#hosted — Public Fediverse posts

https://www.fogolf.com/1244708/i-hosted-the-ultimate-golf-girl-getaway/ I Hosted the Ultimate Golf Girl Getaway!! #Frisco #Getaway #girl #Golf #GolfGirl #GolfGirlVideos #GolfGirlVlog #GolfGirlYouTube #GolfTravel #GolfTrip #Hosted #Omni #texas #Ultimate

https://www.fogolf.com/1244708/i-hosted-the-ultimate-golf-girl-getaway/ I Hosted the Ultimate Golf Girl Getaway!! #Frisco #Getaway #girl #Golf #GolfGirl #GolfGirlVideos #GolfGirlVlog #GolfGirlYouTube #GolfTravel #GolfTrip #Hosted #Omni #texas #Ultimate

Fox to air new series on King David, hosted by actor Zachary Levi

https://misryoum.com/us/trending-now/fox-to-air-new-series-on-king-david/

The first episode of “David: King of Israel,” a new four-part Fox Nation docudrama, premieres on Thursday, offering a dramatic reenactment of the biblical coming-of-age story of King David that provides relevant lessons in a time of conflict, actor...

#Fox #air #new #series #King #David #hosted #actor #Zachary #Levi #US_News_Hub #misryoum_com

Fox to air new series on King David, hosted by actor Zachary Levi

https://misryoum.com/us/trending-now/fox-to-air-new-series-on-king-david/

The first episode of “David: King of Israel,” a new four-part Fox Nation docudrama, premieres on Thursday, offering a dramatic reenactment of the biblical coming-of-age story of King David that provides relevant lessons in a time of conflict, actor...

#Fox #air #new #series #King #David #hosted #actor #Zachary #Levi #US_News_Hub #misryoum_com

Fox to air new series on King David, hosted by actor Zachary Levi

https://misryoum.com/us/trending-now/fox-to-air-new-series-on-king-david/

The first episode of “David: King of Israel,” a new four-part Fox Nation docudrama, premieres on Thursday, offering a dramatic reenactment of the biblical coming-of-age story of King David that provides relevant lessons in a time of conflict, actor...

#Fox #air #new #series #King #David #hosted #actor #Zachary #Levi #US_News_Hub #misryoum_com

Fox to air new series on King David, hosted by actor Zachary Levi

https://misryoum.com/us/trending-now/fox-to-air-new-series-on-king-david/

The first episode of “David: King of Israel,” a new four-part Fox Nation docudrama, premieres on Thursday, offering a dramatic reenactment of the biblical coming-of-age story of King David that provides relevant lessons in a time of conflict, actor...

#Fox #air #new #series #King #David #hosted #actor #Zachary #Levi #US_News_Hub #misryoum_com

Fox to air new series on King David, hosted by actor Zachary Levi

https://misryoum.com/us/trending-now/fox-to-air-new-series-on-king-david/

The first episode of “David: King of Israel,” a new four-part Fox Nation docudrama, premieres on Thursday, offering a dramatic reenactment of the biblical coming-of-age story of King David that provides relevant lessons in a time of conflict, actor...

#Fox #air #new #series #King #David #hosted #actor #Zachary #Levi #US_News_Hub #misryoum_com

New Zealand, United States critical minerals: Top diplomat heads to Washington, DC for summit, Christopher Luxon brushes off deal talk, China watching https://www.byteseu.com/1766017/ #brushes #China #christopher #critical #DC) #deal #delegation #Diplomat #diplomats #for #heads #hosted #lead #luxon #Marco #Minerals #new #NewZealand #off #Rubio #secretary #state #states #summit #talk #this #to #Top #united #washington #watching #week #will #zealand #zealands

https://www.kpopnsfw.com/196583/cupsleeve-being-hosted-for-the-boston-show/ cupsleeve being hosted for the boston show #Boston #cupsleeve #hosted #show #Twice

𝗦𝗲𝗻𝗱𝘆:

#Email #Newsletter #Hosted #Sendy

https://thewhale.cc/posts/sandy

Sendy is a self hosted email newsletter application that lets you send trackable emails via Amazon Simple Email Service (SES). This makes it possible for you to send authenticated bulk emails at an insanely low price without sacrificing deliverability.

