Pandor — end-to-end encryption of email correspondence



On the topic of the day, when everyone is talking about intercepted correspondence or hacked mailboxes (Deputy Prime Minister Arkady Dvorkovich was the victim of hackers), I want you to imagine Pandor — a decision to protect the contents of email correspondence.

Pandor — there is at the moment as an extension to the Google Chrome browser and works with web based Gmail. The extension adds interface elements to create encrypted messages based on OpenPGP. The main task — to make safe the correspondence as simple as possible for use by end users. With this idea I and my colleague Khalil Bouzidi came to Startup Weekend Monaco — decided to try their hand to create a rough business plan and, of course, a prototype. In fact, during the weekend we were only able to determine clearly what we want to do this. Everything has to be just one-click and users would not have to "agree" on the principle of an encrypted exchange of information. At startup, we made a presentation and videos as we can see the service from the user's point of view. By the decision of the jury, our project received first place.
A high score on the contest was foodusual us to bring the project to life. Within 2 months, we are free from the main work in the project and now has launched the beta version that I propose to evaluate. In parallel with the development, developed a business plan and a package of documents was served on the other competition in Monaco and have already passed the first round (of the 30 projects were selected 11).




Technical side Pandor



The service is built from the extension for the browser and server to exchange public keys. When you install the extension, create a profile on pandor.me, this profile is primarily for the exchange of public keys. At the moment we do not provide great functionality on the site. So let's move on with the main — extension for the browser.

The extension is built of 2 elements:
the
    the
  • Additions to the web interface of Gmail
    • the
  • Page Options


The Gmail interface is supplemented with only 1 button [@], when you click on that a window is created for the letter.



It's almost a classic window Gmail supplemented with information and correspondence will be protected.



Encryption is based on OpenPGP and was based on the library OpenPGPjs. The extension in the browser when you check generate the keys for the user and the browser encrypts the message before sending it. The encryption uses a service pandor.me to get the public keys of recipients, if the recipient does not yet have the profile and keys, the service automatically generates keys and creates the profile and sends an email access to receive them.

What can now extension:
the
    the
  • creation of encrypted correspondence (compose)
    • the
  • encryption of drafts (draft folder)
    • the
  • automatic opening of encrypted content in correspondence (thread)
    • the
  • when replying to an encrypted message is created as an encrypted response (reply)
    • the
  • obtaining the public key from the server


the development Prospects



Certainly the prospects of development, we now look to support other browsers, primarily Firefox, Safari, as it is associated only with the configuration of the Assembly. We are working on different approaches to synchronization keys mode "paranoia" to remove the key from the server and storing only on the user's machine. In the future we are considering encryption as well and attachments.
Perhaps abrowser can tell where we should move?
Article based on information from habrahabr.ru

Комментарии

Отправить комментарий

Популярные сообщения из этого блога

Briefly on how to make your Qt geoservice plugin

Изображение
+ =? The next step after GPS module , became its practical application in my project. Maybe someone this post will be more interesting. First, some source data: Required: the Offline mapping service the Integration with QML Features: the the libosmscout — library providing the OSM data in the wrapper with the friendly API the Qt5Location with dev branch summary of the previous 160 series In Qt since time immemorial was a wonderful beam-process QtMobility and he was so wonderful that he lived, he lived, and bent. Yes, of course, he is still here, and even used my N9 and someone's Blackberry, but the fact that Digia will no longer support this API at all. But in Digia are working not fools, they gradually started to pull the pieces QtMobility in Qt5. One such component is a QtLocation. In Qt 5.3, you can see only a piece QtLocation, QtPositioning which refers to Digia. I must say nice stuff, gave her the NMEA from the local socket, and she'
Далее...

Database replication PostgreSQL-based SymmetricDS

In this article I will tell how to configure database replication for PostgreSQL. For the experiments we use a distribution of Linux CentOS 5.3, although this is not essential. we will use a version of PostgreSQL 8.4.7 and SymmetricDS-2.2.2. What is replication? In fact, it is a mechanism to automatically synchronize the contents of databases running on different servers. As a result of replication of these databases contain absolutely identical data. This is necessary for example in order to provide fault tolerance system (in the case of the fall of the first database server, the work enters the second), or to implement load balancing, different customers can serve different server. For replication you need at least two database servers, so prepare two identical servers with a PostgreSQL database on each. The first is the IP address 10.0.2.20, the second — 10.0.2.21, both gateway 10.0.2.2. You can do a virtual machine like VirtualBox to create two virtual servers and run
Далее...

Yandex.Widget + adjustIFrameHeight + MooTools

Изображение
Many people know about this cool thing Yandex.Widget . To make your widget be easy enough to write server-side widget and connect it to Yandex.Widget via iframe . To control the widget Yandex offers APIs in a JS object widget , particularly with the help of it you can change the height of the frame under dynamic content (adjustIFrameHeight), it allows to get rid of the vertical scroll bar. But this API has a significant drawback — it is written using jQuery , which deprives developers of widgets for MooTools to use the Widget API. Below I will show how quite simple it is possible to bypass the Widget API to control the height of the frame using MooTools on the side of the widget. As we know from the contents of the frame it is impossible to access the object frame itself, if they are on different domains. To bypass this limitation, a proxy Widget API uses an iframe using hash (the content after # in the src of the frame) which provides for the exchange of comma
Далее...