Opened 10 years ago
Closed 8 years ago
#956 closed enhancement (wontfix)
End to End Encryption
| Reported by: | picotech | Owned by: | |
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | programming | Keywords: | |
| Cc: | Parent Tickets: |
Description
Hello,
I read about the Mylar platform on Slashdot.org <http://yro.slashdot.org/story/14/03/26/0352201/mit-researchers-create-platform-to-build-secure-web-apps-that-never-leak-data>. It is built on the Meteor framework and decrypts user data only in the browser, even website administrators cannot see what the user has on their account.
The developers of Mylar, who also helped develop CryptoDB, have already made an instant messaging application based on it which could be easily integrated into MediaGoblin for social networking features since it is already built. Even converting MediaGoblin to the Mylar platform might be easy since the Mylar developers only had to change about 35 lines of code for the applications they have already converted to Mylar.
But, I guess the ease of the MediaGoblin's transition to Mylar depends on whether MediaGoblin is written in Javascript or not since Mylar application are entirely written in Javascript (no MySQL or any other server side code, but I think CSS is still used). I tried to check the repository for MediaGoblin to make sure it is already using some Javascript, but Gitorious doesn't show the language statistics for the repository like it would on Github.
Let me know what you think,
Here's Mylar's website on MIT servers <http://css.csail.mit.edu/mylar/>.
Change History (3)
comment:1 by , 10 years ago
comment:2 by , 10 years ago
I just double checked the Meteor framework site, so Mylar does support HTML and CSS since it uses Meteor.
comment:3 by , 8 years ago
| Resolution: | → wontfix |
|---|---|
| Status: | new → closed |
Hi Picotech,
Thanks very much for taking the time to make this suggestion, and sorry it hasn't been responded to sooner.
Mylar sounds like an interesting research project. I don't have a good understanding of Mylar, so it's not clear to me what practical benefits this would bring to MediaGoblin and how it would even be feasible to implement. MediaGoblin is for making artworks public after all. Also, as you note, this framework is for applications written entirely in JavaScript, but MediaGoblin is primarily Python.
For now I'll close this ticket, but if you are motivated to do some further thinking and come up with some practical examples of how this could work, please don't hesitate to re-open the ticket.
Thanks again for your suggestion.
Regards,
Ben
Another important feature of Mylar is that, even though it encrypts everything, it allows content to be searched.