This is a thread created by a programmer for programmers to interact in support of QResearch. Great place to perform live Q&A chat.
Allowed file types:jpg, jpeg, gif, png, webm, mp4, pdf
Max filesize is 16 MB.
Max image dimensions are 15000 x 15000.
You may upload 5 per post.
TW, you there?
WT, here. TW said:
>It's a searchable offline archive of posts and tweets, easy to seed with multiple collections. Shows time deltas. Qclock filter function. Caching proxy for images, rewrites URLs to fetch from archives when original picture is not available.
>I run it locally. I have no idea what the best packaging/distribution approach is, thoughts are welcome.
>Multiple levels of trust needed to share, run. Doing this safely for everybody is my main concern. Not everybody can inspect the code at every release, or would be willing to install/run on their machine.
Wow. Sounds involved. Let's get some basic info outta the way and maybe I can give you things to considerโฆ
First off, what platform(s) are you targeting?
Second, please tell me it's going to be free to the masses.
Windows? Android? Apple? Any browser?
Windows Desktop?
Third, what's the dev platform?
I know alot about deployment on Windows (all flavors), Android and a little about Apple (if developing on Windows). Other stuff you'll have to leave a post here and wait to hear something.
What's the front-end written in? GUI or cmd line UI?
Wow. Good questions. Hang onโฆ
So you have a very unique problem, my man. I don't think I've ever been involved in a deployment that was anonymous. It may sound ridiculous but perhaps you need to think like a hacker in that you deploy an install program via torrent and include a pre-auth "safe certificate" from an anti-virus company.
Anti-virus companies will issue you (for a small fee) a certificate. Users go to the AV website, enter the KeyCode from your certificate and are told if its safe or not.
Oooh. Bad actors. Hmmm. That's going to have to be approached from a checksum/md5 point of view. MD5 is your friend for Linux dists.
This certificate I'm talking about is not the same as a CA. It's for verifying that you app is not malware.
As for MD5, be sure you have finished all MD5 computations before dropping the 5 to 8 bucks for the AV cert.
If you stick with MD5 and give appropriate warnings to ensure MD5's match before use, you should be at minimal risk.
A malicious actor could do a man-in-the-middle attack on your database is he knows a specific person is using it. I dunno. The variables on attack vectors expand exponentially there.
I don't want to mislead youโI'm stretching my knowledge here since I'm primarily a Windows/Android Dev. Sorry I couldn't be of more help.
I'm saying get a reputable company to certify your app as legit (not malware) since you'd be anonymously distributing it as a torrent.
Then, using MD5 can tell the end user that not a single byte has been altered in the current deployment. MD% is more than adequate for that small task.
Gotta head to work. Hope I helped somewhat. Shadilay!
Great post.
Can we get the newest userjs posted here? At least the one with the PostCount.
Perfect. Thanks, anon.
Is this still the latest toastmaster?
bump
Anyone?