𝗦𝗲𝗻𝗱𝘆:

#Email #Newsletter #Hosted #Sendy

https://thewhale.cc/posts/sandy

Sendy is a self hosted email newsletter application that lets you send trackable emails via Amazon Simple Email Service (SES). This makes it possible for you to send authenticated bulk emails at an insanely low price without sacrificing deliverability.

𝗦𝗲𝗻𝗱𝘆:

#Email #Newsletter #Hosted #Sendy

https://thewhale.cc/posts/sandy

Sendy is a self hosted email newsletter application that lets you send trackable emails via Amazon Simple Email Service (SES). This makes it possible for you to send authenticated bulk emails at an insanely low price without sacrificing deliverability.

**MaiTin:**
"Xem xétützen việc tạo một nền tảng AI tự hostd tựhostd giúp hêtes ẩn mãnh ẩn x運動него nhá phaprintlnn.Basic tính trmarker, làm đc Depuis tựCSS, GitOE,Warum? VZwischenuong thì đ française 0.0000001 wouldn't use, hay cách giân gò Sophisticated hơn? Nếu như nói chuyện, cảm ơn! #AI #selfhosted #privacy #documentation #nghệthôngtin #hosted #bí mật #chứngm佐fi"

*(Dòng 199 ký tự)*

https://www.reddit.com/r/selfhosted/comments/1ofwq2t/is_there_a_need_for_a_selfhosted_ai_knowledge/

Mal eine Frage zu #hosted Storage:

Ich befinde mich aktuell auf der Suche nach einem guten Anbieter für die Familie, da ich die Verwaltung und Updates nicht selber machen möchte. Ich habe mir dabei sowohl #Nextcloud als auch #openCloud angesehen und eigentlich brauche ich nur die Funktionen von openCloud.

Aber gibt es da irgendwelche sinnvollen Hoster?

Ich habe ein paar gefunden, die nehmen dann aber 30€/Monat für unter 1TB. Bei Nextcloud gibt es das für 5€/Monat. Was ist da los?

Mal eine Frage zu #hosted Storage:

Ich befinde mich aktuell auf der Suche nach einem guten Anbieter für die Familie, da ich die Verwaltung und Updates nicht selber machen möchte. Ich habe mir dabei sowohl #Nextcloud als auch #openCloud angesehen und eigentlich brauche ich nur die Funktionen von openCloud.

Aber gibt es da irgendwelche sinnvollen Hoster?

Ich habe ein paar gefunden, die nehmen dann aber 30€/Monat für unter 1TB. Bei Nextcloud gibt es das für 5€/Monat. Was ist da los?

Mal eine Frage zu #hosted Storage:

Ich befinde mich aktuell auf der Suche nach einem guten Anbieter für die Familie, da ich die Verwaltung und Updates nicht selber machen möchte. Ich habe mir dabei sowohl #Nextcloud als auch #openCloud angesehen und eigentlich brauche ich nur die Funktionen von openCloud.

Aber gibt es da irgendwelche sinnvollen Hoster?

Ich habe ein paar gefunden, die nehmen dann aber 30€/Monat für unter 1TB. Bei Nextcloud gibt es das für 5€/Monat. Was ist da los?

Mal eine Frage zu #hosted Storage:

Ich befinde mich aktuell auf der Suche nach einem guten Anbieter für die Familie, da ich die Verwaltung und Updates nicht selber machen möchte. Ich habe mir dabei sowohl #Nextcloud als auch #openCloud angesehen und eigentlich brauche ich nur die Funktionen von openCloud.

Aber gibt es da irgendwelche sinnvollen Hoster?

Ich habe ein paar gefunden, die nehmen dann aber 30€/Monat für unter 1TB. Bei Nextcloud gibt es das für 5€/Monat. Was ist da los?

Mal eine Frage zu #hosted Storage:

Ich befinde mich aktuell auf der Suche nach einem guten Anbieter für die Familie, da ich die Verwaltung und Updates nicht selber machen möchte. Ich habe mir dabei sowohl #Nextcloud als auch #openCloud angesehen und eigentlich brauche ich nur die Funktionen von openCloud.

Aber gibt es da irgendwelche sinnvollen Hoster?

