voluntarylabs / bitpost Goto Github PK
View Code? Open in Web Editor NEWOSX app for Bitmessage
License: MIT License
OSX app for Bitmessage
License: MIT License
Hey guys,
Is it possible to export/back-up my identities?
Expected:
After clicking on close button if left upper corner (X) program is still marked as running in dock and I can open it by clicking on it in dock
Actual
After clicking on close button if left upper corner (X) program is still marked as running in dock but I CAN NOT open it by clicking on it in dock. For opening it I need to quit from it (right click in dock => quit) and open again
Can be reproduced: 100%
Mac OS: 10.9.4
BM-2cUKCK3nsVeGTm7w9oWY9DfX3xmDfa4ttA
The default Bitpost download happens over plain HTTP, not HTTPS. This means that a man-in-the-middle attacker on the network could trivially alter the executable binary to be a virus, potentially breaking the privacy that bitmessage claims to have, or stealing bitcoins, as many users who use bitpost also use cryptocurrencies.
The checksum on the website doesn't help, as it can also be modified in transit easily.
I understand I have the alternative of downloading releases from GitHub using https, but this is not something the average user will do.
Let's move voluntary.net to HTTPS and provide a download link to HTTPS as well. Let's have the binary SHA1 digest on an HTTPS-hosted website also.
The website currently contains a SHA1 digest of the binary download. While specific collisions have not yet been found, there are strong indicators that this can be broken given the right amount of money. I understand that the threat model of bitmessage thwarts against powerful agencies and can protect people who are performing acts against malicious governments, that can be particularly powerful.
Under this threat model, the use of SHA1 should be sunset and we should be switching to SHA256 for these checksums.
Click on an address in a received message, you're automatically put in the "Contact" tab with the cursor on "Enter Name" in the right hand pane (that part is very clever, I like it). Enter a name and hit return. A check mark appears below the address. Nothing else happens, contact is not added.
Click Channels
Click +
A new channel appears "Enter channel label" but is not editable.
The only thing you can do is delete it.
It would be nice to have some sort of indicator about how far out of sync messages are.
https://voluntary.net.s3.amazonaws.com/Bitpost.0.8.3beta.zip
<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>NoSuchKey</Code><Message>The specified key does not exist.</Message><Key>Bitpost.0.8.3beta.zip</Key><RequestId>4B00AE4557759F55</RequestId><HostId>jOZ9MQfsIQSp/FEXP/hJAXPZkD3lus/PNeZuUTjjQntgTy8FNGWGp+wAn/RjH7Ei</HostId></Error>
Via a pinned key in the app.
If you need any help/advice with this please let me know.
Make sure to use this Sparkle: https://github.com/sparkle-project/Sparkle
Every time I start Bitpost I need to resize the window because it is too large.
Can you store the window dimensions after you close the application?
Sometimes Bitpost doesn't load and display a box with this title.
I have to restart it several time before it opens correctly.
What does it mean?
The current git tags used for releases are lightweight and not annotated. This is not suggested for release tags. Let's do the following:
The latter step is crucial if the PKI hierarchy for HTTPS is not expected to be trusted. The bitmessage threat model involves bad actors who can control the PKI hierarchy, and thus should not be relied upon for. While most users can rely on HTTPS for their downloads, users who require privacy against powerful actors will want to verify the GPG signatures on the binaries, so GPG-signing tags is important.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.