sueden.social

xoron :verified:An <a href="https://infosec.exchange/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#E2EE</a> messaging app unaffected by <a href="https://infosec.exchange/tags/ChatControl" class="mention hashtag" rel="nofollow noopener" target="_blank">#ChatControl</a>* App: <a href="https://chat.positive-intentions.com/" rel="nofollow noopener" translate="no" target="_blank">https://chat.positive-intentions.com/</a> * Code: <a href="https://github.com/positive-intentions/chat" rel="nofollow noopener" translate="no" target="_blank">https://github.com/positive-intentions/chat</a> * Reddit: <a href="https://www.reddit.com/r/positive_intentions" rel="nofollow noopener" translate="no" target="_blank">https://www.reddit.com/r/positive_intentions</a>How it works: <a href="https://positive-intentions.com/docs/projects/chat" rel="nofollow noopener" translate="no" target="_blank">https://positive-intentions.com/docs/projects/chat</a>TLDR: I'm working on a <a href="https://infosec.exchange/tags/P2P" class="mention hashtag" rel="nofollow noopener" target="_blank">#P2P</a> messaging <a href="https://infosec.exchange/tags/webapp" class="mention hashtag" rel="nofollow noopener" target="_blank">#webapp</a>. Webapps are generally not considered secure because of the nature of serving statics over the internet. This is correct, but not a limitation of this project. (<a href="https://infosec.exchange/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosting</a> options: <a href="https://positive-intentions.com/blog/docker-ios-android-desktop" rel="nofollow noopener" translate="no" target="_blank">https://positive-intentions.com/blog/docker-ios-android-desktop</a>).As a webapp, I can provide the app with zero-installation and no-registration. The app is only using (local-only) browser storage (specifically <a href="https://infosec.exchange/tags/indexedDB" class="mention hashtag" rel="nofollow noopener" target="_blank">#indexedDB</a>). So in a P2P interaction, the traditional concept of "the cloud" is just the physical devices connected over <a href="https://infosec.exchange/tags/WebRTC" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebRTC</a>. This allows for things like P2P authentication: <a href="https://positive-intentions.com/blog/security-privacy-authentication" rel="nofollow noopener" translate="no" target="_blank">https://positive-intentions.com/blog/security-privacy-authentication</a>.Future: I'm aiming to create the most secure messaging app out there... (more than <a href="https://infosec.exchange/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#Signal</a>, <a href="https://infosec.exchange/tags/Simplex" class="mention hashtag" rel="nofollow noopener" target="_blank">#Simplex</a>, <a href="https://infosec.exchange/tags/threema" class="mention hashtag" rel="nofollow noopener" target="_blank">#threema</a>, <a href="https://infosec.exchange/tags/session" class="mention hashtag" rel="nofollow noopener" target="_blank">#session</a>, <a href="https://infosec.exchange/tags/deltachat" class="mention hashtag" rel="nofollow noopener" target="_blank">#deltachat</a>, <a href="https://infosec.exchange/tags/bitchat" class="mention hashtag" rel="nofollow noopener" target="_blank">#bitchat</a>, etc). I know I have a long way to go to get there. The UI is fairly ugly for the average user, but I think the mechanics are working as expected. I think <a href="https://infosec.exchange/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> is underrated in what you can do with it. I'm actively investigating improving the <a href="https://infosec.exchange/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#encryption</a> approach further to align to how the Signal protocol works (currently using a <a href="https://infosec.exchange/tags/DiffieHellman" class="mention hashtag" rel="nofollow noopener" target="_blank">#DiffieHellman</a> key-exchange).Support: In the age of <a href="https://infosec.exchange/tags/ChatControl" class="mention hashtag" rel="nofollow noopener" target="_blank">#ChatControl</a>, I would like to keep this project <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#opensource</a>, but open-source funding is not working for me. I don't want your donations (but don't let that stop you) because it isn't sustainable for a long-term project. I have so far only experienced grant-funding rejections. I have no idea what I'm doing in trying to get funding for this project, so any support/advice is appreciated. In recognition of the project in its current state not being able to get funding... (sorry) I will have to go <a href="https://infosec.exchange/tags/closedsource" class="mention hashtag" rel="nofollow noopener" target="_blank">#closedsource</a> (which I'd like to avoid because it undermines several <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> claims I'd like to make). I don't accept collaboration on the project because this would make tough decisions like going closed-source also immoral.<a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacy</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://infosec.exchange/tags/messaging" class="mention hashtag" rel="nofollow noopener" target="_blank">#messaging</a> <a href="https://infosec.exchange/tags/decentralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#decentralized</a> <a href="https://infosec.exchange/tags/peer2peer" class="mention hashtag" rel="nofollow noopener" target="_blank">#peer2peer</a> <a href="https://infosec.exchange/tags/webdev" class="mention hashtag" rel="nofollow noopener" target="_blank">#webdev</a> <a href="https://infosec.exchange/tags/cryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptography</a> <a href="https://infosec.exchange/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosted</a> <a href="https://infosec.exchange/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#FOSS</a> <a href="https://infosec.exchange/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#tech</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/developer" class="mention hashtag" rel="nofollow noopener" target="_blank">#developer</a> <a href="https://infosec.exchange/tags/funding" class="mention hashtag" rel="nofollow noopener" target="_blank">#funding</a> <a href="https://infosec.exchange/tags/startup" class="mention hashtag" rel="nofollow noopener" target="_blank">#startup</a>