Ich habe ein paar gefunden, die nehmen dann aber 30€/Monat für unter 1TB. Bei Nextcloud gibt es das für 5€/Monat. Was ist da los?

As fascism descends, you are going to need easy to access and use alternatives to Big Tech (aka Fascist Tech).

So maybe bookmark the Chatons collective site initiated by our friends at Framasoft with hosted versions of free-software services for collaborative writing, video conferencing, scheduling appointments, collaborative spreadsheets, file sharing, picture sharing, etc.

https://entraide.chatons.org/en/

#chatons #framasoft #alternatives #SmallTech #BigTech #technoFascism #selfDefense #tools #tech #collaborativeWriting #videoConferencing #scheduling #collaborativeSpreadsheet #fileSharing #pictureSharing #postItBoard #linkShortener #secureTextShraing #hosted #online #web

As fascism descends, you are going to need easy to access and use alternatives to Big Tech (aka Fascist Tech).

So maybe bookmark the Chatons collective site initiated by our friends at Framasoft with hosted versions of free-software services for collaborative writing, video conferencing, scheduling appointments, collaborative spreadsheets, file sharing, picture sharing, etc.

https://entraide.chatons.org/en/

#chatons #framasoft #alternatives #SmallTech #BigTech #technoFascism #selfDefense #tools #tech #collaborativeWriting #videoConferencing #scheduling #collaborativeSpreadsheet #fileSharing #pictureSharing #postItBoard #linkShortener #secureTextShraing #hosted #online #web

As fascism descends, you are going to need easy to access and use alternatives to Big Tech (aka Fascist Tech).

So maybe bookmark the Chatons collective site initiated by our friends at Framasoft with hosted versions of free-software services for collaborative writing, video conferencing, scheduling appointments, collaborative spreadsheets, file sharing, picture sharing, etc.

https://entraide.chatons.org/en/

#chatons #framasoft #alternatives #SmallTech #BigTech #technoFascism #selfDefense #tools #tech #collaborativeWriting #videoConferencing #scheduling #collaborativeSpreadsheet #fileSharing #pictureSharing #postItBoard #linkShortener #secureTextShraing #hosted #online #web

As fascism descends, you are going to need easy to access and use alternatives to Big Tech (aka Fascist Tech).

So maybe bookmark the Chatons collective site initiated by our friends at Framasoft with hosted versions of free-software services for collaborative writing, video conferencing, scheduling appointments, collaborative spreadsheets, file sharing, picture sharing, etc.

https://entraide.chatons.org/en/

#chatons #framasoft #alternatives #SmallTech #BigTech #technoFascism #selfDefense #tools #tech #collaborativeWriting #videoConferencing #scheduling #collaborativeSpreadsheet #fileSharing #pictureSharing #postItBoard #linkShortener #secureTextShraing #hosted #online #web

As fascism descends, you are going to need easy to access and use alternatives to Big Tech (aka Fascist Tech).

So maybe bookmark the Chatons collective site initiated by our friends at Framasoft with hosted versions of free-software services for collaborative writing, video conferencing, scheduling appointments, collaborative spreadsheets, file sharing, picture sharing, etc.

https://entraide.chatons.org/en/

#chatons #framasoft #alternatives #SmallTech #BigTech #technoFascism #selfDefense #tools #tech #collaborativeWriting #videoConferencing #scheduling #collaborativeSpreadsheet #fileSharing #pictureSharing #postItBoard #linkShortener #secureTextShraing #hosted #online #web

Website is hosted on a disposable vape

http://ewaste.fka.wtf/

#HackerNews #Website #is #hosted #on #a #disposable #vape #disposablevape #techinnovation #webhosting #ewaste #quirkytechnology

Website is hosted on a disposable vape

http://ewaste.fka.wtf/

#HackerNews #Website #is #hosted #on #a #disposable #vape #disposablevape #techinnovation #webhosting #ewaste #quirkytechnology

Website is hosted on a disposable vape

http://ewaste.fka.wtf/

#HackerNews #Website #is #hosted #on #a #disposable #vape #disposablevape #techinnovation #webhosting #ewaste #quirkytechnology

Website is hosted on a disposable vape

http://ewaste.fka.wtf/

#HackerNews #Website #is #hosted #on #a #disposable #vape #disposablevape #techinnovation #webhosting #ewaste #quirkytechnology

