8
I created a blog for my app. Roast my blog.
(positive-intentions.com)
thanks!
thanks for the tip!
can i just copy-paste that into the blog for free? if you want, and if you have github, i could list you as one of the authors.
ive tried hacker news (a prev post). its been mentioned before that its good for technical discussions. to me it seems pretty dry and unappealing to maintain a presence there (similar case for mastodon and discord). im faily new to lemmy and so far seems to yield the "most useful" feedback.
thanks for the tip. i think its to hard to find the balance. im banking on it improving with practice.
i'll try make an update for better intros to articles. i think i go in a bit too technical from the start.
im faily new to blogging. that was added for setting up google ads. can you tell me what you mean by your comment?
Not cool. It's hard enough trying to promote projects like this.
Unless you want to he honeypotted stay away…
I can't be more transparent than open sourcing it with instructions on selfhosting.
I drew the logo on my phone. I'm not an artist.
this app is in javascript... completely different to java. you should ask in something like chatgpt, it'll do a better job at explaining the difference than me.
there may be details you are interested in, but the post is quite large. you can search in that that post about how i plan to deal with syncing between devices. the functionality is not working in the app at the moment.
the data is persisted to browser storage, and unsent messages will be queued up when peers are not connected. similarly, the functionlity is not working at the moment.
peer discovery can be a whole separate discussion. the app provides ways to exchange connection data with links and QR codes. it is important that the user shares this with peers they trust, the ID is otherwise cryptographically random. upon first connection asymetric encryption keys are created and used for every future connection (to prevent impersonation).
Why are only parts opensource?
the part that isnt open source is the aws-cdk repo im using for deploying to S3. the app is otherwise open source and i give the instructions to deploy on your own github-pages if you want.
can you explain more about that licence?
your concerns are well placed. i am not a security expert and the project is not a mature enough for it to have a security professional take a look, so it shouldnt be considered secure or encrypted until someone reputable can verify it.
i open sourced it so i could investigate getting security advice without a budget... but of course its pretty complex to do without a budget. so i'll settle with what feedback i can get.
its open souce but understandably complex to understand.
im using a thin wrapper around browser-based cryptography functions. im using webpack 5 module federation to import that file at runtime.
those functions are used to create a kind-of decentralised authentication as described here: https://positive-intentions.com/docs/research/authentication
the app uses peerjs to send encrypted messages. i have the checkbox only for the user to confirm this is for testing purposes only. it is also worded throughout the docs that users should be responsible for what data they share. the app doesnt need any personal detail to work (ip address - as per requirement of webrtc). im all ears for ideas on a previous post: https://www.reddit.com/r/darknetplan/comments/16qw24o/on_my_decentralized_chat_app_i_want_some_kind_of/
pardon my art skills. i drew it on my phone. i was going for a "whale". a simple logo was enough. i dont expect version 2 to be any better. as for the domain, it was cheap. i would like to do rebranding at some point but i dont know enough to make any time for it.
xoron
joined 3 months ago
thanks!