hummingmeKahuna, the IndexedDB manager webextension, celebrates the release of version 1.5 🎉New features include a schema editor to create and delete object stores, as well as edit indexes. Additionally, there are new tools for copying databases and object stores.<a href="https://github.com/hummingme/kahuna" rel="nofollow noopener" translate="no" target="_blank">https://github.com/hummingme/kahuna</a> Already available from the Chrome Web Store and the the Firefox Addons Page.<a href="https://burningboard.net/tags/webextensions" class="mention hashtag" rel="nofollow noopener" target="_blank">#webextensions</a> <a href="https://burningboard.net/tags/indexeddb" class="mention hashtag" rel="nofollow noopener" target="_blank">#indexeddb</a> <a href="https://burningboard.net/tags/webdev" class="mention hashtag" rel="nofollow noopener" target="_blank">#webdev</a> <a href="https://burningboard.net/tags/typescript" class="mention hashtag" rel="nofollow noopener" target="_blank">#typescript</a> <a href="https://burningboard.net/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#javascript</a>

Hacker NewsKahuna, the IndexedDB-Manager Webextension<a href="https://github.com/hummingme/kahuna" rel="nofollow noopener" translate="no" target="_blank">https://github.com/hummingme/kahuna</a><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#HackerNews</a> <a href="https://mastodon.social/tags/Kahuna" class="mention hashtag" rel="nofollow noopener" target="_blank">#Kahuna</a> <a href="https://mastodon.social/tags/IndexedDB" class="mention hashtag" rel="nofollow noopener" target="_blank">#IndexedDB</a> <a href="https://mastodon.social/tags/Manager" class="mention hashtag" rel="nofollow noopener" target="_blank">#Manager</a> <a href="https://mastodon.social/tags/Webextension" class="mention hashtag" rel="nofollow noopener" target="_blank">#Webextension</a> <a href="https://mastodon.social/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDevelopment</a> <a href="https://mastodon.social/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> <a href="https://mastodon.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#Hacking</a>