Website is hosted on a disposable vape

http://ewaste.fka.wtf/

#HackerNews #Website #is #hosted #on #a #disposable #vape #disposablevape #techinnovation #webhosting #ewaste #quirkytechnology

MUW hosts free science and math camp on Columbus campus https://www.byteseu.com/1194637/ #and #CAMP #campus #columbus #county #for #hosted #local #lowndes #M&S #Math) #mississippi #MUW #of #on #Science #state #the #unique #university #w #women

(Même pas foutue d'écrire correctement un hashtag xD) #Self #hosted #Updare #sysadmin

Tu sais que tu va finir au "casse-pipe" quand tu update un outil self hosted mais que t'a pris une procédure dont tu n'a aucun souvenir d'avoir fait ca pour l’instalation initiale.

#Self #hosted #Updare #sysadmin

I had rented a #hosted #RaspberryPi from @beasts on a month by month basis. After just under a month of playing I decided I didn’t want to continue the subscription as I didn’t really have a use for it. I emailed them to cancel the subscription.

I got confirmation the same day, a small credit note (wasn’t expecting that) and an email discussion about what other services I might buy from them.

Read about their simple cancellation policy here

https://www.mythic-beasts.com/blog/2024/10/18/simple-cancellation

I had rented a #hosted #RaspberryPi from @beasts on a month by month basis. After just under a month of playing I decided I didn’t want to continue the subscription as I didn’t really have a use for it. I emailed them to cancel the subscription.

I got confirmation the same day, a small credit note (wasn’t expecting that) and an email discussion about what other services I might buy from them.

Read about their simple cancellation policy here

https://www.mythic-beasts.com/blog/2024/10/18/simple-cancellation

I had rented a #hosted #RaspberryPi from @beasts on a month by month basis. After just under a month of playing I decided I didn’t want to continue the subscription as I didn’t really have a use for it. I emailed them to cancel the subscription.

I got confirmation the same day, a small credit note (wasn’t expecting that) and an email discussion about what other services I might buy from them.

Read about their simple cancellation policy here

https://www.mythic-beasts.com/blog/2024/10/18/simple-cancellation

I had rented a #hosted #RaspberryPi from @beasts on a month by month basis. After just under a month of playing I decided I didn’t want to continue the subscription as I didn’t really have a use for it. I emailed them to cancel the subscription.

I got confirmation the same day, a small credit note (wasn’t expecting that) and an email discussion about what other services I might buy from them.

Read about their simple cancellation policy here

https://www.mythic-beasts.com/blog/2024/10/18/simple-cancellation

I had rented a #hosted #RaspberryPi from @beasts on a month by month basis. After just under a month of playing I decided I didn’t want to continue the subscription as I didn’t really have a use for it. I emailed them to cancel the subscription.

I got confirmation the same day, a small credit note (wasn’t expecting that) and an email discussion about what other services I might buy from them.

Read about their simple cancellation policy here

https://www.mythic-beasts.com/blog/2024/10/18/simple-cancellation

Catch #Episode 8 with special guest Paige from @fedihost tomorrow, April 7 at 1415 Eastern / UTC-4!

#Owncast #livestream https://stream.FiresideFedi.live

#Peertube #VOD https://video.firesidefedi.live

#Castopod #Fedicast #podcast https://audio.firesidefedi.live

#fediverse #fedi #hosting #hosted #people

Catch #Episode 8 with special guest Paige from @fedihost tomorrow, April 7 at 1415 Eastern / UTC-4!

#Owncast #livestream https://stream.FiresideFedi.live

#Peertube #VOD https://video.firesidefedi.live

#Castopod #Fedicast #podcast https://audio.firesidefedi.live

#fediverse #fedi #hosting #hosted #people

Catch #Episode 8 with special guest Paige from @fedihost tomorrow, April 7 at 1415 Eastern / UTC-4!

#Owncast #livestream https://stream.FiresideFedi.live

#Peertube #VOD https://video.firesidefedi.live

#Castopod #Fedicast #podcast https://audio.firesidefedi.live

#fediverse #fedi #hosting #hosted #people

Catch #Episode 8 with special guest Paige from @fedihost tomorrow, April 7 at 1415 Eastern / UTC-4!

