(Not many will get the joke, but whatever.)
I often say things like this, but usually the idea doesn’t stick with me.
This time was different… I actually did something
I’m not even remotely “done” yet, but I already missed my 1 year anniversary if we include the lurking and I wanted to share something today.
There are tons of contact sharing sites, what’s special about this?
TL;DR I can not read your data. It’s the most private way to share my contact via a url.
The goal of my project was that really only people who scanned your NFC chip can read the data, not me, not the NSA.
Other services like popl try the same, but as people here noticed, if you put a /r at the end of a poplme link, it will show the private data.
That’s their whole privacy mechanism…
Add a /r to Test to see what I mean.
My service only stores AES encrypted data, and the password never reach our servers, all cryptography is done in the browser: I literally CAN NOT read your data.
Only you and people you let scan your chip can read your business card.
The only thing I would be able to log is which static files you downloaded.
The hash part of a url is special, it will never be sent to the server.
If you go to example.org/foo#bar the server will only see example.com/foo.
That’s perfect for security, as we can store a password there!
The data is encrypted in your browser before uploading, and it is decrypted on the phones of people who scan your chip.
Another cool thing about this is the “edit” functionality.
There is no normal password check, instead the secret is the filename where the encrypted data is stored.
That’s placed in the edit link that should be saved when creating the business card.
I like this idea, I should probably encrypt those parts of the link tho.
The server is written pure golang, the frontend in js, no frameworks.
The frontend will be heavily changed tho’, so who knows.
This is work in progress, a proof of concept, as I’m writing this I have a prototype frontent that decrypts the data and builds a ugly business card. I’m currently implementing the backend.
That being said, all the thinking is done, it’s just a lot of coding left to do.
There’s even more work to do in the frontend, as it does basically everything.
Btw, anyone interested in helping? Mainly CSS help needed.
I’d like to show some screenshots, but it’s extremely ugly right now… can’t do that.
I’ll probably host it somewhere SOON™
And lastly, do you have ideas for names?