Privacy

thanks for your questions. i have a few links to share i hope will help answer your questions. but i will also try to answer them here. i think there is much to say, but i will try to keep it brief.

• How is it hosted? What is the network topology? Which Trent must be trusted?

  • https://positive-intentions.com/blog/statics-as-a-chat-app-infrastructure/
  • https://positive-intentions.com/blog/decentralised-architecture/
  • the app is hosted from me on AWS S3. the app is predominantly emphesising on browser-based client-side functionality for things like data storage, webrtc and cryptography.
  • same app is also hosted on github pages to show how users can take more control over their version of the chat app.
  • id like to make more time into investigating resiliancy by having federated modules hosted on multiple cloud providers. (currently its only on s3 and gh-pages)

• Has the cryptography been audited? What are the primitives and protocols used? What kinds of guarantees, aside from basic privacy, are actually established?

  • https://positive-intentions.com/docs/research/threat-model/
  • https://github.com/positive-intentions/cryptography
  • the cryptography is a federated modules as seen above. its intended to be a thin wrapper over the cryptography offering from a typical browsers as described here: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto
  • im actively looking for feedback on the cryptography and would like to have it audited by a professionals. im currently in the process for asking for support from https://www.opentech.fund/labs/security-lab
  • as a sideproject, i dont want to undermine the efforts ive put into it, but i dont know what i can say for what i can guarantee. making the project open source is a big step towards clarity in how it works. at this early stage in development. i expect there will be breaking changes as i make changes and improvements. its important to note this project is a work in progress.

• What happens during a disaster? Am I easy to dox, track, etc.? What bad things happen if somebody takes my phone from me?

  • https://github.com/positive-intentions/chat?tab=readme-ov-file#security-and-privacy-recommendations
  • maybe the threat model i linked previously can help answer that.
  • there is not registration database to hack so nothing traditionally centralized to be hacked. on the website im using google analytics. on the app itself is using nlevel-analytics.
  • a user profile in the context of the app is entirely browser-based and can be removed as simply as clearing site-data on any modern browser.
  • the user profiles can also be exported an imported. this functionality in the app is a bit flaky at the moment but it is intended to be a feature. ive tested it out enough to know its works. i would like to make it more robust.
  • im separately investigating having data encrypted at rest in the browser: https://programming.dev/post/21417459 (this investigation is far from finished, but is something i would like to introduce to this app)

“P2P encrypted” doesn’t sound like actual security

here is a previous post i made on the matter: https://www.reddit.com/r/crypto/comments/1fmoykr/secure_and_private_encrypted_p2p_chat_in

i hope this answers your questions. please feel free to ask more questions for clarity. i will do my best to answer them.