Hacker News new | ask | show | jobs
by dkopi 3533 days ago
The weakest link I can identify here is MITM attacks when you're sending the link.

Imagine:

  Alice generates a link. 
  Sends the link to Bob over an unencrypted/unauthenticated link.
  Mallory intercepts the link. Generates his own link and send that link to bob.
  Bob enters the confidential information on Mallory's link.
  Mallory sees the confidential information, and then sends it to Alice's original link.
The only way to prevent this type of attack is sending the link over a secure channel. But if you already have a secure channel - what's the use case?
4 comments
cardigan 3533 days ago
The channel does not need to be secure, only authenticated. So e.g, you could send them a Slack message then have them call you to confirm you just sent that link and not someone who hacked your Slack account.

It's fine to have someone snoop and see the link, as long as they can't change the link in transit.

link
rhaps0dy 3533 days ago
>But if you already have a secure channel - what's the use case?

You can use Whatsapp, or some other E2E-encrypted service that is easy to use, and then transmit the sensitive data over encrypted email, which is more convenient for long-form text.

link
dkopi 3533 days ago
Personally, I find the Whatsapp web version pretty convenient for long-form text
link
jsingleton 3533 days ago
For text yes, but not so much for sending attachments like documents or other arbitrary files.
link
dethos 3533 days ago
You are right on this one. The only protection against this situation implemented (right now), is that the email address to where it will be sent and the fingerprint of the key that will be used to encrypt, are shown to the user of the link so he is able to verify it. This way mallory's email address will show up on the page and the user can see he is not be sending to the right person.

This might not be enough for the app use cases, but we are working on more solutions so the user can be sure that it is going to the right person.

Regarding the last statement, lets assume the "secure" channel they have is chat app, like slack, for example, it will store the content indefinitely and will be there in clear text, not only slack can see it but if a smartphone/computer is lost,stolen or accessed by someone else they will be able to see all history and content sent through it.

link
j2kun 3533 days ago
You can publicly provide the link to the box, e.g., on a Twitter account using keybase for authenticity.
link