Every one of these Voat-like sites (afaik) lets admins read your PMs if they want. Not good enough.
Coming soon to SVF: end to end encrytion of PMs using OpenPGP.js.
Because I care about my users.
Coming soon: End to end encryption of PMs
-
SearchVoat
- Posts: 440
- Joined: Wed Dec 23, 2020 2:00 am
- Topic points (SCP): 298
- Reply points (CCP): 795
-
SearchVoat
- Posts: 440
- Joined: Wed Dec 23, 2020 2:00 am
- Topic points (SCP): 298
- Reply points (CCP): 795
-
SearchVoat
- Posts: 440
- Joined: Wed Dec 23, 2020 2:00 am
- Topic points (SCP): 298
- Reply points (CCP): 795
Re: Coming soon: End to end encryption of PMs
Working experimentally.
You can send encrypted messages to anyone who has set up their E2EE. I have, so you can send me a test encrypted message by hitting the Encrypt for SearchVoat button on the PM page.
To set up your E2EE, go to User Control Panel, right-hand tab says End-to-end PM encryption, hit Generate New Keys.
When you receive an encrypted message hit the unlock button to view it.
It's inconvenient to use because the messages are only ever encrypted at the server end, you have to read them one at a time in the browser, decrypting each time. You can't quote them in replies, for example. So, more work needed, just a prototype.
But might be useful for occasional super-secret messages you don't want eavesdropped.
(btw, I don't make a habit of reading PMs. A couple of weeks ago I did read one particular user's PMs because he was causing a lot of trouble here and starting to piss me off. But he's given up now so that's all over and I have better things to do than read other people's mail.)
You can send encrypted messages to anyone who has set up their E2EE. I have, so you can send me a test encrypted message by hitting the Encrypt for SearchVoat button on the PM page.
To set up your E2EE, go to User Control Panel, right-hand tab says End-to-end PM encryption, hit Generate New Keys.
When you receive an encrypted message hit the unlock button to view it.
It's inconvenient to use because the messages are only ever encrypted at the server end, you have to read them one at a time in the browser, decrypting each time. You can't quote them in replies, for example. So, more work needed, just a prototype.
But might be useful for occasional super-secret messages you don't want eavesdropped.
(btw, I don't make a habit of reading PMs. A couple of weeks ago I did read one particular user's PMs because he was causing a lot of trouble here and starting to piss me off. But he's given up now so that's all over and I have better things to do than read other people's mail.)
-
Savesequim
- Posts: 92
- Joined: Sun Jul 31, 2022 2:58 am
- Topic points (SCP): 9
- Reply points (CCP): 6
-
SearchVoat
- Posts: 440
- Joined: Wed Dec 23, 2020 2:00 am
- Topic points (SCP): 298
- Reply points (CCP): 795
Re: Coming soon: End to end encryption of PMs
I didn't know about that but they were doing it the same way I am, storing the private key in browser local storage and the public key on the server, and doing the decrypt in the browserSavesequim wrote: ↑Sun Oct 02, 2022 5:42 am Question, was this once attempted on Voat then abandoned?
https://github.com/realrasengan/voatNacl
-
Savesequim
- Posts: 92
- Joined: Sun Jul 31, 2022 2:58 am
- Topic points (SCP): 9
- Reply points (CCP): 6
Re: Coming soon: End to end encryption of PMs
But different implementation right, openpgp vs saltshaker?SearchVoat wrote: ↑Sun Oct 02, 2022 5:46 amI didn't know about that but they were doing it the same way I am, storing the private key in browser local storage and the public key on the server, and doing the decrypt in the browserSavesequim wrote: ↑Sun Oct 02, 2022 5:42 am Question, was this once attempted on Voat then abandoned?
https://github.com/realrasengan/voatNacl