Merge pull request #13 from eddieoz/feature/timeline-enc

Feature/timeline enc
eddieoz · Jul 1, 2024 · 180ccc2 · 180ccc2
2 parents 83a7a5b + ccb4d57
commit 180ccc2
Show file tree

Hide file tree

Showing 5 changed files with 342 additions and 54 deletions.
diff --git a/README.md b/README.md
@@ -20,6 +20,13 @@ OpenXrypt recognizes the critical need for secure communication channels, partic
 - **Group Messages Encryption** You can encrypt messages on X and Whatsapp groups by just having all participants public keys registered.
 - **Passphrase Management:** Users can securely set, reset, and manage their passphrases, enabling them to maintain control over their encryption keys and ensure the confidentiality of their communications.
 - **Key Management:** OpenXrypt provides a user-friendly interface for adding, editing, and deleting GPG public and private keys, allowing users to manage their encryption keys and those of their contacts with ease.
+- **Timeline Obfuscation**: OpenXrypt enhances your privacy by obfuscating your timeline, making it hard for algorithms to use your content for AI training or targeted advertising. Your posts will be symmetrically encrypted with a SHA-256 hash of your public key's fingerprint, ensuring your content remains public but more secure.
+- **Timeline Encryption**: You can use GPG to encrypt messages for your target audience using their public keys and post them on your timeline. This ensures message privacy because no algorithm can identify the recipients who can decrypt and read the messages. By leveraging this method, you can confidently share sensitive information publicly, knowing that only your intended audience can access the message content. Here's how you can do it:
+
+   - Encrypt Your Message: Use GPG to encrypt your message with the public keys of your intended recipients. You can use tools like `gpg cli`, `Kleopatra`, `GPGTools`, among others.
+   - Post the Encrypted Message: Share the encrypted message on your timeline. 
+   - Ensure Privacy: Only the recipients with the corresponding private keys can decrypt and read the message, ensuring that the content remains secure and private.
+
 
 ### Screenshots
 
@@ -78,14 +85,17 @@ OpenXrypt recognizes the critical need for secure communication channels, partic
 
 #### Encrypt Text
 
+##### DM:
 1. Go and DM one of your contacts that you have already added a public key (from Messages left menu)
    ![](imgs/opnxrpt-send.msg.png)
 2. Write a message
-3. Selected the entire messade (CTRL + A or CMD + A)
-4. Open the OpenXrypt popup by clicking the extension icon.
-5. Click the **Encrypt** button.
+3. Click the **Encrypt** button.
    - The selected text will be encrypted and replaced.
-6. Send the message on X.
+4. Send the message on X.
+
+##### Timeline
+1. Just write your post, click on **Encrypt** button.
+2. Send the message on X.
 
 #### Automatic Decryption
 

diff --git a/USE_CASES.md b/USE_CASES.md
@@ -0,0 +1,91 @@
+# OpenXrypt: Use Cases for Timeline Obfuscation and Encryption
+OpenXrypt offers robust timeline obfuscation and encryption, enhancing your privacy and security in various scenarios. This document outlines the key use cases where OpenXrypt's features are beneficial.
+
+## Public Timeline Use Cases
+
+### Preventing Data Harvesting
+
+- **Benefit:** Protects user data from being collected by third parties for profile building or resale.
+- **Example:** Users can share their thoughts and experiences without contributing to data aggregation by advertisers.
+
+### Safeguarding Personal Information
+
+- **Benefit:** Reduces the risk of identity theft and privacy invasions.
+- **Example:** Users can share personal achievements and milestones securely.
+
+### Combating Censorship and Surveillance
+
+- **Benefit:** Protects against government surveillance and censorship.
+- **Example:** Users in restrictive regions can express their views without fear of retaliation.
+
+### Maintaining Professional Boundaries
+
+- **Benefit:** Keeps personal and professional lives separate.
+- **Example:** Users can post about personal interests without employers or clients accessing this information.
+
+### Ensuring Ethical AI Use
+
+- **Benefit:** Prevents unauthorized data use for AI training.
+- **Example:** Users' posts are not used to train AI algorithms without consent.
+
+### Enhancing Digital Trust
+
+- **Benefit:** Builds trust among followers by showing a commitment to privacy.
+- **Example:** Influencers can assure their audience that their data is secure.
+
+## Private Messaging Use Cases
+
+### Enhancing Security for Activists and Journalists
+
+- **Benefit:** Provides an extra layer of security for high-risk professions.
+- **Example:** Activists and journalists can communicate without fear of interception.
+
+### Securely Sharing Sensitive Information
+
+- **Benefit:** Allows the secure sharing of sensitive information.
+- **Example:** Users can discuss confidential matters without privacy concerns.
+
+### Maintaining Anonymity for Whistleblowers
+
+- **Benefit:** Provides a secure platform for whistleblowers to share information.
+- **Example:** Whistleblowers can report issues without revealing their identity.
+
+### Enhancing Privacy in Online Therapy Sessions
+
+- **Benefit:** Protects privacy during online therapy or counseling sessions.
+- **Example:** Patients and therapists can communicate confidentially.
+
+### Securing Family Histories and Ancestry Discussions
+
+- **Benefit:** Protects personal family history shared in private messages.
+- **Example:** Users can discuss genealogy and family matters securely.
+
+### Ensuring Privacy in Fitness and Health Tracking
+
+- **Benefit:** Secures data from fitness and health apps shared in private messages.
+- **Example:** Users can share health updates without exposing their data.
+
+### Supporting Privacy in Online Dating
+
+- **Benefit:** Enhances privacy in online dating communications.
+- **Example:** Personal information remains secure until trust is established.
+
+### Protecting Digital Nomads
+
+- **Benefit:** Secures data of individuals living and working remotely.
+- **Example:** Digital nomads can share their experiences and work securely in private messages.
+
+### Securing Financial Information
+
+- **Benefit:** Protects financial discussions and transactions.
+- **Example:** Users discussing financial advice or transactions can ensure this data is secure.
+
+### Ensuring Safe Online Activism
+
+- **Benefit:** Provides a secure platform for organizing and participating in activism.
+- **Example:** Activists can coordinate actions and share information privately.
+
+### Enhancing Privacy for Vulnerable Populations
+
+- **Benefit:** Provides extra security for at-risk individuals.
+- **Example:** Victims of abuse or harassment can communicate safely.
diff --git a/manifest.json b/manifest.json
@@ -1,7 +1,7 @@
 {
   "manifest_version": 3,
   "name": "OpenXrypt",
-  "version": "0.3.5",
+  "version": "0.4.0",
   "description": "Upgrade Your Social Media Privacy",
   "permissions": ["activeTab", "storage", "tabs"],
   "action": {

