

Show HN: Tweet with encryption - ww520
https://boxuptext.com/tweet

======
ww520
I've just enhanced BoxupText to encrypt a tweet before sending it to Twitter.
This allows tweeting to a selected set of followers, who know the password to
decrypt the tweets.

Encryption is done entirely on the browser to ensure privacy. The following
precautions are taken to minimize the security risks.

\- All web content (html, css, js, images) come from the same server.

\- No download from any 3rd party websites or CDN.

\- Use SSL certificate for all content to prevent code injection along the
way.

\- Encryption and decryption are done on the browser.

\- Nothing is submitted to the server and no input shown to avoid XSS.

\- URL fragment is used for encrypted data which stays on browser.

\- The web pages can be downloaded and run off from the local file system.

\- Have as few dependencies as possible, just: SJCL, Bootstrap (css), and
html5.js.

\- Keep things simple for verification.

Please review the app and code to see if there are any security concerns.
Thanks!

