Disclaimer: This project is still in heavy development so without it getting professional security audit i wouldn’t recommend using it for sensitive stuff.
Amnezichat has been updated and better than ever! I am the only person working on this project so please be kind with your criticism lol.
Source code: https://nemesiscloud.ddns.net/umutcamliyurt/Amnezichat
I agree this project should have a security audit but for that i need money (community support). I can start OpenCollective for it maybe??
Well a professional security audit would be at the top of the requirements for an established product that has a userbase and some kind of funding, but as a solo developer the least you can do before releasing your software to the world is to have at least one other person who has some experience in security look it over - that’s what I was asking.
If you can tell people that your software is secure and “anti-forensic” (!) then you must be pretty confident in your understanding of security systems to release that without even a single code review by a peer.
I mean this project is still in heavy development so without it getting professional security audit i wouldn’t recommend using it for sensitive stuff. I posted this here for community support and more people seeing the code.
You need to put yourself in the shoes of a non-technical person who doesn’t know how to evaluate the relative security of all the tools that are out there available to them. If you are posting your pre-alpha untested software with a title like “Anti-forensic and secure messenger” then there are many people who will read that and think that it’s on an equal footing as the other tools they have heard of. The vast majority of people are not software engineers, and even fewer are cryptographers.
You’ve got to lead with this.
Alright i updated description of the post, thanks