[henryboldi]

Hi I'm Henry, the creator of Felony

I’ve had a passion for politics, history, and programming since the age of 12 growing up in a suburb of Chicago. During my freshman year, I developed an interest in software. A couple of apps and hackathons (programming competitions) later, I was working on my own startups when I made the leap to drop out of high school to become a software engineer at a venture-backed tech startup.

While working there I learned that PGP encryption was the tool used by Edward Snowden to securely send messages to journalists. The immense value of encryption as a core component of our free society became clear to me. Amongst fellow coders, I had no trouble using command-line encryption to communicate. But my friends who didn’t code couldn’t easily do the same since they don’t know how to use the command-line. Given how important encryption is, I decided to build a first-rate encryption tool that could be used by anyone on any website, regardless of background.

[cdnsteve]

This looks like an interesting project but has a poor name choice. If it's targeted at non technical users, it may actually prevent them from using it, out of fear that just using it is illegal.

[slacka]

How about "The Fourth"? The name denotes privacy and won't scare off people by sounding illegal.

[iheartmemcache]

I immediately know what you mean since I was born and raised in the US, but most people will be left scratching their heads unless they're really well versed in the historical legislation of other countries. (I consider myself fairly well versed in international relations, but if someone made an app referring to a specific UK Act of Parliament I'd be confused.) But I agree, Felony isn't the best name.

[tokenizerrr]

It would make me unwilling to use it, due to being clearly pro-American. While it's the american government that is most likely to be spying on me. Awful name, felony is better.

I'm not an American, by the way.

[tripzilch]

I'm sorry but as a non-US person it's been made very clear to me that I have zero rights, zero laws to depend on and zero expectations of privacy. Calling it "the fourth" is like rubbing that in my face, leaving a rather bad taste.

[mrmondo]

Yeah was thinking this too, as a techie I like it, but to the general user or business it screams IM DOING SOMETHING ILLEGAL!

Question: what's the memory usage like A) at idle, B) after some using and left running for a day or two?

[userbinator]

Meanwhile, a large percentage of the population is quite happy to play a game named Grand Theft Auto...

[danso]

But that's a video game that purports to celebrate grand theft auto (among other lawlessness). Is the OP's purpose to simulate the commission of a felony? Because those who believe in encryption for everyone believe that encrypted chat should not be a felony.

[vog]

See also the other discussion thread on that topic:

https://news.ycombinator.com/item?id=12030492

[tommis]

Feline - everyone loves cats

[esafwan]

I think in era of state being the public enemy names like this has a political purpose. :)

[tripzilch]

Then call it "Rightstarter" :)

[henryboldi]

It's not targeted at entirely non technical users. That's why it's on Hacker News ;)

[menzoic]

"Felony is the first PGP app that's easy for anyone to use"

How about calling it "Freedom"

[Fenntrek]

Chucking my naming idea, call it rights.

Everybody wants rights and nobody sane is against having rights when rights means their right the free speech, their right to a fair trial etc.

[anotheryou]

good idea!

[henryboldi]

Wow, I like this a lot!

[x1798DE]

I would consider naming it something other than a common English phrase, honestly. I know it's the big trend these days, but it's making things incredibly hard to search for. Try searching for the messaging service "matrix" and the matrix client "vector". Insane amount of namespace collision there.

Best to go with something like Freechain or something so at least people can search for it.

[mortenjorck]

"Freechain" is great. It passes the cognate test (sounds like "keychain," which it is), and the "free" part gives it the multiple meanings of both FOSS and freedom from surveillance. Euphony is pretty high, and it looks fairly low-noise on Google, too.

[saidajigumi]

I agree that Freedom is a nice choice, but "Freedom" is already in use by a somewhat well-known website/social media blocker (as in "freedom from all those distractions"):

https://freedom.to/

Still, other suggestions are coming up in this thread that may be of use. I really like the idea of a name that, for a non-technical user, cab be a lead in to answering "why do I want this app? what does it do for me?"

[zouhair]

Just change the name man. Just today two of my non tech savvy friends refused to use it, they were scared by the name.

[sixothree]

How about "Constitution".

[crucialfelix]

M.Y.O.B. - Mind Your Own Business

[bwghughes]

I think folks should chill on the name. It's just a word which makes it stand out as a product. Good job !!

[peterbonney]

In that famous Goldman Sachs "theft" case, use of a tool called "Subversion" (which any IT person knows is just vanilla version control software) was taken by the FBI as evidence of malicious intent.

