Skip to main content

Old idea of encrypted, anonymous group chats

Encrypted, Anonymous Group Chats

An owner of the chat connects through multiple VPNs, like NordVPN and SurfShark which are the most popular. Then the owner obtains access to an email provider hosted in a country outside the United States. Once the new email account has been setup and ready to use, the owner shares the login username and login password of that email account with the participants. The idea is to never send/receive any emails, only exchange messages saved as drafts in the email account. The drafts don't get sent/received anywhere. It's also important to note that messages are saved as new drafts without subject-line and recipient-info. Ideally there will be at most two drafts in the account at a time. When the chat is finished the email account is deleted.

Whenever the participants are ready to chat, the participants login to that email account and compose a new email. They will write a message and encrypt it with PGP, then save it as a new draft without subject and without recipient. The draft will be saved in the email account until the owner logins into the account and read the draft.

As soon as the owner retrieved the message the draft is deleted. The owner will compose a response to the message and encrypt it with PGP, then save it as a draft. The owner waits until the participants retrieve the message and delete it.

Do you have a suggestion about how to improve this blog? Let's talk about it. Contact me at DavidBrennerJr@Gmail.com or 720-584-5229.

Comments

Popular posts from this blog

The meaning of time in reinforcement learning

Reinforcement learning (RL) is one of three basic machine learning paradigms, alongside supervised learning and unsupervised learning. Reinforcement learning is concerned with how software agents ought to take actions in an environment in order to maximize the notion of cumulative reward through the process of trial and error. In reinforcement learning an agent starts at an empty state then analyzes the available datasets according to a policy of positive states and negative states. Rather than being explicitly taught as in supervised learning the correct set of actions for performing a task, reinforcement learning uses rewards as signals for positive states and punishments as signals for negative states. The agent obtains the best path to a desirable reward as a cumulation of positive states and negative states. As compared to unsupervised learning, reinforcement learning is different in terms of goals. While the goal in unsupervised learning is to find similarities and differences...

Threat detection of zero-day attacks in Linux with Python

You can investigate suspicious activity that could be a zero-day attack by collecting relevant machine data from your endpoint. You can use the machine data to create your own analysis. Before you start your investigation you will need to determine normal activity on your endpoint. Normal activity is the scope of functionality of the software on your endpoint during periods of low activity and high activity. You will need some kind of software that periodically collects specific machine data from your endpoint like my software developed in Python that's available for free download at https://github.com/davidbrennerjr/server-stats-collector Ingest one or more of the following machine data: General system-wide error messages from /var/log/syslog Auditing logs of application rulesets Auditing logs of security contexts Auditing logs of login attempts from /var/log/auth.log Auditing logs of user management or group manageme...

Web app comparison of async and real-time

Advantages of asynchronous web apps Generic request/response structure Stateless session control Message queue management Token access based on serverside date-time format PostgreSQL paging using token-centric tables and functions Shared pools of resources per customer One-to-many security policies Single domain name with TLS cert over HTTPS Shared bandwidth for uploads/downloads No endpoint/device registration No direct access to server resources Web app aggregation as control panel A/B Testing Advantages of (near) real-time web apps Stateful session control On-demand communication protocols per customer Custom request/response structure per customer Custom date-time formats per customer Endpoint/device registration PostgreSQL paging using static tables and aggregate functions Immediate execution of requests Dedicated pools of resources per customer Dedicated TLS cert over HTTPS per customer Dedicated IP addres...