data0I've built a thing.Sometimes my follower count seemingly fluctuates at random. To understand why, I dug into the <a href="https://indieweb.social/tags/MastodonAPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#MastodonAPI</a> and created "fedi-followers":A privacy-friendly <a href="https://indieweb.social/tags/fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#fediverse</a> <a href="https://indieweb.social/tags/followers" class="mention hashtag" rel="nofollow noopener" target="_blank">#followers</a> explorer as local-only static web app, decentrally hosted on the <a href="https://indieweb.social/tags/ipfs" class="mention hashtag" rel="nofollow noopener" target="_blank">#ipfs</a>. See who's actually following (and unfollowing) you over time and much more.<a href="https://fedi--followers-data0-one.ipns.dweb.link/" rel="nofollow noopener" translate="no" target="_blank">https://fedi--followers-data0-one.ipns.dweb.link/</a><a href="https://indieweb.social/tags/mastodev" class="mention hashtag" rel="nofollow noopener" target="_blank">#mastodev</a> <a href="https://indieweb.social/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#javascript</a> <a href="https://indieweb.social/tags/webapp" class="mention hashtag" rel="nofollow noopener" target="_blank">#webapp</a> <a href="https://indieweb.social/tags/staticwebapp" class="mention hashtag" rel="nofollow noopener" target="_blank">#staticwebapp</a> <a href="https://indieweb.social/tags/nobuild" class="mention hashtag" rel="nofollow noopener" target="_blank">#nobuild</a> <a href="https://indieweb.social/tags/esmodules" class="mention hashtag" rel="nofollow noopener" target="_blank">#esmodules</a> <a href="https://indieweb.social/tags/importmaps" class="mention hashtag" rel="nofollow noopener" target="_blank">#importmaps</a> <a href="https://indieweb.social/tags/indexeddb" class="mention hashtag" rel="nofollow noopener" target="_blank">#indexeddb</a> <a href="https://indieweb.social/tags/preact" class="mention hashtag" rel="nofollow noopener" target="_blank">#preact</a> <a href="https://indieweb.social/tags/htm" class="mention hashtag" rel="nofollow noopener" target="_blank">#htm</a>

xoron :verified:"Encryption at Rest" for JavaScript ProjectsFollowing a previous post (<a href="https://infosec.exchange/@xoron/113446067764347249" rel="nofollow noopener" translate="no" target="_blank">https://infosec.exchange/@xoron/113446067764347249</a>), which can be summarized as: I'm tackling state management with an extra twist: integrating encryption at rest!I created some updates to the WIP pull-request. The behavior is as follows.- The user is prompted for a password if one isn't provided programmatically. - This will allow for developers to create a custom password prompts in their application. The default fallback is to use a JavaScript prompt(). - It also seems possible to enable something like "fingerprint/face encryption" for some devices using the webauthn api. (This works, but the functionality is a bit flaky and needs to be fixed before rolling out.) - Using AES-GCM with 1000000 iterations of PBKDF2 to derive the key from the password. - The iterations can be increased in exchange for slower performance. It isn't currently configurable, but it might be in the future. - The salt and AAD need to be deterministic and so to simplify user input, the salt as AAD are derived as the sha256 hash of the password. (Is this a good idea?)The latest version of the code can be seen in the PR: <a href="https://github.com/positive-intentions/dim/pull/9" rel="nofollow noopener" translate="no" target="_blank">https://github.com/positive-intentions/dim/pull/9</a>I'm keen to get feedback on the approach and the implementation before i merge it into the main branch.<a href="https://infosec.exchange/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> <a href="https://infosec.exchange/tags/Encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#Encryption</a> <a href="https://infosec.exchange/tags/IndexedDB" class="mention hashtag" rel="nofollow noopener" target="_blank">#IndexedDB</a> <a href="https://infosec.exchange/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDevelopment</a> <a href="https://infosec.exchange/tags/CryptoAPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#CryptoAPI</a> <a href="https://infosec.exchange/tags/FrontendDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#FrontendDev</a> <a href="https://infosec.exchange/tags/ReactHooks" class="mention hashtag" rel="nofollow noopener" target="_blank">#ReactHooks</a> <a href="https://infosec.exchange/tags/StateManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#StateManagement</a> <a href="https://infosec.exchange/tags/WebSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebSecurity</a> <a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> <a href="https://infosec.exchange/tags/PersonalProjects" class="mention hashtag" rel="nofollow noopener" target="_blank">#PersonalProjects</a>

