Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
BigBoo23206yHow will you provide the handshake between parties without the server knowing?
Saying a library will handle your crypto doesn't leave me with a lot of confidence. -
kiki353256y@BigBoo messages will be stored in database, but they’ll be encrypted and impossible to decrypt without sender’s password which isn’t stored anywhere except user’s device
-
How about only storing messages locally and throwing them out the DB once they were received?
-
kiki353256y@PrivateGER no, store user messages in IndexedDB and communicate via WebRTC, server will be just account storage / connection broker. Support is pretty decent right now, latest browser supports both WebRTC and IndexedDB
-
By the way, don’t you think that mentioning a very badly secured messenger in the tags isn’t the best idea? 😬
-
kiki353256y@makmm that’s a great thing to have but it’s impossible because of government investigation. There should be absolutely no way of gathering others’ messages
-
kiki353256y@makmm Russian government will capture you and torture you for doing that unless you give them keys
Related Rants
I think I will ship a free open-source messenger with end-to-end encryption soon.
With zero maintenance cost, it’ll be awesome to watch it grow and become popular or remain unknown and become an everlasting portfolio project.
So I created Heroku account with free NodeJS dyno ($0/mo), set up UptimeRobot for it to not fall asleep ($0/mo), plugged in MongoDB (around 700mb for free) and Redis for api rate limiting (30 mb of ram for free, enough if I’m going to purge the whole database each three seconds, and there’ll be only api hit counters), set up GitHub auto deployment.
So, backend will be in nodejs, cryptico will manage private/public keys stuff, express will be responsible for api, I also decided to plug in Helmet and Sqreen, just to be sure.
Actual data will be stored in mongo, rate limit counters – in redis.
Frontend will probably be implemented in React, hosted for free at GitHub pages. I also can attach a custom domain there, let’s see if I can attach it to Freenom garbage.
So, here we go, starting up modern nosql-nodejs-react application completely for free.
If it blasts off, I’m moving to Clojure + Cassandra for backend.
And the last thing. It’ll be end-to-end encrypted. That means if it blasts off, it will probably attract evil russian government. They’ll want me to give him keys. It’ll be impossible, you know. But they doesn’t accept that answer. So if I accidentally stop posting there, please tell my girl that I love her and I’m probably dead or captured
rant
telegram
side project
personal projects
open source
messenger
chat