Nanogram is made for the privacy conscious enthusiast who wants total control of their data. Create a small scale private social media platform for family and friends.
The onion service and web server are hosted directly on your phone via termux.
User access can be granted by generating a magic invite link in the server manger. These are one time use links that allow registration to the service.
Application Demo here
Install Demo here
Source code here
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 108 users / day
- 435 users / week
- 1.32K users / month
- 4.54K users / 6 months
- 1 subscriber
- 4.39K Posts
- 111K Comments
- Modlog
Install and application demo links are now dead. Dm if you want help installing!
Pretty cool demonstration on how streamlined a social network can be. It doesn’t look like much, but then again, it’s not a lot of code and simple enough to have a small attack surface.
I can see this being a good candidate for teaching people how social networks work. I don’t think I’d use it with a friend group when other applications exist (see: network effect) but imagine the whole internet is down and you find a mirror of the python libraries used in the rubble.
Could be used off-grid, for groups of informants to a journalist or in disaster scenarios aswell. Looking forward to a proper release :)
There is also Chitchatter, an encrypted P2P communication platform, ephimere, no account, similar Otr
Also SimpleX although your server probably needs to run in Linux not Android.
P2P don’t need really an server or selfhosting, content’s are pointing direct to the user devices. The drawback is that your device must be online when the receptor want to retrieve the content. There is nothing which store the content in between. The advantage, more privacy impossible, out of the reach of any third parties, not even the ISP.
There is also something similar, like eg. Croc, which allows even the transfer of any content this way, full encrypted like the others, same as the others is download and use it.
P2P is always the safest form to communicate and share content, as it was since the beginning with the paleolytic finger command from 1971, which still can be used for text transfer (most Linux, Unix like Mac and Windows)
Eg, write in your command line
finger zerush@happynetbox.comSee https://happynetbox.com/
Finger is a security risk.
Naturally, because it isn’t encrypted, not so good for sharing sensible information, that is the only risk. Despite that you see my message in your console, it isn’t possible for me to access through this to your PC, nor that you can access to my data with it, apart of the sended text, which can see anybody with the finger link. But it’s a curiosity and the ancestor of the P2P, nice to prank your friends and for fans of vintage computing, because it’s way older as the internet we know. Apart it’s so old, that it isn’t anymore in the focus of govs and hackers, it’s like sending messages with Morse or with an FAX.
The server runs on a phone and not a computer? Why?
It probably can run on a standalone machine but this was made and tested specifically to run off Android to be more accessible. I may not always have a computer with me but I probably am carrying my phone.
So far in testing I am getting stable results even hosting on a cellular connection.
Resistance to power outage? Ins’t a phone just a server without a keyboard and with an integrated UPS? /s
How much procesing could it handle though? If it is only a handful of friends then what makes it better than Signal?
Also, cheap second hand laptops are a thing.
I want to believe but I wonder if there is a practical use beyond “this would be cool” (and I do think it is).
I don’t actually know the project but I think your mindset here is (and correct me if I’m wrong) “Does it scale?” whereas the mindset of this project, based on the name itself and the “small scale” in the description, is “no, it does not scale and that’s A-OK”.
The server backbone gunicorn is set with 2 workers and 8 threads ( this can be modified to more or less )
But it should handle around 15 - 20 simultaneous connections smoothly. Now, if everyone is uploading all at once would definitely make it sweat.
Once the server recieves the photo is compresses is down to 100-200kb so all retrievals are pretty light weight.
Pagination really lightens the load as well. By limiting it to 10 photos per page, the server only needs to send about 1.5 mb - 2.0mb to load in a whole page of photos.
You could also generate thumbnails with much smaller sizes and only load hi-res images on click. Did you consider using more JPEG or another algorithm?
Sorry for asking, but what are the chances this gets an IOS release?
This is only possible because of the sandbox of the termux app. Unfortunately iOS has no comparable alternative to termux so it will likely never happen.
In fact, it would even be pretty difficult to develop this into a standalone app on either platform with the way application review is. There is alot of unneeded fluff that would need to be added to be compliant with policies. A self hosted service like this goes against app store policies and google play policies in a few ways.
So while IOS users can easily access the application on a onion browser, they won’t be able to host their own instance.
Thanks for sharing and the clarifications. I do think both the philosophy behind this and the technological choices are right but it’s also true that “How many people?” can it handle is important for people who want to actually try and onboard others. It’s one thing to try alone but as long as we ask others to join, knowing what the limits are makes everybody more understanding.
Sounds good. I would love to get an activist group I run off Facebook. There are hundreds of members but traffic is less than what you describe.
The problem for me is that most of the members are technically illiterate so my next question is: how sophisticated do the clients need to be?
As far as literacy, all the client needs is a Tor browser and a invite link generated by the server operator.
For Android just use the official Tor browser
For Iphone, TOR recommends this app. https://onionbrowser.com/.
I would love to see how far I can push a single instance with hundreds of users but realistically I think this is probably best suited for a circle of close friends and family.
What does underground even mean in this context?…
It’s hosted as a onion service on the darknet.
I don’t really like the term darknet though…it’s really just a free accessable network stack.
I guess in this context it is underground because it’s a decentralized self hosted private service that doesn’t need anything but a internet connection. (And Tor)
Instead of darknet you could say “on tor” or “on the tor network”
Am I the only one who thinks the name is too close to mamogram?
I only know of mammogram.
You can name it what ever you want 😉
I was thinking Nastygram but I like where your head is. /s
This is SOO Cool!
This project is probs similar to a private and unfederated mastodon instance. I’m curious how a mature version would compare.
Why is the source code in privatebin?
Its an early release. Not quite ready to put it on a code repo.
This sentence shows me I shouldn’t trust what you upload yet. Usually software developers put everything on a repository which they can then clean up later if a history rewrite is needed.
It’s just as reviewable on the paste as it is on a code repo.
Its more private for me to share as a paste. I don’t really want to tie my lemmy account to my repo identity.
I didn’t question the reviewability of your code, but best practices regarding software development. I don’t mistrust the safety of your code, but the quality of its development process.
You can simply create another account with your Lemmy username to publish your code in a repository.
It’s fine if you have a local or private git repository and publish via pastebin, but you didn’t write that’s the case.
and why is the hashbang to a termux bash?
I wasn’t clear in the post I suppose but this was made to self host with no root on termux.