
Show HN: Faceless – Open-source version of Secret - marco1
https://github.com/delight-im/Faceless
======
sarciszewski
I like that you made this open source. I'll reserve criticism for GitHub
issues / pull requests, but overall I applaud your efforts. :D

~~~
marco1
Thank you! That's great, criticism is probably most durable and helpful on
GitHub, anyway :)

------
tabrischen
Interesting concept of pseudonymity.

If your friend only has one or a few friends, there's a pretty good chance
that they'll the identify of the poster.

In generally, I love the call to 'Enjoy openness and kindness'. We can
definitely benefit from more of that :)

~~~
marco1
By the way, to address the problem of guessing your friends' identity: I know
this is a critical point in the system and thus I added something to prevent
that guessing, of course. However, it's a dirty fix, as it may introduce new
issues (but of course that may be improved soon): When address books are
synced with the friend lists in the app, those "friend" connections are always
reciprocal. So even if you have only one single person in your address book,
and you're seeing posts from friends in the app, you don't know if that's the
person in your address book or any of your friends who has started using the
app as well. Someone that you don't want to hear from may add your phone
number to their contacts, but you may block any user inside of the app and
this blocking is persistent.

------
marco1
Author here -- feel free to share your criticism and questions :)

~~~
NoahTheDuke
I can't install it on my Nexus 7 tablet. Maybe because it expects a phone?

~~~
marco1
Exactly. Sorry, should have mentioned that. I wasn't really sure how to handle
this. The problem is that (a) the app is optimized for phones and (b) it has
to ask the user to enter their phone number manually if the device has no
telephony features and (c) it can run on a single device only. I wanted to
prevent users from the confusion that arises when they have the app on their
phone already, install it on their tablet as well and then see that it stops
working on the phone.

------
crystaln
Curious if this takes the same pains with anonymity as Secret itself, where
identities and post associations are, supposedly, opaque even to individual
founders - it takes at least two to reveal the identity behind a post, and
only reveals it for a single post.

~~~
drdaeman
Didn't we learned it the hard way we can't trust _anyone 's_ claims about
their services, unless it's _really_ verifiable?

There are loads of services who claim one thing, but that's either completely
untrue or somehow true but filled with "if"s and "but"s.

Say, Dropbox had claimed they do encrypt everything in a manner they don't
have any way to access to user data, but it occurred they had just lied.

Or, Secret claims they don't send phone numbers and email addresses and says
nothing about names _but_ from reverse engineering their app I found out they
_do_ for whatever reason send contact names - which, for many Google/Gmail
contacts, are the same as email address - and if you use "invite" function
they _do_ send unmangled number/address (the latter's reasonable, but still
it's an exception from the claim and users aren't really warned about it).

~~~
marco1
Exactly, this is why I hope this app can prove beneficial and I hope that any
weaknesses are found by people checking the code. And, of course, the possible
risk factors "lies" and "hidden practices" are off the table for this app. Not
to forget: Services that are valued at $100M need to find a proper business
model. True anonymity/pseudonymity prevents you from pursuing ideas for
potential business models in many cases.

------
Hortinstein
thanks for putting this out here, I will use this as a resource for a project
I was planning on getting started on. I am excited to play around with it.

Do you have any screenshots of the android application you could put on the
github or an imgur link. Thanks!

~~~
marco1
Thanks! On the GitHub page, there is a link to the app in Google Play [1] and
this is where the screenshots can be found. I'm quite sure the app is not
really beautiful (yet), so it was an intentional decision not to put up
screenshots on the GitHub page which would impair the first impression ;)

[1]
[https://play.google.com/store/apps/details?id=im.delight.fac...](https://play.google.com/store/apps/details?id=im.delight.faceless)

~~~
Hortinstein
great one more question, on my rough inspection it looks like the encrypted
text and the key is stored in the same database entry. pardon my lack of
knowledge, but this seems insecure.

Can you explain your decision?

~~~
marco1
There is a server secret that is not stored in the database at all and there
is a message secret (unique per message) that is stored in each message's
database entry. They are combined to the actual key for decryption.

~~~
Hortinstein
oh okay, thank you very much!

------
Lidador
Is this post sponsored by Twilio?

~~~
marco1
No, why do you think so? :) Twilio is actually only a very small part of what
makes the app work. It's used for the verification via SMS only, i.e. usually
once per usage on a device.

------
api
These kinds of startups really aren't tech startups. They're media startups.
It's not about their technology. When Facebook bought WhatsApp they were not
buying technology.

That being said-- trying to replicate such thing is not a bad programming
exercise.

~~~
jmhobbs
Not at all? WhatsApp has a phenomenal engineering team from what I have read.

~~~
api
I didn't say it was bad, just that it wasn't the primary asset that was
acquired. Facebook could easily have built a massively cross platform mobile
chat app in-house.

... and it wasn't the best, either... look up their single hard-coded AES key
for example.

~~~
marco1
Fully agree. Same is true for Poke/Snapchat. And WhatsApp was also using plain
HTTP for a long time.

------
mo
There's no way to "securely encrypt" a phone number.

~~~
marco1
Of course, you can "securely encrypt" things, and it doesn't matter if this is
a phone number. But you're probably referring to the fact that the phone
number is used as an identifier and is thus hashed and not encrypted.
Nevertheless, it makes sense to call it "encryption" when describing the app
to non-tech people and give the technical terms (i.e. hashing) in brackets
etc.

~~~
maineldc
I am not an expert but it seems to me that hashing of phone numbers is
relatively useless here because there is a relatively small search space of
potential phone numbers so I can just brute force check, right?

~~~
marco1
Well, the search space is certainly small and thus brute force becomes much
easier. But I wouldn't really call this "useless". You can, of course, apply
your hashing repeatedly too make brute force slower.

------
gremlinsinc
awesome would like to use this to build an app around organizing protests,
flashmobs, etc...

~~~
marco1
You are free to do so :) It's GPLv3, as noted in the repository.

------
dmbass
The title makes a dubious connection between their valuation and their
technology. I guess that Secret investors are not interested in the technology
but rather the network of users.

~~~
tibbon
I guess it just points out that technology != valuation. However, it also
highlights that what Secret is doing isn't terribly special (nor Twitter, etc)
and that they have a pretty reasonable chance of someone swooping in and
taking over their market (happened with MySpace for example) at some point if
the community becomes bored.

~~~
lhnz
You don't understand how powerful network effects are.

~~~
trhway
network effect works both ways

------
arasmussen
Why PHP? I would argue that in this day and age, that is a bad decision. There
are simply better, lighter weight languages to use that will get you going
faster and cause less problems down the road. Maybe not _you_ personally if
you're a PHP wizard, but certainly the industry in average. I'd recommend you
skate to where the puck is going. :)

~~~
arasmussen
If you downvoted, feel free to share your opinion on why this is wrong. I
could care less about the votes, I want to hear your discussion! Why would you
use PHP?

Here's an excerpt from a Facebook engineer explaining why we still use PHP:
"The reason Facebook hasn't migrated away from PHP is because it has incumbent
inertia (it's what's there) and Facebook's engineers have managed to work
around many of its _flaws_ through a combination of patches at all levels of
the stack and excellent internal discipline via code convention and style -
the _worst attributes_ of the language are avoided and coding style is rigidly
enforced through a fairly tight culture of code review"

~~~
swalkergibson
You answered the question yourself. If someone is a wizard in PHP, then they
should use PHP. People that get caught up in the decision of what language to
use don't ship code. Shipped code > language decision circle jerks.

~~~
SuperKlaus
Exactly! Done > Perfect

