lovasoa / whitebophir

Online collaborative Whiteboard that is simple, free, easy to use and to deploy
https://wbo.ophir.dev
GNU Affero General Public License v3.0
2.17k stars 417 forks source link

Support end-to-end encryption #35

Open iblech opened 4 years ago

iblech commented 4 years ago

Thank you very much for WBO. Having compared many online collaborative whiteboard solutions, this is by far my favourite and a key ingredient to how I will conduct my university teaching this term. I'm currently packaging it for NixOS.

It would be awesome if WBO could support end-to-end encryption, in the simplest way possible: The encryption key has to be given in the fragment part of the URL, such as in http://localhost:8080/boards/secret-doodle#OVrijCCAQUJJQ22LEIYvyQ.

Perhaps I might work on that.

lovasoa commented 4 years ago

Hello and thank you for the kind words :) Currently, the server does read messages, and this allows it to maintain long-lived boards such as boards/anonymous. If the messages were completely encrypted (and thus not readable by the server), then the server would have to keep the list of every single message that was sent and send all of them back to clients when they connect. This wouldn't be a problem for small boards, but would quickly become unmanageable for boards that have a lot of text (where one message is sent by keystroke), or where objects are deleted and recreated often. The server also validates that messages are well-formed, and you would have to remove that validation, and let it store potentially invalid messages.

This leaves you with two possibilities if you want to implement this feature :

  1. Only encrypt the messages partially. You could keep only the information about the message type and object id, and not the position/size/tool used.
  2. Encrypt the message completely, and accept that encrypted boards will take longer to load, and will see their old objects disappear more quickly than in clear boards.

Anyway, a PR is welcome !

pozzo-balbi commented 4 years ago

If you are so concerned about privacy, why don't you just host it yourself. 1) Get a VPS, setup your own DDNS service with your own (free) domain name or use a free/paid DDNS service (just in case you don't have a static IP like most users) 2) Enable port forwarding on your home router and connect to DDNS service to update your IP regularly 3) Setup whitebophir on your private computer and get free let's encrypt ssl certificates for it 4) Share your private url and enjoy!

End-to-end encryption is not needed, in my opinion.

iblech commented 3 years ago

Sorry that I forgot this issue for so long. @pozzo-balbi, indeed, thank you for your suggestion, in fact I'm doing that exactly as you describe. The reason I'm still interested in end-to-end encryption is because I want my friends, colleagues and students not need to trust me to not look at their boards. (However, right now this issue has a very low priority in my life. Will most likely not get around to implementing it in the next couple months.)