This is an experimental and ongoing project. You can fork it, install it, play with it, but it's surely not ready for real use. So use it with grain of salt!
Shhlack is an encryptor/decryptor to improve privacy in peer-to-peer messages in Slack created by Minded Security. It relies on pre-shared keys between the peers so only the peers with the right passphrase will be able to see the encrypted message.
Everyone else will see encrypted content, such as:
In order to facilitate search a title in clear text can be used.
To create slack app patcher and browser extension:
This will create two diretories in
build/extension/ // << Browser extension build/standalone/ // << standalone patcher
Installing the extension for Chrome
The extension will be available once it's tested. For now, installation is achieved by building the source accoridng to the above instructions and then using Chrome's "Load Unpacked" feature. Developer mode must be enabled in order to do this.
Once installed you can click on the Shhlack icon (a colourful lock next to where text is input) and, if you're on a slack chat room, the Shhlack dialog will appear.
Alternatively you can use
Alt-s shortcut on Windows.
Installing the patch for standalone
cd build/standalone/ ./patch_slack.sh
The script will ask for root password since it will try to write in an root directory.
cd build/standalone/ ./patch_slack.bat
During the process, a backup copy of the original file is created.
Uninstalling the patch for standalone
cd build/standalone/ ./unpatch_slack.sh
The script will ask for root password since it will try to write in a directory owned by root.
cd build/standalone/ ./unpatch_slack.bat
After building and running the install script, Shhlack should work when you login to the standalone client, or when the extension is added and enabled in Chrome.
The first time you use Shhlack, you will be asked to add at least one passphrase to use for encryption/decryption. You can alternatively give a previously saved file to share the passphrases between clients/PCs/peers.
Alt-S or click on the Shhlack extension icon (extension only) and you'll get:
If there is more than one passphrase the dropdown menu will show a list of mnemonic keys and you'll be able to choose a passphrase used to encrypt the message.
Alternatively you can send a raw message without the fancy dialog by adding the prefix
@@@@ to your text.
@@@@ Hello world.
This will be encrypted by Shhlack using the current passphrase.
Encrypted content will not be searchable, however you can add a title that can be searched on.
The format is:
You and all your mates using shhlack will see the decrypted message on your client but on the server it'll appear as
- Encrypt snippets
- Add Master Passphrase with Crypto Web APIs
- Option to Encrypt every message (Encrypted chat)
- Add support for encrypted rich content.