michabbb🔨 <a href="https://social.vivaldi.net/tags/Database" class="mention hashtag" rel="nofollow noopener" target="_blank">#Database</a>․build: Browser-based <a href="https://social.vivaldi.net/tags/PostgreSQL" class="mention hashtag" rel="nofollow noopener" target="_blank">#PostgreSQL</a> Development Environment💻 Runs completely in-browser using <a href="https://social.vivaldi.net/tags/WASM" class="mention hashtag" rel="nofollow noopener" target="_blank">#WASM</a> technology powered by <a href="https://social.vivaldi.net/tags/PGlite" class="mention hashtag" rel="nofollow noopener" target="_blank">#PGlite</a>, with data persistence via <a href="https://social.vivaldi.net/tags/IndexedDB" class="mention hashtag" rel="nofollow noopener" target="_blank">#IndexedDB</a> 🤖 Features <a href="https://social.vivaldi.net/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> assistance for database operations, including smart CSV imports and automated report generation 📊 Built-in tools for creating charts and database diagrams with drag-and-drop functionality ⚡ Developed using <a href="https://social.vivaldi.net/tags/Nextjs" class="mention hashtag" rel="nofollow noopener" target="_blank">#Nextjs</a> framework with <a href="https://social.vivaldi.net/tags/S3" class="mention hashtag" rel="nofollow noopener" target="_blank">#S3</a> deployment capabilities in development 🔄 <a href="https://social.vivaldi.net/tags/Opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#Opensource</a> project (Apache 2.0) by the <a href="https://social.vivaldi.net/tags/Supabase" class="mention hashtag" rel="nofollow noopener" target="_blank">#Supabase</a> communityLearn more: <a href="https://github.com/supabase-community/postgres-new" rel="nofollow noopener" translate="no" target="_blank">https://github.com/supabase-community/postgres-new</a>

Brian SwetlandIf I'm going to store <a href="https://chaos.social/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> objects in <a href="https://chaos.social/tags/IndexedDB" class="mention hashtag" rel="nofollow noopener" target="_blank">#IndexedDB</a>, is there any significant size or performance difference between storing them as Objects (letting IndexedDB serialize them), strings (post-JSON.stringify), ArrayBuffers (post-TextEncoder.encode), or Blobs (wrapping the ArrayBuffer)?My assumption is the space difference is minimal or none, and that there may be some performance gain for not doing the JSON -> UTF8 -> bytearray conversion in discrete steps in Javascript.<a href="https://chaos.social/tags/WebDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDev</a> <a href="https://chaos.social/tags/Questions" class="mention hashtag" rel="nofollow noopener" target="_blank">#Questions</a>

LampIf I have to get and put to update objects in an <a class="hashtag" href="https://kitty.haus/tag/indexeddb" rel="nofollow noopener" target="_blank">#IndexedDB</a>, does that mean blobs will be copied every time I update something, or is it just a reference to the same data in memory and there's no performance issue? Should I store large blobs in a separate object store from the metadata or is it fine to keep it together? <a class="hashtag" href="https://kitty.haus/tag/js" rel="nofollow noopener" target="_blank">#js</a> <a class="hashtag" href="https://kitty.haus/tag/javascript" rel="nofollow noopener" target="_blank">#javascript</a>

Brian SwetlandHere's a trivia question: when using IndexedDB, can a transaction with a single put() operation fail even if the put operation itself succeeded?I suspect the answer is "yes", but it'd be interesting to know for sure one way or the other.If it's "no", it simplifies code a bit in that one doesn't need to stash the autogenerated key (if using that option) between the put's "onsuccess" and the transactions "oncomplete."<a href="https://chaos.social/tags/WebDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDev</a> <a href="https://chaos.social/tags/IndexedDB" class="mention hashtag" rel="nofollow noopener" target="_blank">#IndexedDB</a> <a href="https://chaos.social/tags/Question" class="mention hashtag" rel="nofollow noopener" target="_blank">#Question</a>

Torsten :verified: :verified:Versuche grade den Spielstand von online <a href="https://norden.social/tags/Tombraider" class="mention hashtag" rel="nofollow noopener" target="_blank">#Tombraider</a> aus dem <a href="https://norden.social/tags/Browser" class="mention hashtag" rel="nofollow noopener" target="_blank">#Browser</a> zu exportieren. Bisher habe ich herausgefunden, dass eine "savegame.dat" in der Datenbank "db" mit Version 22 im ObjectStore FILE_DATA in <a href="https://norden.social/tags/IndexedDB" class="mention hashtag" rel="nofollow noopener" target="_blank">#IndexedDB</a> als <a href="https://norden.social/tags/Blob" class="mention hashtag" rel="nofollow noopener" target="_blank">#Blob</a> gespeichert ist.<a href="https://norden.social/tags/OpenLara" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenLara</a> <a href="https://norden.social/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a><a href="http://www.xproger.info/projects/OpenLara/" rel="nofollow noopener" translate="no" target="_blank">http://www.xproger.info/projects/OpenLara/</a>

