How can I describe the chain of trust in a self hosted system? I’m sure auditing will help inspire confidence but this isn’t something I can do for the app. Open sourcing is the next best thing to open it up to public review.
How can I describe the chain of trust in a self hosted system? I’m sure auditing will help inspire confidence but this isn’t something I can do for the app. Open sourcing is the next best thing to open it up to public review.
Cool! I haven’t come across this one before. Thanks for pointing me to it.
Browsers, operating system and peers can become compromised.
Ultimately users have to be responsible with how and who they connect to. The app otherwise is only as secure and as restricted as any other website. As a web app there are nice features like being able to inspect network activity and code.
A typical mainstream browser can be considered to have been sufficiently reviewed. But you aren’t limited like you would be if the offering was from an app store.
I’m genuinely curious why neither have a webapp offering. You can avoid the official app stores by providing things like APK, but as a webapp you can avoid the installation step, which seems it might be useful for people who would use briar or simplex.
The way this app works, makes it so “anonymous” chat isn’t possible. With IP’s being shared it isn’t a good idea.
I also have quite an ugly UI compared to those other solutions. This will improve over time. But im sure it’s a barrier to attracting users compared to other chat apps.
I’m not sure about what you’re asking. Maybe it’s about getting started? https://youtu.be/KKpu2rXvqfM?si=iWyTv9PzSpcAnsmr
Matrix is a good implementation and I like how it works. Mine is a work in progress and far from finished. It isn’t ready to replace any app or service. The key detail about my app is that it’s browser based. This has its own limitations with what a webapp can do. I think it makes for a different approach to decentralized chat.
The frontend and the peerjs-server are open source and selfhostable independently. This should address any third party concerns. Perhaps the app can only be considered secure if it’s self hosted?