Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Email Notifications #861

Open
glenn-sorrentino opened this issue Jan 9, 2025 · 4 comments
Open

Email Notifications #861

glenn-sorrentino opened this issue Jan 9, 2025 · 4 comments
Assignees
@brassy-endomorph

Comments

@glenn-sorrentino
Copy link
Member

glenn-sorrentino commented Jan 9, 2025
edited
Loading

User Story:
As a tip line owner, I want an email notification when a message comes in to Hush Line, but do not want the full message contents delivered to me, so I can know when I need to log in to check on a new deposit.

Acceptance Criteria:

  • In Settings, a user can enable email notifications.
  • In the same section, the user can enable full-message delivery.
  • Notifications becomes its own tab
  • Encryption settings becomes its own tab

Mockup:
Image
@brassy-endomorph
Copy link
Collaborator

The mockup here 404's. Can you re-upload it so I can more clearly see what's going on?

@brassy-endomorph
Copy link
Collaborator

I want an email notification when a message comes in to Hush Line
...
In the same section, the user can enable full-message delivery.

Both of these have significant security implications in terms of metadata. One says exactly when a user visited the site, and one gives a suggestion for the message size. I think we need to make a publicly documented threat model that explains who/what we protect against so that people could (theoretically) decide whether the protection we offer is sufficient or not. Or if someone wanted to review our code they could meaningfully determine whether we're achieving our goals, because as it is without a specification, we can just say "oh but that's allowed" to any leakage of information someone might point out

@brassy-endomorph brassy-endomorph self-assigned this Jan 12, 2025
@glenn-sorrentino
Copy link
Member Author

The mockup here 404's. Can you re-upload it so I can more clearly see what's going on?

Not 404ing for me - here it is again:
Slice 2

@glenn-sorrentino
Copy link
Member Author

glenn-sorrentino commented Jan 12, 2025
edited
Loading

I want an email notification when a message comes in to Hush Line
...
In the same section, the user can enable full-message delivery.

Both of these have significant security implications in terms of metadata. One says exactly when a user visited the site, and one gives a suggestion for the message size. I think we need to make a publicly documented threat model that explains who/what we protect against so that people could (theoretically) decide whether the protection we offer is sufficient or not. Or if someone wanted to review our code they could meaningfully determine whether we're achieving our goals, because as it is without a specification, we can just say "oh but that's allowed" to any leakage of information someone might point out

So we already forward messages. This new feature will actually give more secure options.

Most importantly, this is a customer-requested/funded feature and cannot be held up because of a document. If you think that time correlation is an issue, build in a random timer for when notifications are sent. Same with size - we can add variable dummy text to messages.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@brassy-endomorph brassy-endomorph

Labels
None yet
Projects
Hush Line Roadmap
Status: Next Up
Milestone
No milestone
Development

No branches or pull requests
2 participants
@glenn-sorrentino @brassy-endomorph