My crypto knowledge is not really up to snuff but doesn't this not use any real end-to-end crypto when it easily could? SSL, AES, and blowfish could all be MITM'd, right?
I'm not sure how much better you can do with a webapp. Either you trust them to encrypt your messages on the server or you trust them to send you JavaScript that does the encryption in the browser. Either way you need to trust the app provider. SSL should ensure it is not MITMed before it gets to their server.
UX needs work. Literally have no idea what's happening after I "log in". Description sounds like chat roulette bu the reality is being unable to talk to anyone.
Another fish-name gone. For those in need of a name for their next product, I asked my corporate name generator oracle (written in bash, no less!) to cough up a few:
Just imagine your next website, showing nothing but a large screen-blanketing image of carefree happy coffee consumers, a pulsating 'scroll down' button and your GrubbyDonkey logo. The VC's will be chomping at the doorhandle, trust me.
At least today you still have to trust the JavaScript the server sends you.
I have heard talk in the past about adding code signing to browsers. Combined with open-source code and a security audit this could potentially offer something approaching the security of a traditional application.
Honestly, don't really understand the use case here. What is the benefit that something like HN doesn't already provide? Everyone on HN knows my handle is thrush, so can comment at me, or dm me using any contact info I've provided. On anonyfish, I can't even use the service unless I have someone in mind. In fact, the only names I have to contact are the ones provided in this thread, and it's a pretty short list.
- angersock
- CaptainBananaPants
EDIT:
Omegle (http://www.omegle.com/) seems way better. Allows anonymity (or so it claims), can match people based on interests, and can even match people in the same university based on their .edu email address.
[+] [-] homakov|12 years ago|reply
http://homakov.github.io/#{"url":"https://anonyfish.com/api/...
also why not it snap-chat style and remove messages after 10 s?
[+] [-] angersock|12 years ago|reply
[+] [-] boklm|12 years ago|reply
Using a key that is stored in the same database ? How is that useful ?
> IPs and logs aren't stored.
Except when they decide they want to keep logs.
[+] [-] jabgrabdthrow|12 years ago|reply
[+] [-] spikels|12 years ago|reply
[+] [-] slashdotaccount|12 years ago|reply
[+] [-] geuis|12 years ago|reply
[+] [-] Yetanfou|12 years ago|reply
UnsteadyWhale WorthwhileMonkey WealthyLizard VerifiableMonkey PerkyWeasel DarlingCow Wide-eyedFrog FrighteningHippo OddMoose ReasonableWhale GrubbyDonkey
Just imagine your next website, showing nothing but a large screen-blanketing image of carefree happy coffee consumers, a pulsating 'scroll down' button and your GrubbyDonkey logo. The VC's will be chomping at the doorhandle, trust me.
[+] [-] natch|12 years ago|reply
https://github.com/bitwiseshiftleft/sjcl
I'm not saying that's going to plug all holes but maybe it can be one piece.
[+] [-] spikels|12 years ago|reply
I have heard talk in the past about adding code signing to browsers. Combined with open-source code and a security audit this could potentially offer something approaching the security of a traditional application.
[+] [-] thrush|12 years ago|reply
Honestly, don't really understand the use case here. What is the benefit that something like HN doesn't already provide? Everyone on HN knows my handle is thrush, so can comment at me, or dm me using any contact info I've provided. On anonyfish, I can't even use the service unless I have someone in mind. In fact, the only names I have to contact are the ones provided in this thread, and it's a pretty short list.
EDIT:Omegle (http://www.omegle.com/) seems way better. Allows anonymity (or so it claims), can match people based on interests, and can even match people in the same university based on their .edu email address.
[+] [-] angersock|12 years ago|reply
:(
Edit:
Back as me, angersock. Message me if you're feeling like a chat now in the wee hours of the morning.
EDIT2:
Man, I really wish we could have this update in real time... :|
EDIT3:
So far, two people with racist names, one person quoting batman. I'm not impressed so far with the level of discourse.
EDIT4:
Alright, we seem to be doing better.
[+] [-] arcameron|12 years ago|reply
[+] [-] onuryavuz|12 years ago|reply
[+] [-] grigio|12 years ago|reply
[+] [-] brahma1337|12 years ago|reply
[+] [-] hooda|12 years ago|reply
[+] [-] angersock|12 years ago|reply
[+] [-] jdipierro|12 years ago|reply
[+] [-] officialjunk|12 years ago|reply
[+] [-] codecondo|12 years ago|reply
[+] [-] coherentpony|12 years ago|reply
[+] [-] dorfsmay|12 years ago|reply