
Show HN: Encrypt and Destroy – Send dead simple encrypted messages on the web - alessiosantocs
https://encrypt-and-destroy.herokuapp.com/
======
DanBC
> Is it safe?

> You bet. We use modern SSL encryption protocol to ensure that your data is
> securely sent to our servers for encryption.

> Plus, your message and password will never be stored into the database.

Here's a list of journalists killed since 1992 to 2010.
[http://www.theguardian.com/news/datablog/2010/jan/11/journal...](http://www.theguardian.com/news/datablog/2010/jan/11/journalists-
killed-list-data)

Here's a list of journalists killed in Russia.
[https://en.wikipedia.org/wiki/List_of_journalists_killed_in_...](https://en.wikipedia.org/wiki/List_of_journalists_killed_in_Russia)

We need to be careful with these numbers, because sometimes a murdered
journalist was not targeted because of their journalism. But still: you
describe your service as safe. Is it something other people should trust their
lives to? Is it something that could withstand a well funded government agency
attack?

------
pizzeys
This is, I assume, a social experiment in seeing whether people will use
encryption products they should stay well away from? :)

------
alessiosantocs
Hey everyone. Thanks for sharing your thoughts!

As of now, the product is in a very very early stage of development and I am
aware that it still needs some fixing and improvements. What you see in the
first page is essentially what I believe this product should aim to be: an
open, anonymous and secure messaging system on the Web.

DanBC: I think a people need a secure and completely anonymous messaging
system like the one I imagine. As of now I wouldn't trust the service myself
because I know a lot can be done to improve security and the architecture
itself needs a lot of work. I believe the only way a product like this can
face the attacks you describe is through the support of the open source
community. A product like this should be free and open for all.

What do you think? Are there similar products you would trust or that you
like? How do we make encryption free and safe - and easy - for everyone to
use?

Thanks again!

~~~
johannsg
I developed somethings similar a while ago for personal use, as I cannot trust
anyone else's version.

The password is randomly chosen, but data is encrypted client side (as well as
server side). I do update the code once in a great while, but ultimately I
don't feel this can become a truly trustworthy product.

You can find the source here:
[https://github.com/johanns/Celox](https://github.com/johanns/Celox)

Live site is here: [https://celox.me](https://celox.me)

Good luck!

~~~
alessiosantocs
Looks way more secure than mine that's for sure. You don't think a product
like this can become a trustworthy product, why? As I see it you trust your
version of it, so if it was a decentralized system it would be a great fit for
you. Plus, if it's written and reviewed by an open source community I think
its value increases even more!

Thanks for sharing your thoughts.

------
brudgers
An interesting idea. Since doing encryption well is so hard, I am curious. How
does it work from a technical perspective?

------
sccxy
Tried to send same message with same password again after reading it.

    
    
      We're sorry, but something went wrong.
    
      If you are the application owner check the logs for more information.

