this post was submitted on 22 Aug 2024
2 points (62.5% liked)

/c/cybersecurity - Cybersecurity News & Discussion

2317 readers
1 users here now

A community for technical news and discussion of cybersecurity and closely related topics.

founded 4 years ago
MODERATORS
[email protected]
2
Roast the security of my app (lemmy.ml)
submitted 7 months ago* (last edited 7 months ago) by [email protected] to c/[email protected]
4 comments fedilink hide all child comments
 

im aiming to make a chat app secure as theorhetically possible as a webapp. for transparency its open source. id like the experience to be as close to possible to a regular chat app. its important to note; there are limitation with p2p and webapps such that messages cant be sent if the peer isnt connected.

to keep this post brief, please take a look at the readme. it has all the information and links.

i dont think its ready to replace any app or service, but id love to get feedback on what you think would make it so you would use it more than once.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 7 months ago (1 children)

If you really want folks to have a go at it, add the phrase "military grade encryption" to the readme. That'll trigger a lot of folks' Google Alerts and you'll get the eyes on your code you're looking for.

[–] [email protected] 2 points 7 months ago (1 children)

Thanks for the tip. WebRTC is using aes-128, I see in my code I'm using RSA. It sounds like a good idea like to create a cascading cypher with aes-256 which seems to be regarded as "military grade" (but it seems there is no official spec definition for this).

[–] [email protected] 1 points 1 week ago (1 children)

"military grade" is just marketing bullshit lol. it makes people regard it as high quality but in reality means basically nothing.

[–] [email protected] 2 points 1 week ago

since the original post, i tried “military grade” in the wording and while i hope it triggered alerts for attention, i generally recieved feedback like yours where it isnt standardized and basically marketing words.

following the feedback ive now rephrased it some something like “industry grade”.