Ask HN: 我们搭建了一个具备加密打印和导出的气隙文档库

2作者: KevinG7776 个月前
Hi HN, 我们正在开发一个文档保险库,专为无法接受云端暴露的个人和组织设计。 该系统在某些方面刻意保持“无聊”: • 无需账户 • 核心功能不依赖云端 • 完全离线运行 • 本地加密 • 气隙存储 • 加密导出和受控加密打印 我们之所以开始这个项目,是因为打印。在许多环境中,打印仍然不可避免,并且仍然是最大的数据泄露途径之一。大多数隐私工具都止步于存储,完全忽略了输出。 这并非旨在取代所有人的云存储。它适用于威胁模型假定以下情况的场景: • 网络是恶意的 • 云账户最终会被攻破 • 有时必须牺牲便利性来换取控制权 我们明确声明: • 并非“无法破解” • 并非“军工级” • 并非“零风险” 我们试图最小化攻击面和失效模式,而不是消除它们。 我们非常希望收到关于以下方面的反馈: • 威胁模型的盲点 • 加密打印的假设 • 物理访问风险 • 更新和密钥管理策略 • 什么会让你立刻对它失去信任 如果这听起来像你永远不会使用的东西,那也是有用的反馈。 谢谢。
查看原文
Hi HN,<p>We are working on a document vault designed for people and organizations who cannot accept cloud exposure.<p>The system is intentionally boring in some ways: • No required accounts • No cloud dependency for core functionality • Fully offline operation • Local encryption • Air-gapped storage • Encrypted export and controlled, encrypted printing<p>The printing piece is why we started this. In many environments, printing is still unavoidable, and it remains one of the largest data-leak vectors. Most privacy tools stop at storage and ignore output entirely.<p>This is not meant to replace cloud storage for everyone. It is for cases where the threat model assumes: • Networks are hostile • Cloud accounts will eventually be compromised • Convenience must sometimes be traded for control<p>We are explicitly not claiming: • “Unhackable” • “Military-grade” • “Zero risk”<p>We are trying to minimize attack surface and failure modes, not eliminate them.<p>We would genuinely value feedback on: • Threat model blind spots • Encrypted printing assumptions • Physical access risks • Update and key management strategies • What would make you immediately distrust this<p>If this sounds like something you would never use, that is also useful feedback.<p>Thanks.