zlacker

[return to "The coming war on end-to-end encryption"]
1. cracke+J5[view] [source] 2023-04-21 17:21:24
>>EGreg+(OP)
Nice! I worked on something that seems similar to this (https://redact.ws). Unfortunately there are a lot of challenges with adoption that seem difficult to overcome. One of the big challenges is that most people do not understand the nuances of privacy and encryption, and they aren't willing to jump through hoops to protect their data.
◧◩
2. EGreg+mO[view] [source] 2023-04-21 20:45:22
>>cracke+J5
I like the intent of this! My main question is, how do we know redact.ws won't suddenly serve different Javascript one day, to certain clients, which send unencrypted payloads somewhere?
◧◩◪
3. cracke+7P[view] [source] 2023-04-21 20:48:36
>>EGreg+mO
The redact server is an open source application that runs locally on the client.
◧◩◪◨
4. EGreg+Ee1[view] [source] 2023-04-21 23:07:53
>>cracke+7P
How does a server run on the client? It runs on localhost! Right?

It can show the user their own info back to them in iframes?

◧◩◪◨⬒
5. pcthro+3l1[view] [source] 2023-04-22 00:00:53
>>EGreg+Ee1
I'm not the creator of redact, but it sounds like you're under the impression that the iframe src is redact.ws in which case I'd understand your concern.

My assumption is that the iframe src would be the local redact server, which would keep things as secure as the package the user installed (though there could be compromises at the network level I suppose)

◧◩◪◨⬒⬓
6. cracke+RD9[view] [source] 2023-04-24 21:50:51
>>pcthro+3l1
Exactly. This section on the website should explain it with some more detail: https://redact.ws/how-it-works#client
[go to top]