Cloaklet: zero-knowledge private messaging and file-transfer system

Discussion in 'privacy technology' started by lotuseclat79, Sep 15, 2011.

Thread Status:
Not open for further replies.
  1. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,097
  2. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    They talk about "light site" & "dark site" & in one instance "light site" was called "White site" Probably just a mistake ?

    Compatability Test https://www.cloaklet.com/check.php

    ct.gif

    To do the test you HAVE to allow Flash & Scripts & also Requests from amazonaws.com & avangate.net

    I don't have HTML5 - Local storage or Java

    2 WebBugs blocked by Ghostery

    They say it's Open Source & you can DL it to examine it. But NOT all of it is included for perusal ?

    What are your thoughts about it ? Anyone care to try it ?
     
  3. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    Hosted by BlueHost?
     
  4. cloakletdevs

    cloakletdevs Registered Member

    Joined:
    Sep 15, 2011
    Posts:
    2
    Hey there,

    We spotted this thread on Google and figured we'd chime in.

    CloneRanger, you make some good points. Cloaklet is made to be as easy to use as possible, but in order to do that we had to use all the tools of web dev - that includes Flash, Java and HTML5 features.

    We call this configuration a "modern web browser" although we know many disable or deliberately not setup some of these features. That's ok, but unfortunately you won't be able to use Cloaklet.

    The public facing site (what we call the light site, we fixed the typo ;) ) is linked to Twitter, it just downloads our feed and puts it in the footer. And it is setup with PiWik for user tracking, similar to the tracking vBulletin has built-in, this data is anonymized automatically (default setting in PiWiK I think). We track visitors to try and optimize the site. IP's are stored as 192.168.xxx.xxx - the last 2 bytes are wiped.

    Hey LockBox - the light site part of Cloaklet is hosted by Bluehost. They are an excellent host in our opinion ;) The dark site part is hosted by Tilaa in the Netherlands. And the final part, the storage engine, is essentially in the cloud - somewhere on the East cost of the US. The company behind Cloaklet is based in Ireland as it happens.

    We'd welcome you to try it out it out if your curious. If anybody has any questions I'm happy to answer them.

    All the best,

    Jake / Cloaklet Dev

    * Edit: Parts of this are explained better by the tech pages ( https://www.cloaklet.com/techlongform.php ) and faq ( https://www.cloaklet.com/faq.php ).
     
  5. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ cloakletdevs

    Thanks for "chiming in" :thumb:

    So you're based in the Emerald isle, well there's a 1st !

    Indeed, & for VERY good reasons ;) Which you must be aware of ?

    .

    Or anybody else who REALLY values Privacy :p

    I'm NOT in a position to write it off, & wouldn't understand the Source code even if i looked at it :p Hopefully others who can will, & explain what they discover :thumb: How about you send it to Bruce Schneier https://www.schneier.com/contact.html for evaluation & scrutiny etc :)

    If it's ALL kosher, then i wish you all the best, if not ......
     
  6. cloakletdevs

    cloakletdevs Registered Member

    Joined:
    Sep 15, 2011
    Posts:
    2
    Hey CloneRanger,

    Disabling or not installing Flash and Java is a good idea if you want uber security sure but it really locks you out of large parts of the net. Ultimately we all should embrace new software in order to move forward. At least that's our opinion! According to our stats, about 80% of the public site visitors have Java and 90% have Flash.

    You mention now being able to evaluate the code, well as it happens there was an anonymous evaluation of the code and security model posted last night - http://paste.debian.net/130271/.

    And we addressed all the points here: http://www.cloaklet.com/blog/2011/09/16/cloaklets-birth-by-fire/

    No security measures are perfect, you always reach a compromise between security and convenience. We hope that Cloaklet has enough of both to be useful. We think so of course ;)

    All the best,

    Jake
     
  7. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ cloakletdevs

    Thanks for the "anonymous evaluation of the code" links :thumb:

    Good to see that you are prepared to Openly take onboard construtive criticism etc :) & then try to actively improve things :thumb: Hopefully in a timely manner ;) I notice that already you are on the case :thumb:

    Regards
     
  8. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Interesting, their Compatibility Test especially. Thanks for creating the thread.
     
Loading...
Thread Status:
Not open for further replies.