- 3 Posts
- 7 Comments
1·5 months agoStill not sure what “guarantees” should look like. As a webapp there are some hard limitations on what a website can do on a browser. I guess that needs to be encoded.
I’d like to have all the buzzwords like forward secrecy and post-quantum proof. I don’t know enough to list them all, but keen to see what else I can accommodate. When I say “as secure as possible”, it might be better to interpret that as “aiming for the stars to land on the moon”.
Not sure what it means to “provide some degree of deniability”.
Thanks for the support!
its been compared to simplex before im sure there are some similarities. its important to note that i want to make the app more accessible to users by providing it as a webapp. this allows for things like easier network inspection.
thanks for that. its all sage advice.
im happy to proceed in the public with the apps development. i am generally going for a release-often approach with the code and id like to make decisions public early. as a regular js developer, from a security standpoint id like to aim for as secure as possible.
guarantees?.. not sure what this would look like when presenting this publicly. my app is a webapp and the key pillars for its security seem to be:
- that the browser cryptography functions are not compromised.
- that the peer/device/os is not compromised
there are many p2p chat apps out there. i think mine is most similar to: https://chitchatter.im … but i think its important to note, as a sideproject, i am also trying to be creative with what is possible with browser technology to set it apart from what else is out there. to create something bare-bones would not be attractive to users. one of the first things i did on the project is the security implementation and then built the other details on top.
id like to make it clear that the app is using webrtc which requires IP addresses to be exchanged which could result in IP address being exposed when using the public peerjs-server (hosting your own is an option). this app is explicitly NOT for anonymous communication. it explicitly shares IP addresses and data sent/recieved from peers cannot be moderated. the app is using cryptographically random ID’s for profiles to make sure they are unguessable. you should not post your connection data public. it would undermine its unguessable-ness. this is why i have wording throughout my docs to say you should only connect to peers you trust.
there is also the elephant in the room… the stability of my code. id like to confirm at this early stage, it is not only unstable, but there will be breaking changes. i think its important i mention these details to help users manage expectations of the app. the security implication is that the app is not secure because of this alone.
as for the project vision of how and what it does, i have generally expressed it in my reddit, but i find that the vision is not so clear to grasp, its mainly that all the parts will fit together. that is hard for me to explain and harder for anyone to understand without it working how i envision. its hard to explain: “decentralised p2p chat app on a blockchain with shared AR and filesystem on the browser”. from a security standpoint, as secure as possible with javascript.
yeah. i find its difficult to gain traction from security professionals on this project as an individual. because from the onset it is pointed out that im not a cybersecurity professional (which is true).
when looking a security guidelines from things like OWASP i already notice that there are things like having every PR reviewed and other hoops i have to jump through to make the app secure as defined in those guidelines. i also notice there arent any guidelines for p2p apps and if i proceed with my own interpretation, it would undemine the guide. here is a question on reddit on the matter: https://www.reddit.com/r/CyberSecurityAdvice/comments/1cfywjj/security_guidelines_for_p2p_apps/
your caution is well placed. this app is not ready to replace any existing app or service. it is only provided for demo and testing.
the feedback ive recieved from security professionals is that the project is too complicated to review without a budget (which is understandable). so i think updating the docs is something i will do when i have the protocol and algorithm better defined. (note: i am already planning on breaking changes, but havent found the time to do them.)
it isnt defined well enough to be documented. it is using a combination of the details found in the following links. the project in general, is lacking documentation because it is low prio for me.
thanks for the reply! im actively looking for a way to compare it to simplex chat. i hope you can offer some advice.
here is a prev post about it. i think signal is a good app and works similarly to mine in many ways. but mine is distinct in that its provided as a PWA. the goal is specifically to create a secure chat app on a browser. simple provides all other offerings and perhaps came across feedback like i did that javascript is inherently insecure (to which, this app is my disagreement).
my app works similarly to how to derscribe simplex to work. in my app what you see as a “pod” is basically a chat room. the app doesnt have the group-chat functionality working as expected, but its a work in progress. the following is an attempt to explain how it works. it will work in a way that a room has an id to which users can send messages p2p. this is how it works for regular chat. it works with a slight different that the messages are stored on a blockchain structure. it isnt related to cryptocurrencies or anything. just blockchain as a dastructure. this becomes useful for group chat because it could allow for offlike messaging by something like user A, B and C have a group chat. C goes offline while A and B continue to chat. then A goes offline and C comes online to talk to B. when C connects to B for the second time, the messages from A will be shared and resolved via the blockchain functionality. i make an attempt to explain the benefit of the blockchain structure here. it isnt something i can advocate as an approach. its more something i was trying out and it seems to work better than i thought.
id like to hear more about your approach to distributed moderation. i was trying to investigate something like this and couldnt settle on an approach that would be useful. it would be great to hear your ideas if you want to share.