

Private Message. Secure communication, anyone, any device; NSA free. - 1337Coder
https://privatemsg.matthew-dove.com/

======
1337Coder
Last weekend when the NSA news was a big deal, I was angry, I wanted my
privacy back. I use all the standard stuff (like opt-out, Ghostery, etc).
Using https for my emails with Google is great, unless they just send my plain
text data to the NSA on request. So I looked around for a safe way to email.
OMG was it hard. I had to install all kinds of stuff, find out how it works,
and alot of them required the receiver of the message to also have said
software. Yeah, if its that hard, no thanks. So I made this in one weekend.
Alas I didn't have SSL (encryption) on my domain. And it took a week to change
servers, get a dedicated IP and install the SSL. Anyway here it is. Create
your message, send your friend the link to your message however you normally
would, and they (only them) can see the message. No Google saving your data,
and once your message has been viewed its deleted. Nothing for the NSA to even
ask for. I realise the message creator is geared towards web developers,
version two would ideally contain a more friendly text editor.

~~~
geal
From what I see:

* everything is done server side -> trust issues

* no encryption, just indexed by a hash -> that means the messages are not store encrypted on the server

I would recommend people stay away from your solution, and instead use
something like Zerobin:
[http://sebsauvage.net/paste/](http://sebsauvage.net/paste/) It encrypts
everything using SJCL, and if I am worried with the server sending me a
modified version of the JS code, I can still keep the code on my own computer
but use it to send to the server.

~~~
1337Coder
Yes, it is encrypted on the server. That hash is just a key to get your
message. Its not the message itself.

