Is this open source? The JavaScript that encrypts the file (sjcl.js) is minified and I don't feel like spending hours trying to figure out what it does. Is this a JavaScript library that was reused from somewhere?

It's SJCL, a pretty popular JS crypto library.

https://crypto.stanford.edu/sjcl/

Nice! Thanks for this.

Having a file encrpyt to an HTML file is pretty interesting, something I've never considered before. Very portable.

I really like the portability and accessibility of HTML files, especially as very thin local apps.

Here is one of my projects playing with that concept: https://github.com/srpeck/markdowned

Is it me or is the page being served over an unencrypted channel a gaping security hole?

I presume it encrypts on the client side, but whats to stop a man in the middle swapping the javascript so it sends the attacker your files?

Yes thank you, I should have taken care of this sooner.

It now force redirects, hats off to CloudFlare for being free SSL provider.

They should disable the http version.

Encryption password entry in the clear in a dialog!

That should at least be <input type="password">

I think it is on purpose, as you are only asked to type it once. Type the wrong thing, and no way to decrypt the file.