Bit of an odd intro: I’m a carpenter, 42 years at the bench. I’m the type who can’t stand making the same thing everyone else makes, so I’ve always chased the technical side too - CNC, laser cutting, and lately building software to run my machines.
At some point I wanted to send my own designs to people without them leaking anywhere, and I went down the rabbit hole of how messaging actually works. What got me was realising how much of the “free” stuff is paid for with our privacy. That annoyed me enough that I decided to build my own messenger, mostly to learn. It grew from something simple into a real thing. I called it Sherlock.
Two things I cared about: proper encryption, and NOT tying it to a phone number - I built a different system for that.
I’m not going to pretend I reinvented cryptography. I’m a woodworker who got obsessed. So I’d rather hear it straight from people who actually know this stuff:
- How much does the “no phone number” approach really buy you if I get the rest wrong?
- For a small independent project, what’s the bar before any of you would even consider trusting it - open source, audit, something else?
Genuinely here for the criticism, not the pats on the back.
This doesn’t seem like the problem you’re solving. You’re talking about not leaking designs, but then you go on about hiding phone numbers. What is the concern, here?
If you don’t want designs leaked, you need to trust the person who receives it not to leak it, or somehow make it impossible for them to share it. That’s the weak point, not the means of moving the file. An encrypted zip file moved by any means should be enough.
What am I missing?
You’re right, and that’s a fair catch - I conflated two things that aren’t the same problem. Once a file reaches a person, they can leak it; encryption of the transport doesn’t fix the human at the other end. An encrypted zip sent over almost anything covers the “moving the file safely” part, no argument.
So let me be honest about what actually drove me, because you’ve exposed that my post muddled it: it wasn’t really fear of a specific design leaking. The design files were just the spark that sent me down the rabbit hole. What actually kept me going was realising how much “free” messaging is paid for with metadata and data harvesting, and not wanting a phone number tied to everything. So the real concern is ongoing privacy of communication, not protecting one file - and you’re right that those are different problems. The file thing was the door I walked through, not the room.
Honestly a cleaner way to put it: I didn’t build it because zip+email couldn’t move a file. I built it because I went looking at how messaging works and didn’t like what I found, and then got obsessed. Thanks for making me say that more precisely.