#Owncast #livestream https://stream.FiresideFedi.live

#Peertube #VOD https://video.firesidefedi.live

#Castopod #Fedicast #podcast https://audio.firesidefedi.live

#fediverse #fedi #hosting #hosted #people

Catch #Episode 8 with special guest Paige from @fedihost tomorrow, April 7 at 1415 Eastern / UTC-4!

#Owncast #livestream https://stream.FiresideFedi.live

#Peertube #VOD https://video.firesidefedi.live

#Castopod #Fedicast #podcast https://audio.firesidefedi.live

#fediverse #fedi #hosting #hosted #people

For the person who asked, I believe my #instance is #hosted on a #server in #France. I’m just waiting for verification on that. #verified - hosted in France

For the person who asked, I believe my #instance is #hosted on a #server in #France. I’m just waiting for verification on that. #verified - hosted in France

For the person who asked, I believe my #instance is #hosted on a #server in #Portugal. I’m just waiting for verification on that.

For the person who asked, I believe my #instance is #hosted on a #server in #Portugal. I’m just waiting for verification on that.

For the person who asked, I believe my #instance is #hosted on a #server in #Portugal. I’m just waiting for verification on that.

id like to share some details about how my app works so you can discover/give me feedback on my app. id like to have wording in my app to say something like "most secure chat app in the world"... i probably cant do that because it doesnt qualify.

https://github.com/positive-intentions/chat

https://positive-intentions.com/blog/introducing-decentralized-chat

im not an expert on #cyberSecurity. im sure there are many gaps in my knowlege in this domain.

using #javascript, i initially created a fairly basic #chatApp using using #peerjs to create #encrypted #webrtc #connections. this was then easily enhanced by exchanging additional #encryption #keys from #cryptography functions built into browsers (#webcrypto api) to add a redundent layer of encryption. a #diffieHelman key #exchange is done over #webrtc (which can be considered #secure when exchanged over public channels) to create #serverless #p2p #authentication.

- i sometimes recieve feedback like "javascript is inherently insecure". i disagree with this and have #openedSource my #cryptography module. its basically a thin wrapper around vanilla cryptography functions of a #browser (webcrypto api).

- another concern for my kind of app (#PWA) is that the developer may introduce malicious code. this is an important point for which i open sourced the project and give instructions for #selfhosting. selhosting this app has some unique features. unlike many other #selfhosted #projects, this app can be hosted on #githubPages (instructions are provided in the readme). im also working towards having better support for running the index.html directly without a static server.

- to prevent things like browser extensions, the app uses strict #CSP headers to prevent #unauthorised code from running. #selfhosting users should take note of this when setting up their own instance.

- i received feedback the #Signal/#Simplex protocol is great. completely undertsandable and agree, but wonder if im reducing the #complexity by working with #webrtc. while it has its many flaws, i think risks can be reasonable mitigated if the #cryptography functions are implemented correctly. (all data out is #encrypted and all data in is #decrypted on-the-fly)

- the key detail that makes this approach unique, is because as a #webapp, unlike other solutions, users have a choice of using any #device/#os/#browser. while a webapp can have nuanced #vulnerabilities, i think by #openSourcing and providing instructions for #selfhosting and instructions to #build for various #platforms, it can provide a reasonable level of #security.

i think if i stick to the principle of avoiding using any kind of "required" service provider (myself included) and allowing the #frontend and the peerjs-server to be #hosted #independently, im on track for creating a #chatSystem with the "fewest moving parts". i hope you will agree this is true #p2p and i hope i can use this as a step towards true #privacy and #security. #security might be further improved by using a trusted #VPN.

while there are several similar apps out there like mine. i think mine is distinctly a different approach. so its hard to find #bestPractices for the functionalities i want to achieve. in particular #security practices to use when using #p2p technology.

