Pattr – State of Security

As of November 30, 2015, 5:00 PM, all chat rooms on Pattr are encrypted via an SSL certificate.

Our mission: Pattr believes in fostering an open web, with maximum security and privacy for its users. We do this buy building creative tools and platforms for users to engage in untracked conversations, providing intuitive design while never sacrificing usability.

As part of upholding our mission, we asked our users to donate in effort to afford an SSL certificate and they answered. We raised enough to afford the certificate, plus some which will aide in future efforts to support hosting and more features.

An SSL certificate prevents third-parties from “sniffing” data and intercepting it, storing it on their own servers. This makes the transition between our users and Pattr’s servers more secure and reliable.

At this point in time, messages do interact with Pattr’s servers, and we scan for input like /users, or /w, but we do not and never will store messages. You can see this for yourself in the source code.

In the near future, Pattr will feature password protection in rooms, which will allow messages to be encrypted on the client side. This means Pattr would be completely unable to scan input or store messages, even if we wanted to.

For more information on the state of security on Pattr, email justin@pattr.me.

-The Pattr Team

 

 

Advertisements
Pattr – State of Security

My transition from Python to JavaScript

Recently, I’ve been very Python focused, from writing automated tests in Python for Mozilla, to writing web applications like Terml.io and Pattr using Flask, a Python web development framework. It’s safe to say I’m no stranger to Python or its development kits. In fact, there’s a plethora of projects I’d like to get started on that would be simple for me to do in Python.

However, I began to think about my skill set as a whole, examining the projects I’ve worked on and the projects that I would like to work on. With various internships opening and opportunities arising around me, I’ve begun to think its time to branch out and strengthen my JavaScript skills. Now, I’m proficient in JavaScript, don’t get me wrong. I’m confident in my abilities to pass a technical interview and do some cool stuff with it, but I’m nowhere near the level I am in Python.

Continue reading “My transition from Python to JavaScript”

My transition from Python to JavaScript

Introducing Pattr 1.0, Truly Instant Private Messaging

In partnership with Alex Meza, he and I are launching a web application, Pattr, a disposable chat room service intent on privacy and security. It’s easy to start a chat, and we never store messages on our servers.

Continue reading “Introducing Pattr 1.0, Truly Instant Private Messaging”

Introducing Pattr 1.0, Truly Instant Private Messaging

Terml.io is now open source!

It is with much pleasure that I announce the release of Terml.io today as now an open source tool that will help students not only study definitions, but now expose them to real-life industry standard code.

Open sourcing Terml.io has always been something I wanted to do, however with the payment system and premium feature integration, I opted to keep it closed to encourage use of our own platform. From this point onward, I will be taking mostly a hands-off approach. My colleague, Jeffrey Wang, will be in control of all aspects from this point onward, and I will be a contributor should I decide to make updates.

At this point in time, Terml.io is stable, with a clean design and good functionality. There is no better circumstance to step back from this project, although I hope it continues to grow from here. Thanks again, to all who supported the product since its beginning. Keep rocking.

You may view the new GitHub repository here.

Terml.io is now open source!

We should be rewarding students for experimenting with tech, not punishing them.

Just over an hour ago, a student at my school was given in-school suspension (ISS) for finding an opportunity in the code on his school-issued laptop to enable administrator privileges. Now I know this student personally. He’s a good friend, and I know his intentions behind what he was doing, and why he chooses to pursue technology. It’s his passion, and he was merely trying to allow himself more privileges to experiment with some cool technology. On one hand, it’s fun to mess around on a computer, finding some settings to play with or a cool place to test some code. Although it can have some unintended consequences, it does have its advantages.

On the other hand, the school’s position is understandable. You don’t want 3,000 kids running around with admin controls on a school issued laptop wreaking havoc on the systems and the network, but one guy who I have never seen do anything remotely close to wreak havoc should never be punished with something as severe as ISS. At least they should let him off with a warning.

Continue reading “We should be rewarding students for experimenting with tech, not punishing them.”

We should be rewarding students for experimenting with tech, not punishing them.