Post ATkNmFsSSBYSEOIN1s by friendlymike@androiddev.social
(DIR) More posts by friendlymike@androiddev.social
(DIR) Post #ATkAz3z8gIBxhzCIpE by friendlymike@androiddev.social
2023-03-18T15:13:28Z
0 likes, 2 repeats
today's task is trying to make encrypted dms happen PublicKey( registrationId = bob.registrationId, devideId = 0, prekeyId = bob.preKeys[0].id, preKeyPublicKey = encode2(publicKey = bob.preKeys[0].keyPair.publicKey), signedPreKeyId = bob.signedPreKey.id, signedPreKeyPublicKey = encode2(publicKey = bob.signedPreKey.keyPair.publicKey),.... )
(DIR) Post #ATkCuyV5KatlRpJmiW by alsutton@snapp.social
2023-03-18T15:35:06Z
0 likes, 0 repeats
@friendlymike ayou may be interested in https://github.com/signalapp/libsignal ;)
(DIR) Post #ATkCz64L8JcE50m2ZU by friendlymike@androiddev.social
2023-03-18T15:35:54Z
0 likes, 0 repeats
@alsutton exactly what I'm using. I have it working in a test. Next is figuring out how to send the public key over the wire
(DIR) Post #ATkD7yEHeMN0N7ekQi by alsutton@snapp.social
2023-03-18T15:37:29Z
0 likes, 0 repeats
@friendlymike https://en.m.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
(DIR) Post #ATkDlGZROKiqYAI2bo by friendlymike@androiddev.social
2023-03-18T15:44:36Z
0 likes, 0 repeats
@alsutton why do I need the combined secret. What I naively thought is bob makes public key sends to Alice who can then encrypt messages that Bob can decrypt. I was going to do that exchange both directions as a dm. The payload as json is currently at 470 characters What should I do differently?
(DIR) Post #ATkDq0XqP08QILnuwC by friendlymike@androiddev.social
2023-03-18T15:45:27Z
0 likes, 0 repeats
@alsutton oh maybe this exactly what I'm doing.
(DIR) Post #ATkEOcBMyPGys5nGqW by alsutton@snapp.social
2023-03-18T15:51:41Z
0 likes, 0 repeats
@friendlymike What about a Man-in-The-Middle attack where Charlie intercepts Bobs public key, then sends his own on to Alice? Charlie can then be an invisible point in the discussion, decrypting and the re-emcrypting the data.https://en.m.wikipedia.org/wiki/Man-in-the-middle_attack
(DIR) Post #ATkF06AKSXJwZrBFsO by alsutton@snapp.social
2023-03-18T15:57:15Z
0 likes, 0 repeats
@friendlymike DH is a start point, but to be MITM save, where the “Man” is your server admin, you’ll need to step-up the security.
(DIR) Post #ATkF06dOiSZa20mTBY by friendlymike@androiddev.social
2023-03-18T15:58:28Z
0 likes, 0 repeats
@alsutton I assumed if I never send the private key, the server or any other MITM wouldn't be able to decrypt
(DIR) Post #ATkFSCE7W9Q3U4LsdU by alsutton@snapp.social
2023-03-18T16:03:33Z
0 likes, 0 repeats
@friendlymike If each party gets Charlie, the seever admins, public key they’ll endcypt with that, and charlie can then set the server to decrypt the message and re-encrypt with Alice or Bobs real public key.STS mitigates MITM; https://en.m.wikipedia.org/wiki/Station-to-Station_protocol
(DIR) Post #ATkHZ8KAcnpfJfcL7w by rjrjr@mastodon.social
2023-03-18T16:27:13Z
0 likes, 0 repeats
@friendlymike If you need a break from this, boosts are broken: when I boost something, the original looks unboosted, and a new boosted instance shows up at the top of my feed. Might only happen when I boost the first post, not sure.And while I'm complaining, something is just off about text layout. Might be as simple as the font? Maybe line height is too high?
(DIR) Post #ATkHhj0Q7zjXOlTaqG by friendlymike@androiddev.social
2023-03-18T16:28:47Z
0 likes, 0 repeats
@rjrjr I need to figure out the boost logic. When you boost something it actually just makes a new status/post with a new id. I'll look at what tusky does to handle this. Help me with text. Less complaining more direction. Any font you enjoy?
(DIR) Post #ATkHwzAOKBo1rdPuim by rjrjr@mastodon.social
2023-03-18T16:31:31Z
0 likes, 0 repeats
@friendlymike I'm still trying to figure out what's bothering me, mostly by going back and forth between Firefly and Megalodon. Can't put my finger on it yet. Megalodon feels more…efficient?
(DIR) Post #ATkI8ylHejnI5DOMsa by friendlymike@androiddev.social
2023-03-18T16:33:42Z
0 likes, 0 repeats
@rjrjr what's next you're going to tell me the developer is more impactful and exceeding expectations 😆I'll see what they do as well. I spend more time drooling over the other apps than I do developing this one. If only I had help with design.Thanks for the call outs adding to my list
(DIR) Post #ATkII75O4mBMVT9PnM by rjrjr@mastodon.social
2023-03-18T16:35:21Z
0 likes, 1 repeats
@friendlymike I am not getting nerd sniped into building Firefly and tweaking it. No no no no no.
(DIR) Post #ATkIUcMBdZ6yxzyH4q by friendlymike@androiddev.social
2023-03-18T16:37:37Z
0 likes, 1 repeats
@rjrjr I'll push latest just in case. As soon as a single other person contributes I'll be forced to make the code more respectable
(DIR) Post #ATkJeV2nmQsR8YBE9I by friendlymike@androiddev.social
2023-03-18T16:50:36Z
0 likes, 1 repeats
time to boost a bunch of toots while testing
(DIR) Post #ATkMve9hSR7iBFH51c by friendlymike@androiddev.social
2023-03-18T17:27:20Z
0 likes, 0 repeats
@friendlymike @rjrjr how's that looking in the screenshot to you?
(DIR) Post #ATkNdAla5QWrm1kQe8 by rjrjr@mastodon.social
2023-03-18T17:35:07Z
0 likes, 0 repeats
@friendlymike @rjrjr @friendlymike • Dups are gone • Can't scroll when tapping pictures • When replying you got addressed twice, see attached • Feel like I'm getting away with something by not filing each issue separately
(DIR) Post #ATkNmFsSSBYSEOIN1s by friendlymike@androiddev.social
2023-03-18T17:36:50Z
0 likes, 0 repeats
@rjrjr working on scroll. Can't zoom and scroll at same time in these dimensions
(DIR) Post #ATkNyevZ8xy1OifD8a by adam@androiddev.social
2023-03-18T17:38:26Z
0 likes, 0 repeats
@rjrjr @friendlymike some visual indication that it successfully went through would be useful as well
(DIR) Post #ATkNyfR7FfCiyZQPJY by friendlymike@androiddev.social
2023-03-18T17:39:03Z
0 likes, 0 repeats
@adam @rjrjr all those are coming (animations, haptic feedback for controls)
(DIR) Post #ATkOYCZ64VZXrH6O6i by bidetofevil@androiddev.social
2023-03-18T17:45:31Z
0 likes, 0 repeats
@friendlymike I could put you in touch with an ex-Tweep who got it working there on Android if you run into any issues. LMK.