(note: this app is an #unstable, #experiment, #proofOfConcept and not ready to replace any other app or service. It's far from finished and provided for #testing and #demo purposes only. This post is to get #feedback on the progress to determine if i'm going in the right direction for a secure chat app)

id like to share some details about how my app works so you can discover/give me feedback on my app. id like to have wording in my app to say something like "most secure chat app in the world"... i probably cant do that because it doesnt qualify.

https://github.com/positive-intentions/chat

https://positive-intentions.com/blog/introducing-decentralized-chat

im not an expert on #cyberSecurity. im sure there are many gaps in my knowlege in this domain.

using #javascript, i initially created a fairly basic #chatApp using using #peerjs to create #encrypted #webrtc #connections. this was then easily enhanced by exchanging additional #encryption #keys from #cryptography functions built into browsers (#webcrypto api) to add a redundent layer of encryption. a #diffieHelman key #exchange is done over #webrtc (which can be considered #secure when exchanged over public channels) to create #serverless #p2p #authentication.

- i sometimes recieve feedback like "javascript is inherently insecure". i disagree with this and have #openedSource my #cryptography module. its basically a thin wrapper around vanilla cryptography functions of a #browser (webcrypto api).

- another concern for my kind of app (#PWA) is that the developer may introduce malicious code. this is an important point for which i open sourced the project and give instructions for #selfhosting. selhosting this app has some unique features. unlike many other #selfhosted #projects, this app can be hosted on #githubPages (instructions are provided in the readme). im also working towards having better support for running the index.html directly without a static server.

- to prevent things like browser extensions, the app uses strict #CSP headers to prevent #unauthorised code from running. #selfhosting users should take note of this when setting up their own instance.

- i received feedback the #Signal/#Simplex protocol is great. completely undertsandable and agree, but wonder if im reducing the #complexity by working with #webrtc. while it has its many flaws, i think risks can be reasonable mitigated if the #cryptography functions are implemented correctly. (all data out is #encrypted and all data in is #decrypted on-the-fly)

- the key detail that makes this approach unique, is because as a #webapp, unlike other solutions, users have a choice of using any #device/#os/#browser. while a webapp can have nuanced #vulnerabilities, i think by #openSourcing and providing instructions for #selfhosting and instructions to #build for various #platforms, it can provide a reasonable level of #security.

i think if i stick to the principle of avoiding using any kind of "required" service provider (myself included) and allowing the #frontend and the peerjs-server to be #hosted #independently, im on track for creating a #chatSystem with the "fewest moving parts". i hope you will agree this is true #p2p and i hope i can use this as a step towards true #privacy and #security. #security might be further improved by using a trusted #VPN.

while there are several similar apps out there like mine. i think mine is distinctly a different approach. so its hard to find #bestPractices for the functionalities i want to achieve. in particular #security practices to use when using #p2p technology.

(note: this app is an #unstable, #experiment, #proofOfConcept and not ready to replace any other app or service. It's far from finished and provided for #testing and #demo purposes only. This post is to get #feedback on the progress to determine if i'm going in the right direction for a secure chat app)

id like to share some details about how my app works so you can discover/give me feedback on my app. id like to have wording in my app to say something like "most secure chat app in the world"... i probably cant do that because it doesnt qualify.

https://github.com/positive-intentions/chat

https://positive-intentions.com/blog/introducing-decentralized-chat

im not an expert on #cyberSecurity. im sure there are many gaps in my knowlege in this domain.

using #javascript, i initially created a fairly basic #chatApp using using #peerjs to create #encrypted #webrtc #connections. this was then easily enhanced by exchanging additional #encryption #keys from #cryptography functions built into browsers (#webcrypto api) to add a redundent layer of encryption. a #diffieHelman key #exchange is done over #webrtc (which can be considered #secure when exchanged over public channels) to create #serverless #p2p #authentication.

- i sometimes recieve feedback like "javascript is inherently insecure". i disagree with this and have #openedSource my #cryptography module. its basically a thin wrapper around vanilla cryptography functions of a #browser (webcrypto api).

- another concern for my kind of app (#PWA) is that the developer may introduce malicious code. this is an important point for which i open sourced the project and give instructions for #selfhosting. selhosting this app has some unique features. unlike many other #selfhosted #projects, this app can be hosted on #githubPages (instructions are provided in the readme). im also working towards having better support for running the index.html directly without a static server.

- to prevent things like browser extensions, the app uses strict #CSP headers to prevent #unauthorised code from running. #selfhosting users should take note of this when setting up their own instance.

