Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/adonespitogo/unsakini
Opensource encrypted bulletin board
https://github.com/adonespitogo/unsakini
Last synced: about 21 hours ago
JSON representation
Opensource encrypted bulletin board
- Host: GitHub
- URL: https://github.com/adonespitogo/unsakini
- Owner: adonespitogo
- License: mit
- Created: 2016-04-29T00:55:16.000Z (over 8 years ago)
- Default Branch: develop
- Last Pushed: 2016-11-29T14:32:27.000Z (almost 8 years ago)
- Last Synced: 2024-09-18T11:46:03.041Z (15 days ago)
- Language: Ruby
- Homepage: https://www.unsakini.com
- Size: 7.14 MB
- Stars: 1
- Watchers: 3
- Forks: 4
- Open Issues: 9
-
Metadata Files:
- Readme: README.md
- License: MIT-LICENSE
Awesome Lists containing this project
README
[](https://travis-ci.org/adonespitogo/unsakini)
UNSAKINI
-----------
*Created by and for online activists, information security enthusiasts and government surveillance evaders.*
**[Unsakini](https://www.unsakini.com)** is an open source encrypted bulletin board created with the aim of evading global information surveillance and spying, preventing data leaks and promoting information confidentiality and integrity.
Features:
- encrypted discussions boards
- encrypted chat
- encrypted file uploads
-------------------------
### How it Works
Upon using the system, you'll be asked to provide your private key. This key is used to encrypt your data before they are sent to the server. The key is stored in your computer and is never sent to the server.
Hackers, surveillance and spy softwares and even the server host cannot read your data, unless they are able to obtain your private key. Your private key is deleted from your computer everytime you logout to ensure no one can obtain it while you're away.
To increase the security, your data is re-encrypted in the backend before being saved to the database, which adds a second layer of protection.
So to access your data, the hacker needs to know two things - (1) your private key and (2) the server encryption key. That is, if they are able to bypass the server security and gets access to the database. Even so, they won't be able to read the data without these two elements.
The data is ecnrypted using [Advanced Encryption System (AES)](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard), the most widely used and trusted encryption algorithm.
------
### System Requirements
- Ruby >= 2.2.2
- Rails >= 5.0
- Bunlder gem
### Installation
**Unsakini** is composed of 2 parts, the API and the client. The easiest way to get up and running Unsakini is to download the preconfigured client that uses an [existing API](https://www.unsakini.com).
The preconfigured client is in the [`./angular/bundled`](./angular/bundled) directory of this repo. Just download this repository and extract those files. These are plain html, css and js files which can be uploaded to any kind of server.
You can even run it locally if you know how to setup a local http server. If you're on windows, take a look at [XAMPP](https://www.youtube.com/watch?v=kkSG19gQamc).
See the [documentation](./docs) for more installation options.
------------------------------
### Encryption Specifications
- server
- Algorithm = `AES`
- Mode = `CBC`
- Key Size = `256`
- *Others = autogenerated, random
- client
- Algorithm = `AES`
- Mode = `CBC`
- Padding = `Pkcs7`
- Key Derivation Function = `PBKDF2`
- Key Size = `256`
- Initialization Vector Size = `128`
- PBKDF2 iterations = `500`
### Security
If you find any security flaws, please don't write a github issue. Email me instead at [email protected] so we can fix it before the public knows.
### Author
[Adones Pitogo](http://adonespitogo.com)
### License
Released under the terms of [MIT](https://opensource.org/licenses/MIT) License.