty sure Richard Stallman does run Linux, as do millions of others.

    You don't think he runs HURD?

    I think he runs both. I wouldn't even be too surprised if he also ran Windows and BSD.

    Besides, if that's what Helix (the guy that posts comments to TDWTF) meant it's an absurd way to describe RMS.

    Yes. I don't think that's what Helix meant, though.



  • @Ilya Ehrenburg said:

    @morbiuswilters said:
    @Ilya Ehrenburg said:
    @morbiuswilters said:
    @Helix said:
    Richard Stallman (the guy that runs Linux) said that was LZW
    What.  In.  The.  Fuck.
    I'm pretty sure Richard Stallman does run Linux, as do millions of others.
    You don't think he runs HURD?
    I think he runs both. I wouldn't even be too surprised if he also ran Windows and BSD.

    What about ReactOS?



  • @Ilya Ehrenburg said:

    Yes. I don't think that's what Helix meant, though.

    I don't either.  I think he meant "the guy that maintains Linux", which is also wildly inaccurate.  Hence my original reply: there are several interpretations of his bizarre statement, and none are factually correct.



  • @Heron said:

    Reminds me of the high school programming contest my team entered (we were in 10th grade, if memory serves).  The project we had to complete beforehand was an image compression algorithm; we'd be scored on runtime, compressed size, and final image quality (assuming we used lossy compression).  We opted for run-length encoding on R, G, and B separately, after dropping the least significant two bits of each color.  Unfortunately, we screwed up somewhere and zeroed out every color.

    We got a decent runtime score and a fantastic compression size score, but I don't think a completely black image made the 'quality' cut...

    TRWTF is that we didn't get the worst score.

    I found this to be an entertaining little anecdote and appreciate its inclusion in this thread.



  • @Ilya Ehrenburg said:

    I wouldn't even be too surprised if he also ran Windows and BSD.
     

    Doubt it. I remember seeing a video of him at LinuxWorld where he received the "IGD/Linus Torvalds Community Award" where he mentioned that adding an audio track to a video stream can only be done with non-free software, so we couldn't hear him play the recorder. (or something. This was in "RevolutionOS: The Linux Story" at about 1:12:05) So if he's that anal about free software he couldn't use Windows at all!



  • @Zemm said:

    @Ilya Ehrenburg said:

    I wouldn't even be too surprised if he also ran Windows and BSD.
     

    Doubt it. I remember seeing a video of him at LinuxWorld where he received the "IGD/Linus Torvalds Community Award" where he mentioned that adding an audio track to a video stream can only be done with non-free software, so we couldn't hear him play the recorder. (or something. This was in "RevolutionOS: The Linux Story" at about 1:12:05) So if he's that anal about free software he couldn't use Windows at all!

     

     That’s so lame, I also heard he was a pro-paedophile

     

    or is that  pro paedophile

     


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.