- i received feedback the #Signal/#Simplex protocol is great. completely undertsandable and agree, but wonder if im reducing the #complexity by working with #webrtc. while it has its many flaws, i think risks can be reasonable mitigated if the #cryptography functions are implemented correctly. (all data out is #encrypted and all data in is #decrypted on-the-fly)

- the key detail that makes this approach unique, is because as a #webapp, unlike other solutions, users have a choice of using any #device/#os/#browser. while a webapp can have nuanced #vulnerabilities, i think by #openSourcing and providing instructions for #selfhosting and instructions to #build for various #platforms, it can provide a reasonable level of #security.

i think if i stick to the principle of avoiding using any kind of "required" service provider (myself included) and allowing the #frontend and the peerjs-server to be #hosted #independently, im on track for creating a #chatSystem with the "fewest moving parts". i hope you will agree this is true #p2p and i hope i can use this as a step towards true #privacy and #security. #security might be further improved by using a trusted #VPN.

while there are several similar apps out there like mine. i think mine is distinctly a different approach. so its hard to find #bestPractices for the functionalities i want to achieve. in particular #security practices to use when using #p2p technology.

(note: this app is an #unstable, #experiment, #proofOfConcept and not ready to replace any other app or service. It's far from finished and provided for #testing and #demo purposes only. This post is to get #feedback on the progress to determine if i'm going in the right direction for a secure chat app)

id like to share some details about how my app works so you can discover/give me feedback on my app. id like to have wording in my app to say something like "most secure chat app in the world"... i probably cant do that because it doesnt qualify.

https://github.com/positive-intentions/chat

https://positive-intentions.com/blog/introducing-decentralized-chat

im not an expert on #cyberSecurity. im sure there are many gaps in my knowlege in this domain.

using #javascript, i initially created a fairly basic #chatApp using using #peerjs to create #encrypted #webrtc #connections. this was then easily enhanced by exchanging additional #encryption #keys from #cryptography functions built into browsers (#webcrypto api) to add a redundent layer of encryption. a #diffieHelman key #exchange is done over #webrtc (which can be considered #secure when exchanged over public channels) to create #serverless #p2p #authentication.

- i sometimes recieve feedback like "javascript is inherently insecure". i disagree with this and have #openedSource my #cryptography module. its basically a thin wrapper around vanilla cryptography functions of a #browser (webcrypto api).

- another concern for my kind of app (#PWA) is that the developer may introduce malicious code. this is an important point for which i open sourced the project and give instructions for #selfhosting. selhosting this app has some unique features. unlike many other #selfhosted #projects, this app can be hosted on #githubPages (instructions are provided in the readme). im also working towards having better support for running the index.html directly without a static server.

- to prevent things like browser extensions, the app uses strict #CSP headers to prevent #unauthorised code from running. #selfhosting users should take note of this when setting up their own instance.

- i received feedback the #Signal/#Simplex protocol is great. completely undertsandable and agree, but wonder if im reducing the #complexity by working with #webrtc. while it has its many flaws, i think risks can be reasonable mitigated if the #cryptography functions are implemented correctly. (all data out is #encrypted and all data in is #decrypted on-the-fly)

- the key detail that makes this approach unique, is because as a #webapp, unlike other solutions, users have a choice of using any #device/#os/#browser. while a webapp can have nuanced #vulnerabilities, i think by #openSourcing and providing instructions for #selfhosting and instructions to #build for various #platforms, it can provide a reasonable level of #security.

i think if i stick to the principle of avoiding using any kind of "required" service provider (myself included) and allowing the #frontend and the peerjs-server to be #hosted #independently, im on track for creating a #chatSystem with the "fewest moving parts". i hope you will agree this is true #p2p and i hope i can use this as a step towards true #privacy and #security. #security might be further improved by using a trusted #VPN.

while there are several similar apps out there like mine. i think mine is distinctly a different approach. so its hard to find #bestPractices for the functionalities i want to achieve. in particular #security practices to use when using #p2p technology.

(note: this app is an #unstable, #experiment, #proofOfConcept and not ready to replace any other app or service. It's far from finished and provided for #testing and #demo purposes only. This post is to get #feedback on the progress to determine if i'm going in the right direction for a secure chat app)