
Show HN: A Chrome Extention to Right-Click Encrypt and Decrypt - lettergram
https://github.com/lettergram/AnyCrypt
======
zintagon
> Be willing Copy & paste private key into application

I understand this is a prototype.

This is a hard boundary for me to cross when you have already stated it is a
prototype and there are several vulnerabilities. Because of this, I haven't
installed your app to try it out but I did watch the video.

In your video you show two users on a web chat application encrypting their
conversation after typing directly into the site's input control. The chat
site may have been recording the input you typed in. I think Gmail will do
this, for example. How about changing the model so you only type into your
app?

Interesting way to use keybase. Still seems to be a bit too much friction for
the end-user. I would probably accidentally send the message without
encrypting it.

What is your vision of where this could lead? How will you make it easier to
use?

~~~
lettergram
One thing I did to test this, is just using a different private key.

> How about changing the model so you only type into your app?

Indeed this is possible, but a bit more work than I was going for.

> What is your vision of where this could lead?

Honestly, my hope is that this triggers some other ideas and/or someone else
is willing to work with me. Keybase is pretty awesome, and opens up a ton of
options. I personally don't have a ton of bandwidth, and without anyone else
being interested, I'll probably do very little.

> How will you make it easier to use?

Keybase has an API endpoint to export your private key. I requested Keybase to
explain to me how to use it, because when you hit that endpoint you get a
bunch of junk. It turns out only a portion of what is given to you is the
private key, the rest is other data. They wouldn't tell me where to parse.

That being said, I hope they will improve that. When they do, it'll be
possible to just plugin your keybase username & password and you'll be able to
encrypt and decrypt.

~~~
zintagon
> One thing I did to test this, is just using a different private key.

Absolutely. I just don't want to upload another key on keybase and have my
correspondents start sending to a different key for me. I didn't think it was
worth it to download and recreate the scene in your video of just testing to
myself, rather I was thinking about trying it for a week or something.

Are you aware of any similar efforts that I can compare this to?

~~~
lettergram
There's also a keybase chrome extension, but they don't have a decrypt option.

