• 4 Posts
  • 8 Comments
Joined 5 months ago
cake
Cake day: June 13th, 2024

help-circle



  • thanks for the reply! im actively looking for a way to compare it to simplex chat. i hope you can offer some advice.

    here is a prev post about it. i think signal is a good app and works similarly to mine in many ways. but mine is distinct in that its provided as a PWA. the goal is specifically to create a secure chat app on a browser. simple provides all other offerings and perhaps came across feedback like i did that javascript is inherently insecure (to which, this app is my disagreement).

    my app works similarly to how to derscribe simplex to work. in my app what you see as a “pod” is basically a chat room. the app doesnt have the group-chat functionality working as expected, but its a work in progress. the following is an attempt to explain how it works. it will work in a way that a room has an id to which users can send messages p2p. this is how it works for regular chat. it works with a slight different that the messages are stored on a blockchain structure. it isnt related to cryptocurrencies or anything. just blockchain as a dastructure. this becomes useful for group chat because it could allow for offlike messaging by something like user A, B and C have a group chat. C goes offline while A and B continue to chat. then A goes offline and C comes online to talk to B. when C connects to B for the second time, the messages from A will be shared and resolved via the blockchain functionality. i make an attempt to explain the benefit of the blockchain structure here. it isnt something i can advocate as an approach. its more something i was trying out and it seems to work better than i thought.

    id like to hear more about your approach to distributed moderation. i was trying to investigate something like this and couldnt settle on an approach that would be useful. it would be great to hear your ideas if you want to share.


  • thanks for the info.

    threat agents

    in a p2p system the key components seem to be things like the network, peer, device, os, browser. all those things can be compromised either on yourside or on the peer’s side. its critically important for security that these components are secured to a reasonable degree. threat agents could mean things like device manufacturer, ISP or even someone looking over your shoulder taking notes. not sure how exhaustively to describe threat agents here but these are the components that make up the system and have understandable nuances to thier vulnerabilities.

    HTTPS and an honest server

    this is true but it critically depends on your definition of these. there are many decentralised chat apps out there like matrix. unlike matrix, a selfhosted solution on my app is something that is easier to setup that others because its basically a website on a url. this might lead to less technical people using my app with ease. these are the users that may not be able to distinguish on these security relevent information.

    verify that the JavaScript they’re executing is the correct JavaScript

    the app is a offline-first PWA. its practically works offline. im sure its possible to make it so that fetching new statics can be done explicitly. the app otherwise is already able to do things like startup while offline from the cache (sometime it takes a couple refreshes (a bug for another time)). i prefer for it to take the latest javascript because especially at this early stage, it something im actively working on and fixing. i can imagine if the project isnt abandoned, it would make sense to have certain security assessed version to use.

    compel you to serve malicious JavaScript to specific users

    i think there isnt a way to implement something like this in this app. firstly im taking a hard stance on external javascript. that isnt to say my due-diligence is perfect… thats to be indentified from it being open source. the app doesnt have anything like tra traditional registration system. data is stored locally in browser storage and user ID’s are cryptographically random. if there is concern about seving a different script to certain regions by IP, here is a prev post on the matter. ultimately users have to be responsible with how they use the app. “do not connect to people you dont trust” is the general advice.


  • thanks!

    it’s hard for an app like this to surpass the value that popular apps like signal and WhatsApp

    i agree. i dont think my app can compete with these mainstream apps because there are limitations in what a webapp can do. at this stage in the project, the apps general instability is not good for user experience. i am conceding that my app is not as nice-to-use like many other apps. however, i dont think these other offering can be as secure as mine.

    i often get touted things like the Signal protocol is amazing and great, etc. id like to compare that opinion to the observation in how my todo app demo works. (the work is all experimental work-in-progress and far from finished)

    https://github.com/positive-intentions/p2p/blob/staging/src/stories/TodoDemo.stories.js

    at around line 147 you have something like an API with endpoints between peers. the demo shows a simple functionality for a decentralized todo. this should already be reasonable secure. then consider in the main app. i simply add a few extra endpoints for exchanging keys diffie-helman style. which at this point is relatively trivial to implement. some of the concerns ive heard about doing this with the javascript and webrtc, is leaked IP addresses. a prev post on the matter and i think its better to use the app with a trusted VPN. (note: this app is not intended for anonymous chat this is just to mask the IP address. strangers cannot connect with ungussable ID’s. IDs are also disposable if needed).

    your right about it being my big caveat. i noticed as my app got more complicated, i got further away from being able to describe it as secure/private/encrypted and this seems to be related to the complexity to understand. i would like to make the time to create something like the todo list demo, but a bare minimum chat app. it wont compete with things like whatsapp, signal or simplex, but by virtue of its simplicity it surely must qualify to be something like “the most secure chat app in the world”.

    i find that while i can create what i think is a secure app, education is an important factor. by that i mean for it to be secure, it is nessesary for it to be open source. perhaps it can only be considered secure if you fork it instead of using my hosted version?

    as for the target audience, im currently limiting my communication of the app on things like reddit specifically on relevent subreddits for things like crytpgraphy. im faily new to lemmy. the lemmy community seems to give “better” advice.



  • thanks for that. its all sage advice.

    im happy to proceed in the public with the apps development. i am generally going for a release-often approach with the code and id like to make decisions public early. as a regular js developer, from a security standpoint id like to aim for as secure as possible.

    guarantees?.. not sure what this would look like when presenting this publicly. my app is a webapp and the key pillars for its security seem to be:

    • that the browser cryptography functions are not compromised.
    • that the peer/device/os is not compromised

    there are many p2p chat apps out there. i think mine is most similar to: https://chitchatter.im … but i think its important to note, as a sideproject, i am also trying to be creative with what is possible with browser technology to set it apart from what else is out there. to create something bare-bones would not be attractive to users. one of the first things i did on the project is the security implementation and then built the other details on top.

    id like to make it clear that the app is using webrtc which requires IP addresses to be exchanged which could result in IP address being exposed when using the public peerjs-server (hosting your own is an option). this app is explicitly NOT for anonymous communication. it explicitly shares IP addresses and data sent/recieved from peers cannot be moderated. the app is using cryptographically random ID’s for profiles to make sure they are unguessable. you should not post your connection data public. it would undermine its unguessable-ness. this is why i have wording throughout my docs to say you should only connect to peers you trust.

    there is also the elephant in the room… the stability of my code. id like to confirm at this early stage, it is not only unstable, but there will be breaking changes. i think its important i mention these details to help users manage expectations of the app. the security implication is that the app is not secure because of this alone.

    as for the project vision of how and what it does, i have generally expressed it in my reddit, but i find that the vision is not so clear to grasp, its mainly that all the parts will fit together. that is hard for me to explain and harder for anyone to understand without it working how i envision. its hard to explain: “decentralised p2p chat app on a blockchain with shared AR and filesystem on the browser”. from a security standpoint, as secure as possible with javascript.