nathanmcrae/numbers-station
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Compare commits

base: nathanmcrae:2025-07-05
Branches Tags
nathanmcrae:master
nathanmcrae:2025-07-05
...
compare: nathanmcrae:master
Branches Tags
nathanmcrae:master
nathanmcrae:2025-07-05

1 Commits
2025-07-05 ... master

Author SHA1 Message Date
Nathan McRae
4881a135f2 Update readme 2025-07-06 16:02:41 -07:00
1 changed files with 28 additions and 42 deletions
Expand all files Collapse all files

70
readme.txt → readme.md
View File

@ -1,52 +1,31 @@
For sending secret messages and dummy messages regularly. It is meant to be used in conjunction with one-time pads. One-time pads provide perfect security for the message itself (if they are handled properly), but adversaries can still tell that messages are being sent, and when they are being sent. To avoid this, dummy messages are uploaded to a website on a regular basis. The messages can also be hidden using steganography.
For sending secret messages and dummy messages regularly. It is meant to be used in conjunction with one-time pads. One-time pads provide perfect security for the message itself (if they are handled properly), but adversaries can still tell that messages are being sent, and when they are being sent. To avoid this, dummy messages are uploaded to a website on a regular basis.
This application should not be considered secure, and no sensitive information should be entered into it.
Baseline is that the number station will generate a dummy random message, optionally obscure it via steganography, then upload it to an (s)ftp/scp server.
# Building
The random message generation actually happens last, so that, next time it is run, the existing message will be uploaded. This way a real message can be generated in the meantime and the next upload time the real message will be uploaded. Because the real message looks random to anyone without the corresponding one-time pad, it cannot be distinguished from the dummy messages.
Building requires JDK 23.0.1 and javafx SDK 23.0.1, and Maven (I used version 3.9.9)
# Number Station Listener
The JAVA_HOME environment variable must be set to the JDK installation directory e.g. `C:\Program Files\Java\jdk-23.0.1\bin\java.exe`. `$JAVA_HOME/bin` must be included in you PATH variable. PATH_TO_FX must be set to the JavaFX lib directory e.g. `$HOME/openjfx-23.0.1_windows-x64_bin-sdk/javafx-sdk-23.0.1/lib`.
This application periodically checks a site for numbers and stores them so the user can check whether the message matches any pads.
To build, run `mvn package`, the output .jar should be in ./target
# Notes
To run without installing: `java -jar target/numbersstation-1.0-SNAPSHOT-shaded.jar`
Should have sane defaults, but be built to be part of a more extensible system. Should be able to run other commands for message generation / upload.
# Packaging
Need to be able to support multiple profiles for each.
Packaging is done via jpackage, which is included with the JDK version used to build.
## Tech
jpackage seems to pull in the entire working directory unnecessarily. To avoid bloat, packaging should be done in a clean subdirectory.
- Installers: JPackage
- Notifications: https://github.com/sshtools/two-slices/blob/master/README.md
- Post to wordpress: https://github.com/ashri/java-wordpress-api/tree/master
## Windows
## Security considerations
If someone were to take any part of the number station (this software, the server, or intercepting on the way to the recipient), then they could make sure no messages get through (though they couldn't spoof messages without access to the one-time pads).
This weakness is true of nearly all communication methods though. The only way to be certain a message was received is to receive an acknowledgement back.
# Settings/State Format
$XDG_CONFIG_HOME/numbers-station/main-settings.xml
$XDG_CONFIG_HOME/numbers-station/listener-settings.xml
$XDG_STATE_HOME/numbers-station/main.log
$XDG_STATE_HOME/numbers-station/listener.log
$XDG_STATE_HOME/numbers-station/<station-id>-main/next-message.txt
$XDG_STATE_HOME/numbers-station/<station-id>-main/20250114T091633.txt
$XDG_STATE_HOME/numbers-station/<station-id>-listener/20250114T091735.txt
$XDG_STATE_HOME/numbers-station/<station-id>-listener/20250114T091748-read.txt
XDG dirs:
https://superuser.com/a/1767882
On Windows:
https://stackoverflow.com/questions/43853548/xdg-basedir-directories-for-windows
Library to use:
https://github.com/dirs-dev/directories-jvm
``` sh
> mkdir packaging
> cp target/numbersstation-1.0-SNAPSHOT-shaded.jar packaging
> cd packaging
> jpackage --input . --name "Numbers Station" --main-jar numbersstation-1.0-SNAPSHOT-shaded.jar --main-class name.nathanmcrae.numbersstation.MainRun --type exe --win-menu --win-per-user-install --win-shortcut --win-shortcut-prompt --win-upgrade-uuid 956c711b-01f1-46a2-9355-4a6b63ec1ec9 --icon "../icon.ico" --description "Tool to periodically upload encrypted messages to a website/blog"
```
# TODO
@ -67,15 +46,22 @@ https://github.com/dirs-dev/directories-jvm
- [ ] Add tests for generateMessage()
- [x] Load message from next-message
- [x] When making changes to the message, show the changes as unsaved until saved.
- [ ] Ensure all GUI elements have accessibility text
- [ ] Embed versioning info
- [x] Ensure all GUI elements have accessibility text
- [x] Embed versioning info
- [ ] Factor out scheduling into a wrapper class that handles all the os-specific stuff internally.
- [ ] If a station name is run which doesn't exist in settings, but has associated files, then prompt the user to delete the files.
- [ ] Fix behavior when settings file is empty
- [ ] Store schedule time with time zone
- [x] Store schedule time with time zone
- [ ] Add tests for StationSettings.nextSendTime()
- [ ] When changing number of digits for a station, we may want to regenerate a new message of the specified length. We'll need to prompt the user to overwrite the existing message (in case it's a real message).
- [ ] Add a button to post message manually (With dialog warning)
- Add description in help quickstart for how to use this
- [ ] 'Next message will be sent' should reflect when external schedule management is turned on
- [x] Have a way to show executable location (since you need to know that to manage schedule externally)
- [ ] When launching help, re-navigate to help page
- [x] When can't load settings, give option to re-initialize (with confirmation)
Note on jars and javafx: https://stackoverflow.com/a/23121897
# Devlog
# 2025-01-27 JAR packaging
@ -137,7 +123,7 @@ java.io.IOException: Command [C:\Program Files (x86)\WiX Toolset v3.11\bin\candl
Did a clean clone and build and it worked.
jpackage --input . --name numbers-station --main-jar .\target\numbersstation-1.0-SNAPSHOT.jar --main-class name.nathanmcrae.numbersstation.MainRun --type exe --win-menu --win-per-user-install --win-shortcut --win-shortcut-prompt --win-upgrade-uuid 956c711b-01f1-46a2-9355-4a6b63ec1ec9 --icon "P:\personal_root\projects\numbers-station\icon.ico" --description "Tool to periodically upload encrypted messages to a website/blog"
jpackage --input . --name "Numbers Station" --main-jar .\target\numbersstation-1.0-SNAPSHOT.jar --main-class name.nathanmcrae.numbersstation.MainRun --type exe --win-menu --win-per-user-install --win-shortcut --win-shortcut-prompt --win-upgrade-uuid 956c711b-01f1-46a2-9355-4a6b63ec1ec9 --icon "P:\personal_root\projects\numbers-station\icon.ico" --description "Tool to periodically upload encrypted messages to a website/blog"
---