Private Message. Secure communication, anyone, any device; NSA free.
privatemsg.matthew-dove.comLast weekend when the NSA news was a big deal, I was angry, I wanted my privacy back. I use all the standard stuff (like opt-out, Ghostery, etc). Using https for my emails with Google is great, unless they just send my plain text data to the NSA on request. So I looked around for a safe way to email. OMG was it hard. I had to install all kinds of stuff, find out how it works, and alot of them required the receiver of the message to also have said software. Yeah, if its that hard, no thanks. So I made this in one weekend. Alas I didn't have SSL (encryption) on my domain. And it took a week to change servers, get a dedicated IP and install the SSL. Anyway here it is. Create your message, send your friend the link to your message however you normally would, and they (only them) can see the message. No Google saving your data, and once your message has been viewed its deleted. Nothing for the NSA to even ask for. I realise the message creator is geared towards web developers, version two would ideally contain a more friendly text editor.
From what I see:
* everything is done server side -> trust issues
* no encryption, just indexed by a hash -> that means the messages are not store encrypted on the server
I would recommend people stay away from your solution, and instead use something like Zerobin: http://sebsauvage.net/paste/ It encrypts everything using SJCL, and if I am worried with the server sending me a modified version of the JS code, I can still keep the code on my own computer but use it to send to the server.
Yes, it is encrypted on the server. That hash is just a key to get your message. Its not the message itself.