Just saying.

[hawski]

Here's the article about it I found mentioned in HN comments before: http://www.vanityfair.com/news/2013/09/michael-lewis-goldman...

[petre]

Just call it Line Noise, Static, or something. No malicious intent in that.

[rmchugh]

Static is a great name.

[zouhair]

Words have meaning and are way more important than you could even imagine. We don't think with words, we use words to think.

One example comes to mind, back in the day people used to use the word "Exploited" to talk about workers being drained of their life force. When you say exploited you assume that there is an exploiter, that someone is guilty of that worker's shitty life.

Now we mostly say the "Disenfranchised" or "Disadvantaged" which takes the "Exploiter" out of the equation entirely and put the workers plight mostly on the back of bad luck than anything else.

Words are very important.

[madgar]

"It's just a word which makes it stand out as a product"

So you think calling a product "nigger" is a good idea? It's just a word and it would certainly stand out.

(Before responding directly to my comment, please consider that I'm criticizing your logic, and don't actually want anyone to create a product with a hateful name)

[jameskegel]

That is a needlessly crass example. I get your point, but that's not the best way you could have made it.

[madgar]

I disagree. If someone has deactivated their own humanity enough to say "It's just a word" then they probably need a shocking reminder of the power of words. Making an abstract argument about words won't move the needle for a wet robot.

[Esau]

I disagree. Associating cryptography to a criminal term is not wise.

[imron]

Exactly. How many future whistleblowers would consider using a tool named 'felony'.

I'm guessing exactly zero.

[rimantas]

It is also bad PR. And encryption now needs more good PR than ever.

[conorpp]

Have you heard of or used signal?

https://whispersystems.org/

Same idea -- strong crypto that's usable for anyone. It uses the OTR Ratchet protocol which uses perfect forward secrecy. The app also provides a way to verify keys through an OOB channel.

I would recommend considering OTR Ratchet integration just like WhatsApp did recently.

PGP is not a good design choice for a messaging app as you're always using asymmetric crypto operations which are computationally intense -- not terrible on modern computers but will be dreadful on mobile devices. Also can you provide some more documentation on how the app leverages PGP? Hopefully conversation is not using the same private keys to encrypt. That is vulnerable to data or side channel leakage. The modern approach is to generate and exchange an ephemeral key. Also please provide information on key storage.

Rather than making vague security claims like "first-rate" and " Security++ to the greatest extreme" you should rather provide a threat model and explain why one can remain confidential and have authenticity against particular types of adversaries. No security tool is perfect and it's only a matter of time before an adversary breaks it. Developers are doing a disservice by claiming anything more.

Before you can claim a first-rate security tool you will need to face a lot of scrutiny first.

[iancarroll]

PGP is a great choice when you want to be able to send encrypted messages over any channel you want. It sounds like you do not understand how PGP works -- you exchange public keys over a trusted medium and then use public key cryptography to encrypt the AES key used to encrypt the rest of the message.

The OpenPGP library it uses has been audited (twice). Most of the mistakes that could have be made are avoided this way.

Edit: Yes, you lose PFS by using PGP, but it would not really be possible to negotiate PFS via, say, email.

[cyphar]

> PGP is a great choice when you want to be able to send encrypted messages over any channel you want.

That has nothing to do with PGP. You could do the same by base64-ing an OTR session (in fact, people do that all the time).

I don't like the choice of PGP because it has non-repudability. If you send me a message, I can prove to anyone in the world that you sent me the message. OTR and Axolotl don't have this problem (only I can be sure you sent me the message and I cannot prove that I didn't fake it to anyone else).

[fabiom]

> If you send me a message, I can prove to anyone in the world that you sent me the message.

Only if you sign the message, right? But you can use PGP to send encrypted messages without signing them.

[cyphar]

And then if the message is corrupted you have know way of knowing. Not to mention that essentially nobody uses those modes.

Axolotl and OTR provide signatures, just that they are "non-transferrable" (so to speak). Not to mention that the actual crypto is more modern.

[e12e]

> That has nothing to do with PGP. You could do the same by base64-ing an OTR session (in fact, people do that all the time).

But PGP also works for printing stuff on a post-card (or you know, email) - asynchronous communication. While Axolotl does push OTR-like modes towards asynchronous use - they do involve a lot more than getting hold of a public key (say, one published in a magazine, or shown in a frame of a movie, or...).

There's been an argument since the early crypto-wars about whether gpg/pgp could (should) be made easier to use. And I absolutely think it could (and should).