diff --git a/src/actions.js b/src/actions.js
@@ -6,34 +6,21 @@ function getWebsite() {
   }
   return names[0];
 }
+
+const commonTwitterActions = [
+  { type: 'sender', action: findUsernameFromInitialState },
+  { type: 'userid', action: findTwitterHandle },
+  { type: 'groupIds', action: getXGroupUserIds },
+  { type: 'senderButton', action: ()=> document.querySelector('[data-testid="dmComposerSendButton"]') },
+  { type: 'input', action: () => document.querySelector('[data-testid="dmComposerTextInput"]') },
+  { type: 'decrypt', action: () => document.querySelectorAll('body, body *') },
+  { type: 'postButton', action: () => document.querySelector('button[data-testid="tweetButton"]') },
+];
+
 // Site mapping for arrays of specific functions
 const siteActions = {
-  twitter: [
-    { type: 'sender', action: findUsernameFromInitialState },
-    { type: 'userid', action: findTwitterHandle },
-    { type: 'groupIds', action: getXGroupUserIds },
-    { type: 'senderButton', action: ()=> document.querySelector('[data-testid="dmComposerSendButton"]') },
-    {
-      type: 'input', action: () =>
-        document.querySelector('[data-testid="dmComposerTextInput"]'),
-    },
-    {
-      type: 'decrypt', action: () => document.querySelectorAll('body, body *'),
-    },
-  ],
-  x: [
-    { type: 'sender', action: findUsernameFromInitialState },
-    { type: 'userid', action: findTwitterHandle },
-    { type: 'groupIds', action: getXGroupUserIds },
-    { type: 'senderButton', action: ()=> document.querySelector('[data-testid="dmComposerSendButton"]') },
-    {
-      type: 'input', action: () =>
-        document.querySelector('[data-testid="dmComposerTextInput"]'),
-    },
-    {
-      type: 'decrypt', action: () => document.querySelectorAll('body, body *'),
-    },
-  ],
+  twitter: commonTwitterActions,
+  x: commonTwitterActions,
   whatsapp: [
     { type: 'sender', action: findWhatsappNumberSender },
     { type: 'userid', action: findWhatsappNumber },
@@ -341,4 +328,15 @@ async function getXGroupUserIds() {
     return userIds;
   }
   return [];
+}
+
+// Check if it is the X composition page (mobile or desktop)
+function isTweetCompositionPage() {
+  const canonicalLink = document.querySelector('link[rel="canonical"][href="https://x.com/compose/post"]');
+  const alternateLink = document.querySelector('link[rel="alternate"][hreflang="x-default"][href="https://x.com/compose/post"]');
+  return canonicalLink || alternateLink;
+}
+
+if (isTweetCompositionPage()) {
+  injectEncryptButtonForTweet();
 }