Skip to content

rmoorman/qotr

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

152 Commits

app

app

 
 

config

config

 
 

public

public

 
 

qotr

qotr

 
 

tests

tests

 
 

vendor

vendor

 
 

.bowerrc

.bowerrc

 
 

.editorconfig

.editorconfig

 
 

.ember-cli

.ember-cli

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

.jshintrc

.jshintrc

 
 

.travis.yml

.travis.yml

 
 

.watchmanconfig

.watchmanconfig

 
 

FLOW.rst

FLOW.rst

 
 

LICENSE.txt

LICENSE.txt

 
 

Procfile

Procfile

 
 

README.rst

README.rst

 
 

bower.json

bower.json

 
 

ember-cli-build.js

ember-cli-build.js

 
 

package.json

package.json

 
 

requirements.txt

requirements.txt

 
 

runtime.txt

runtime.txt

 
 

testem.json

testem.json

 
 

Repository files navigation

QOTR

Go off-the record, quickly.

image

image

About

QOTR is a application through which you can quickly spawn a encrypted chat with your friends. The messages are encrypted before they leave your browser. The QOTR servers cannot understand what is being said.

For chats 256 bit AES-CBC encryption is used. The key generation happens in the browser. To keep it easy to share a chat room, the password is provided as a location hash. Browsers do not send a location hash to the server.

Try it out at the demo server.

QOTR is a alpha quality software, not vetted by cryptography experts. Please use it carefully. Avoid sending sensitive data over this.

Based on various comments on public forums, I realize that the name `QOTR` is confusing. This project doesn't actually implement the OTR protocol. If this is too big of a concern, I'll try to come up with a better name. Suggestions are welcome.

How it works

A fairly detailed description of how the encryption works is available here.

Why?

Using OTR with current common chat clients is difficult. It cannot be trivially done over common platforms. All encrypted chat services require you to install a new client or a plugin. This may be a turn-off for a friend who isn't concerned about privacy and encryption. QOTR's goal is to make it convenient (as simple as opening a URL) for them to use.

Development

QOTR is a combination of a server and a browser based client. Both of them need to be built separately.

QOTR Server

The server is based on tornado web framework. As of now, the channels are stored in memory, hence QOTR can only have a single server for a endpoint.

Running/Development

To launch a development server:

Tests

Run tests via:

QOTR Client (Ember.js)

Prerequisites

You will need the following things properly installed on your computer:

Installation

Running / Development

Visit your app at [http://localhost:4200](http://localhost:4200). The QOTR development server should be running locally.

Running Tests

There are some tests in the frontend, but the coverage is not good. This is partially due to difficulty in testing a few things and partially my inexperience with ember-cli based testing.

The tests require you to have a development QOTR server running locally.

Execute the tests:

Building

Hosting

QOTR hosting has been tested on heroku (free SSL!). Add the git remote provided in your heroku application to your local clone:

It requires multiple build packs. First, the ember application needs to be built and then the sever requires a python based buildpack to run tornado. To enable those, run:

Set the QOTR environment variable:

Deploy:

Bugs

Probably lots. Please send us reports on the Github issue tracker. Patches are welcome too.

About

Go off-the record, quickly.

qotr.herokuapp.com/

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • Python 43.4%
  • JavaScript 37.2%
  • Handlebars 12.0%
  • CSS 3.6%
  • HTML 2.6%
  • Shell 1.2%