Key distribution is still hard, but it's not helped by a silly cli app, and no great recommendations on how to manage trust (I suppose the gist is: get a hw token for your key, print a backup and store a revocation order in a safe, sign keys you trust and upload them to the keyservers. But even if that list seems easy, users are left with questions like: which hw tokens should I use? When I lose it, "re-trusting" keys? How big a problem is it that I've just exported meta-data about who I communicate with? Which clients easily integrates with my hw token so that I can use gpg on my smart phones, my laptop and my desktop? What if my phone lacks NFC? Can't use USB host? And last, but certainly not least -- why isn't there a fork of gpg2 that does "the right thing(tm)" out of the box -- and make this "best of breed" flow easy, rather than making all kinds of sub-key shenanigans equally cryptic?)

[cyphar]

If you don't need PFS (which you should need) then you can use DH to create the shared key you use for the HMAC. Maybe you could even do an original OTR-like ratchet scheme (only change the key once the recipient shows that they are using the new key) to get PFS. But in principle if you assume that key distribution is "solved" then you can implement the unique parts of OTR.

[e12e]

I'm not sure, you're saying the format and message standards of PGP of providing machine-readable signed keys aren't worth anything, because you can just memorize some base64 coded secrets and run with it?

That's how you'd prefer to bootstrap secure communication with a journalist, or for recruiting people to demonstrate against the current regime in Egypt?

> But in principle if you assume that key distribution is "solved" then you can implement the unique parts of OTR.

How can it make sense to think of it as solved? How do you backup your keys? Your list of trusted keys? Protect them against theft? Alert others to their compromise? Get alerted when keys are compromised?

Key distribution really is the only really interesting problem in secure, trusted, communication (with secure one time pads, most problems go away. The trick is to make sure you have secure one time pads, shared only with the person(s) you want to communicate with...).

Public key encryption opens up some new ways to make the problem easier, but it's just one step in the right direction.

[conorpp]

Yes you're right.

It's hard to say that most mistakes are avoided from two audits. Especially in a browser; there's a lot of attack vectors.

[btreecat]

>you exchange public keys over a trusted medium and then use public key cryptography to encrypt the AES key used to encrypt the rest of the message.

What do you consider a "trusted medium?"

[SNvD7vEJ]

Please change the name of the app. I'm Swedish, and to me the name sounds really repelling.

Maybe someone could fork the application and rename it to something cool that I can use?

[mathiasrw]

What do you think the app should be named?

[SNvD7vEJ]

How about "PGPal"?

[krisdol]

You seriously can't do this yourself? Clone the repo and change the name using find-and-replace and run install. No need to insult.

[unimpressive]

That won't mitigate the PR damage involved. A fork would need to actually just plain outcompete the original app.

[SNvD7vEJ]

Sorry, did not mean to insult. Just stating how I interpreted the name.

There seems to be a number of forks already (currently 12).

[iso-8859-1]

Many people will fork just to keep a backup.

[icebraining]

Hi! The app looks great. Can you speak a bit more about the interaction? How would two people who just downloaded Felony send an encrypted message to each other?

[henryboldi]

Here's how it works...

1. Add public keys to your buddies list— A public key is like a username - Adding someone’s public key to your buddies list lets you send them messages. You can find other public keys on markets like keybase.io and darknet.

2. Encrypt a message— Select a recipient from your buddies list and compose a message. Only your chosen recipient(s) can read the message. Encrypted messages might contain sensitive information, such as an address, document, or anything intended to be read only by intended recipients.

3. Send the encrypted message anywhere— You can send the encrypted message on any website! For example, facebook messenger, twitter direct message, or youtube. Felony is security when and where you want it.

[cyphar]

1. Why did you choose PGP, when we have OTR and Axolotl -- which are specifically designed for informal communication where repudiation (recipient Y not being able to prove to others that X sent the original message) matters.

2. How are the public keys securely distributed? You say that "a public key is like a username", but without a central authority you hit a lot of issues (essentially the CAP tradeoff, but for user IDs). And with a central authority, you have no trustworthiness. Or are the users just meant to find public keys themselves (in which case you're back to the current state of affairs).

3. The name choice is stupid. Why on earth would anyone sane in this political climate call an encryption program "Felony"?

[brightball]

As for #3 I would think that it makes fun of the idea that encryption is somehow a crime. That's how I read it at least.

[cyphar]

I get the joke, it's just not funny. And literally nobody outside of our community would get the joke.

