sch0ll

Secretary - A secure place for shared infos

I was working hard the last month to get out a first alpha version of my new sideproject: Secretary. Secretary was born out of a problem: handling credentials and sensitive data inside a group (at least two people). I was just tired of sending passwords by mail, I always felt bad with it. But I had no other solution in mind, that would offer a better and secure way of doing this.

Trying to set up a company for more then one person means running in problems, you never thought of before. Sharing business processes with other people means getting really fast into the situation, that a sensitive information is needed by more then one person. For example: the Online Banking Password for your company account. If you only get one, there is no other solution, then sharing this information. Next example could be servers you rent. Or the password for the Facebook company account. And every day you try your get your business up running, you will end up into getting more and more accounts, passwords and sensitive informations,  that need to be used by different people inside your company. 

There are tools out there to do your personal password management: 1Password for example. And there are plenty of tools for organizing your business workflow: ProjectManagement tools, Wikis, Blogs, "Cloud Apps", Dropbox, etc pp. Perhaps they encrypt your data, but in most cases you don't know. You only know, that your data is lying around in the cloud. And could be saved in plaintext, without any encryption. If someone would get into your project management database, how big is the chance, he will find the credentials for the staging or live system?

So, thinking about this problem, I definitly was sure about having to use encryption for all of this stuff. I knew about SMIME and PGP  already, for getting mails/content encrypted. And while using both I had so many issues, problems produced by technic (having different SMIME certs for one person makes it def really tricky to send a encrypted mail, you don't know, which key is choosen and the recipient having the "new" cert only will not be able to decrypt it) or by humans (I tried several times to explain PGP and Mail signing/encryption to my brother - I failed hard!). At least I cannot imagine having every customer of me to create and use a PGP key. So this is not a solution, that works for me. 

Encrpyted Diskimages inside of Dropbox sounds like a pervert but good idea. But it just doesn't work. Try creating a 10MB encrypted DiscImage and put it into your Dropbox. And then have two people playing with it. You only need to know, that the process of opening the DiscImage is enough to change one bit inside of the 10MB chunk. So your 10MBs will be synced again and again and beautiful sync conflict files will be created inside the image, again and again. Play around for 10 minutes and you will have a minimum of 50MB disc image with many sync conflict files. So, no solution. An OS X keychain file inside Dropbox? Not bad, that could work, at least for Mac users. But there is no Windows solution for that. And handling this stuff with many different customers? Sounds like a crazy project.

Round up: there was nothing out there I knew, that cares about this problem and seems to be usable by a normal customer (or my brother, father, friends). Seems like everybody is using FAX (or Evernote?). This was the point, where my brain started to get rolling… there must be a solution for this… 

@roidrage and @janl making jokes about Evernote and shared credentials 

(https://twitter.com/roidrage/status/308240693107757056)

I discussed this with my partner and he had no idea, too, how to handle this stuff. His comment was short and a little bit frustrated: "You don't want to have any passwords and you don't want to deal with any password at all". I was arguing against that with remembering him about server passwords for all the hosting we plan to do. "So, we should use keys!". And yes, with servers you could get everything automated, so now password is needed at all. But there are other credentials like Domain Administration Tool, Webmail Management, etc pp…

But he was leading me into the right direction (thanks @lenada): You want to have key. Like for your door. You want a key, that enables you to open all the needed doors. And of course no one else then your secretary will be able to remember, which person has access to which room. So what we need, is a "digital secretary", that we can trust in and delegate the management of permissions to it. And the only thing we would have, is a key, that enables us, to decrypt all the encrypted stuff. That is all, what we need.

Secretary

And out of this idea: https://github.com/wesrc/secretary was born.

  • Secretary is open source, MIT license, so you don't have to trust, you can watch every single process in code, that is working behind the scene. 
  • Secretary is written in PHP and uses its OpenSSL extension for encryption
  • Secretary will generate a key for you (you will need a passphrase for it, too) and encrypt all the "notes" with the public part (the private part is not saved on the server and will be saved by yourself to decrypt notes).
  • Secretary offers Group Management for sharing infos with other persons, you want to be able to encrypt it.
  • Secretary offers you to remove a person from a note/group (agile teams with a high fluctuation of workers will need that, of course!)
  • Secretary needs a SSL cert to run with!
  • Secretary offers i18n (german/english right now)
  • Secretary is a proof of concept. It works in sense of, yeah, it works.
  • Secretary needs people with security background to verify this process (I'm an absolute beginner at this point)
  • Secretary runs in the browser, the private key does no stay there at any point. But it needs to be transfered. And its need to be transfered again and again and again…

So, it would be nice to get some feedback for this. There are many features, that could be useful to be integrated into Secretary. Imagine Tag filters, Writer Permission for other note members, registration by invitation only, enabling upload of your own public key reference, Pagination for list view, … it would be possible to build an API inside Secretary, that could be used by other apps to fetch secure informations. There is a huge list of things that could be useful and interesting. But I would really like to have more people than me playing around with it and reading the code first. That would help myself to keep engaged in this project! 

[Related: http://www.sch0ll.de/blog/article/talk-app-development-with-zf2-a-real-world-problem-example-at-bephpug]

Sidenote: Wesrc

Secretary is the first "release" of my new company I run with Leander Damme now, Wesrc. The last three month were full of todos and issues we ran while founding the company. And I was really busy getting all this stuff done. We're not final at all, we're more at alpha state. But think about Secretary to be a good example, of what Wesrc is all about. We hope you will like the output Wesrc will generate and we are sure, that a company like Wesrc behind a project like Secretary is not that bad. So yes, it will be possible to get professional support for Secretary. Or we could integrate a special feature you really need (authentication adapters for example). Feel free to contact us!

 

so long

Michael

Created on 06.03.2013 at 01:17:23 h

 

« Back to articles overview

blog comments powered by Disqus