Skip directly to content

Introducing Privly Applications

on Thu, 10/10/2013 - 19:37

Privly is built to ship web applications with beneficial security and privacy functionality for use on any website. Meaning, you can implement everything that can be built on HTML5 inside Privly's more privacy-aware world. For instance, when your browser encounters a Privly link inside gmail, it will "inject" one of the following applications so you can view the content in-place:

PlainPosts: The PlainPost application is only provided so developers can start with the most basic application possible. All content for the app is stored in cleartext (unencrypted). We are testing the app with users because self-hosted servers may want to store their content in cleartext.

ZeroBins: ZeroBins are a port of Sebsauvage's ZeroBin application with several modifications built to run on Privly. ZeroBins place a decryption key onto the hash text of a URL before sending the ciphertext to a remote server for storage. By separating the content and the key in this manner, it is unlikely that the remote server will be able to decrypt the content. The central motivation for incorporating ZeroBin into Privly is to allow users to read content regardless of whether they have the extension installed.

Index: The index application is a listing of all the user's content currently stored on their server. The simplistic nature of this application belies the potential of the application, whose future versions will include a raft of tools to backup and cache remote content, as well as provide tools for detecting provider censorship and equivocation.


These apps can be found in the experimental branch of the Privly-Applications repository. Both of them have only reached a proof-of-concept phase, from which more robust apps may be built.

ZeroVis: The ZeroVis application supports the visualization of data using D3.js. Data is decrypted by the application in the browser in the same manner as the ZeroBin app. Below is a screen capture demonstrating the visualization of social graph data that has been decrypted and displayed within the context of Gmail.

Social network visualization decrypted and displayed from within Gmail

IndieData: The IndieData application is the start of a personal semantic datastore, whose purpose is to act as a repository of private data that may be used to make web applications more robust, while maintaing the privacy of the data. It currently supports the importation of LinkedIn contact data, which can then be queried when sending emails using webmail clients

In Planning

Privly contributors are in the early stages of development for these apps. If you are interested in contributing to their development, or any development for that matter, we recommend that you drop into Privly's IRC channel or development mailing list.

PGP: PGP is a classical encryption standard that is sometimes used for email. This will be the first application built on Privly to use public key cryptography, which means it is working out how it will handle private keys.

OTR: Off-the-Record (OTR) is an encrypted realtime chat standard that sports very strong cryptographic foundations. A Privly contributor is currently examining the steps required for embedding the CryptoCat application inside a Privly application.

For more information on Privly Applications, you should read the wiki.