I’ve begun to use python as an introduction to programming as a whole, and currently I am trying to simply encrypt a string. I used the functions that the module pickle has used, and I’ve run into a problem.
To show what’s going on, this is my code right next to the output.
It just leaves my variable out in the open! Is this supposed to happen?
(Next time, please post inline code rather than screenshots, to enable copy-pasting. Like this:
```
Code goes here.
```
)
The pickle module is for storing data, not obscuring them, so this is totally expected. What would you like to achieve?
Hi Andrew, and welcome!
Unless you edit your code with Photoshop, please don’t post screenshots
or photos of code 
Screenshots mean that people reading these threads by email don’t see
them, they see this:
and it makes it difficult or impossible for the blind and visually
impaired to contribute. And even those with perfect vision will need to
retype your code in order to run it, possibly introducing new errors.
Instead, copy and paste the relevant text from your code. If you are
using the rich text web interface to post messages, use the </> button
to format it as code so the formatting and indentation isn’t lost.
If you reply by email, you can indent a block of code with four spaces,
or surround it with triple-backticks. (The backticks have to go on a
line on their own.)
```
code block goes here
```
I’m not sure exactly what code you tried to run, but pickle is not for
encrypting or even just obscuring data. It is easy to detect pickled
data and unpickle it, and strings are coded directly as themselves:
>>> import pickle
>>> pickle.dumps({'key': 'value'})
b'\x80\x04\x95\x12\x00\x00\x00\x00\x00\x00\x00}\x94\x8c\x03key\x94\x8c\x05value\x94s.'
What is your intention here? The solution used will be very different
depending on what threat you are trying to defend against:
I need better than industrial-strength encryption to keep my data
secret from the NSA and other spy agencies with the resources of
powerful nation-states;
I just need to somewhat obscure my data from my little brother’s
prying eyes;
or somewhere in between.
But generally speaking, any serious encryption is going to require that
you have a secret key, without which you cannot access the data.
If you just want to obscure the data from prying eyes, without caring
about it actually being secure, you might use compression to mangle the
pickled string. Note that for small pieces of data, the compression
functions can actually expand the string:
>>> import gzip
>>> s = pickle.dumps({'key': 'value'})
>>> gzip.compress(s)
b'\x1f\x8b\x08\x00\x9bh9`\x02\xffk`\x99*\xc4\x00\x01\xb5Sz\x98\xb3S+\xa7\xf4\xb0\x96%\xe6\x94\xa6N)\xd6\x03\x00\xa8\xaa\xa4\x0f\x1d\x00\x00\x00'
If this data contains valuable secrets that people might be seriously
motivated to steal, this level of “encryption” is about as secure as
pig-latin:
omradescay ethay evolutionray artsstay onighttay
It isn’t hard to guess that it is gziped and pickled, and reverse the
process.
Oh, I understand. My apologies, this is the first time I have really used an online forum, let alone one relating to code.
This was just for a very small project I was working on, which was basically a simple personal password keeper. I didn’t expect it to really be too secure, just a method of stopping simple shenanigans from happening. Thank you!