BuZZ-dEE ☮️ 🇺🇦 🇪🇺 🇩🇪<a href="https://chaos.social/@kubikpixel" class="u-url mention" rel="nofollow noopener" target="_blank">@kubikpixel</a> There is also <a href="https://mstdn.social/tags/localForage" class="mention hashtag" rel="nofollow noopener" target="_blank">#localForage</a> <a href="https://mstdn.social/tags/Indexeddb" class="mention hashtag" rel="nofollow noopener" target="_blank">#Indexeddb</a> <a href="https://mstdn.social/tags/LocalStorage" class="mention hashtag" rel="nofollow noopener" target="_blank">#LocalStorage</a> <a href="https://localforage.github.io/localForage/" rel="nofollow noopener" target="_blank">https://localforage.github.io/localForage/</a>

Doug Parker 🕸️<a href="https://mastodon.xyz/@planeth" class="u-url mention" rel="nofollow noopener" target="_blank">@planeth</a> <a href="https://piaille.fr/@tbroyer" class="u-url mention" rel="nofollow noopener" target="_blank">@tbroyer</a> <a href="https://toot.cafe/@slightlyoff" class="u-url mention" rel="nofollow noopener" target="_blank">@slightlyoff</a> <a href="https://mastodon.social/@oschonrock" class="u-url mention" rel="nofollow noopener" target="_blank">@oschonrock</a> <a href="https://mastodon.cloud/@agarzola" class="u-url mention" rel="nofollow noopener" target="_blank">@agarzola</a> <a href="https://mstdn.party/@ddonnell" class="u-url mention" rel="nofollow noopener" target="_blank">@ddonnell</a> I can confirm the pain of storing Blobs in <a href="https://techhub.social/tags/IndexedDB" class="mention hashtag" rel="nofollow noopener" target="_blank">#IndexedDB</a> on <a href="https://techhub.social/tags/Safari" class="mention hashtag" rel="nofollow noopener" target="_blank">#Safari</a>, though my experience is also a few years old. Hopefully things have improved since then.

pukkamustardAnother [openEngiadina](<a href="https://openengiadina.net" rel="nofollow noopener" target="_blank">https://openengiadina.net</a>) milestone: RDF, geo-spatial and full-text search - A Multi-Model Database. And all that with IndexedDB. The ideas: <a href="https://inqlab.net/2022-07-01-geopub-a-multi-model-database.html" rel="nofollow noopener" target="_blank">https://inqlab.net/2022-07-01-geopub-a-multi-model-database.html</a>A demo instance: <a href="https://geopub.openengiadina.net/" rel="nofollow noopener" target="_blank">https://geopub.openengiadina.net/</a> (Initial loading takes some time as it loads an extract of OSM data).<a href="https://chaos.social/tags/Datalog" class="mention hashtag" rel="nofollow noopener" target="_blank">#Datalog</a> <a href="https://chaos.social/tags/RDF" class="mention hashtag" rel="nofollow noopener" target="_blank">#RDF</a> <a href="https://chaos.social/tags/IndexedDB" class="mention hashtag" rel="nofollow noopener" target="_blank">#IndexedDB</a> <a href="https://chaos.social/tags/ActivityStreams" class="mention hashtag" rel="nofollow noopener" target="_blank">#ActivityStreams</a> <a href="https://chaos.social/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#XMPP</a> <a href="https://chaos.social/tags/OCaml" class="mention hashtag" rel="nofollow noopener" target="_blank">#OCaml</a> <a href="https://chaos.social/tags/NGI0" class="mention hashtag" rel="nofollow noopener" target="_blank">#NGI0</a> <a href="https://chaos.social/tags/NLnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#NLnet</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#indexeddb