Bonchat - client-side encrypted web chat for the truly paranoid

This is insecure. It is using Unix time as a nonce for CTR mode: <a href="https://bonchat.org/js/aes.js" rel="nofollow">https://bonchat.org/js/aes.js</a><p>Clients may send messages encrypted with the same keys and overlapping counters. This could allow the server to recover information on the message contents.<p>There's also no authentication on the encrypted messages. A corrupt server can alter messages sent to a valid client without detection. This is trivial to do in counter mode.<p>Also, as people have already mentioned, if the server is compromised, then the Javascript is compromised.

<i>No, it's not as secure as your browser and AES.</i> It's exactly as secure as Bonchat's servers and application code, because your browser is going to trust any Javascript fed to it from Bonchat.org, whether or not that code subtly destroys the security of the AES encryptor.<p>Why even bother with JS AES? If you're served a court order, you can be forced to transparently record everything being said on the site anyways, without anyone being the wiser.

For any HN crypto nerds: I made a little web chat that even the server can't read.<p>Besides boring old SSL, bonchat.org uses a javascript implementation of AES to encrypt chat client-to-client. There are no cookies, no sessions, and no account registration. You never even send your password or plaintext username to the server.<p>If you chat with someone who knows the same password, you get a simple HTML/Markdown web chat. If you chat with someone using a different password you get gibberish. That's it. :)<p>It has a number of glaring flaws and no marketability, but by golly it's secure!

A couple folks have kindly pointed out that it's wide open to to XSS attacks, since it allows full HTML posting.<p>This is 100% true ... and doesn't matter one bit. The only information to steal via XSS is the password, and anyone who can submit an attack necessarily already knows the password.<p>You can exploit this to annoy friends you're chatting with. Try, for example, submitting:<p>&#60;style&#62;body { background: #cc3333; } a { color: #cc3333 }&#60;/style&#62;

I'm having troubles with it in Firefox on two different Ubuntu machines. The page is all red, and the javascript source code is showing up <i>inside</i> the web page.<p>Then I tested it in the Epiphany web browser. It worked fine on one Ubuntu machine, showing up all nice and blue. But on the other Ubuntu machine I got the red page with the javascript source code showing up, just like Firefox.

<a href="https://bonchat.org/cb9d007ac6e12605" rel="nofollow">https://bonchat.org/cb9d007ac6e12605</a> pass: hacker news

Cute, but unless you have some way to verify the client code every time you use it, it's only a bit more secure than a regular web chat site over HTTPS.

It seems broken for me; if I go to the url, bonchat treats it like a new chat each time, prompting for a password and my name.

you can insert html/javascript anwhere try sticking code in your username.