Hacker News new | past | comments | ask | show | jobs | submit login

Great job. Here is what I propose to make it more secure and prevent you from being able to read anyone diary...

I propose that each day a link/token is sent to your email. The link then ask for a password that is handled only with client side javascript and does the encryption of the data before sending it do the server. Look at what Blockhain.info or myetherwallet is doing for client side encryption. Maybe also propose provide all the front end as opensource and provide a way for people to host their own front (a few HTML, JS files where you input the link or token sent to you by email...)






Thank you!

My goal wasn't to create a 100% secure diary. If you need that, you probably should not store your data in the cloud. That's unlikely that I will ever try to make it happen. But even if I would, there're so many ways to screw it over anyway, so I won't ever try to make this promise.

However, I will consider open-sourcing it.

Also see my comment where I addressed the privacy issue: https://news.ycombinator.com/item?id=22045670


Open sourcing it (and allowing to self-host it for personal and private use) would be awesome!



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: