Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
request: clientside encryption #62
I would like to keep a personal log of my tracks but would host any data collection service on an endpoint not under my physical control. I'd love to be able to put a public key into the app, or set a suitably strong PSK (or a passphrase from which a symmetric encryption key could be derived using a strong time-and-memory-hard PBKDF), so that the updates that go to the server are encrypted in such a way that they cannot be decrypted by the server at all. Then I could fetch them all later, decrypt them locally on a trusted machine, and analyze them as I wish.
This is a neat idea, but unfortunately the way this app works makes this pretty impractical. The app expects to be able to send a POST request to a URL, it isn't really built around the idea of storing data in a file. I think this would be too big of a change for me to take this on, sorry.