[guardian-dev] Adding IOCipher to Orweb
hans at guardianproject.info
Fri Feb 8 11:23:56 EST 2013
Sounds like a great project for IOCipher!
Yeah, the viewing part is tricky. I have a working VIEW/SEND intents that do
not write to disk, but instead pipe the data to the receiving app. But the
receiving app can easily just write it to disk upon receiving it. The PDF
viewer that I was testing with did just that.
Seems like we should start some standard intents for secure viewing, then have
a whitelist of apps that are trusted to receive data via that secure VIEW
intent. I guess that could be handled by defining custom android permissions
that the viewers would have to ask for.
On 02/08/2013 06:09 AM, Nathan of Guardian wrote:
> I have decided that my IOCipher project will be to add secure download (via OnionKit) and storage (via iocipher) of binary/non-html data to the Orweb browser.
> People have been asking for download capability in Orweb for a longtime, but there was no way to do it before in a manner that I felt was safe and wise. With OnionKit we can now easily handle the download bit over Tor, and with IOCipher we have a place to store them in a private, secure manner.
> At some point though, you will want to open the file from the Orweb secure download storage, and view it in another app. I am not quite sure how to handle that yet, other than building in custom viewers directly into Orweb.
> Guardian-dev mailing list
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> To Unsubscribe
> Send email to: Guardian-dev-unsubscribe at lists.mayfirst.org
> Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/hans%40guardianproject.info
> You are subscribed as: hans at guardianproject.info
More information about the Guardian-dev