[yoklov]

You dropped out of high school your freshman year? i mean you seem smart enough to get by but uh, wow.

(fwiw i say this as a college dropout who doesnt regret it at all)

[superobserver]

Schools are a way for parents to send their kids to a reliable daycare service. At a certain level, some don't really learn anything there. I did as much as I did (college) to pass among the clueless as normal but wish I had more opportunities to avoid it altogether.

I recall even Snowden dropped out of high school.

[elliottcarlson]

I dropped out after my sophomore year - I had recently moved to the States from Europe, and school was teaching things that I had learned already been taught a few years prior to that. I was completely bored and decided I was done with school. Getting my GED was really easy, and from there I have had a great career - while it may have hurt me in the beginning, I now have 20 years of relevant work experience behind me, it's generally not a concern to myself or any of my past employers - and if I were to interview somewhere that took issue with it, it's probably not somewhere I would want to work.

[746F7475]

Why are all dropouts who "made it" making such a big deal out of it.

[henryboldi]

after sophomore year. yay dropouts!

[menzoic]

dropouts ftw!

[henryboldi]

yee!

[brightball]

Really love the name on a lot of levels. Do y'all get a laugh every time you do a git commit?

[henryboldi]

.... maybe )))

[DyslexicAtheist]

Is it geared to mobile devices? The screenshot looks very much like one from a mobile. I wouldn't trust my phones underlying security architecture enough to store a PGP private key on the device.

PS: I love the name. You did a good job with it creating a buzz. It made me laugh and curious enough to take a look. Maybe pointing out on your site that "privacy is a human right" and the name should remind us of that rather than succumbing to peer-pressure, in the hope of not offending the 0.01% of your non-tech savvy users.

[datashovel]

So many comments about the name. All of a sudden I have a strange urge to see the next big open source project name themselves fjoi43isoitoei. Because names of technology projects only have as much importance as the reader attributes to them. If you can't see beyond that, and if your primary focus is what others might think of you because of what you named your project, I don't know what to say to you.

[Mithaldu]

Will this thing ever use less than 130MB of RAM? If so, how do you plan to do that?

[everfree]

Just curious: Are you running on a Raspberry Pi or other machine with constrained resources? 130MB is less than 4% of the memory in most modern computers, and less than 10% of most mid-range phones.

[Mithaldu]

Just to be nice i'll assume you ask earnestly and answer earnestly: I have 16 GB of RAM. However i also always have more than one app running at any given time. In fact, my system usually has 200+ things running. I also don't mind if things use a lot of memory if: They either use it to give me a lot of bang for my buck, or are not long-running processes. Felony ticks neither of these boxes.

Also do keep in mind that the 130MB number is right after start without even logging in or using it at all. Due to memory usage by actual feature usage, and creep due to leaks, i can expect that number to easily double and more.

[JimmyAustin]

I'm not sure that the doubling guess is going to be accurate. The majority of that 130MB is going to be in the overhead of keeping a seperate copy of Chromium in memory, not in the implementation of current features.

[LnxPrgr3]

My experience with Web browsers is they expand to fill all available memory and then some. This Firefox process has grown more than 50% since launch, and will stay mostly that big even if I close all but one new tab.

Chrome does a better job of containing the damage to individual tabs, but I'm not how much that really helps with something like this. And of course, eventually I still end up killing Chrome periodically to get RAM back for real work, like running VMs without the host thrashing.

[everfree]

I didn't realize Felony was a long-running process. I thought you just open it when you want to process some messages, then close it when you're done.

[LnxPrgr3]

Not the parent, but that stuff adds up when just about everything's written as if it owns the machine and the machine's guaranteed to be blatant overkill.

Disclaimer: it's not my only machine, but I'm posting from a Pi 3. 1GB RAM is roomy for most things that aren't Web browsers and apps that embed Web browsers.

[asimjalis]

Nice. How do you encrypt something? I see Add Key, Verify, Sign, Decrypt as options. I don’t see Encrypt.

[asimjalis]

Ok. I get it. You need to add someone else’s key before you can encrypt. It would be nice if I could encrypt messages to myself.

[givinguflac]

Might I suggest "FreedomKeyper" as an alternate name? Great project!

[746F7475]

Did you really have a passion for politics at age 12? This coupled with "I had no trouble using command-line encryption to communicate." makes this read like a farce. First you act like ultimate prodigy that peaked at tender age of 12 and then go boast with mad skills of running a cli command.