Notes on Security
Our practices
The mods of /r/ClosetSanta are dedicated to the safe and secure transfer of sensitive information. In order to keep your private data such as your name and address safe during this exchange, we have created a key-based encryption system wherein all encryption and decryption is done in the browser using no external scripts or servers. Let's break it down in baka terminology:
- On your profile page, you will generate a random, 48-character password which we call a "key".
- When you go to send us your shipping information, before your computer sends us anything, it will scramble the information, using the key as a roadmap for how to scramble it exactly.
- Our server will get only the scrambled data. It will never even see your key.
- When you are assigned a santa, you will send them your key using the messaging bot.
- Your santa will go to your profile page and paste your key into a box.
- Their computer will read your key, pull the roadmap out from it, then use the roadmap to unscramble your information.
Here's an infographic that shows the flow of data and who can see what when. (Click for full size)
Unmitigated Risks in this Model
There are still risks associated with this method of data transfer. For starters, the mod team is still in control of every aspect of this data transfer; we control both the bot and the website. Potentially, we could see the names and addresses of anyone participating in the event, assuming we took the time to sift through the bot's messages to find your key. In order to minimize this threat, we have restricted access to the bot to only (Bot-wranglin' mod, probably /u/gokapaya) and we have restricted access to the website's database to only /u/Omnipotence_is_bliss.
Another possible security threat comes from our use of Reddit as a login authenticator. We use this feature to ensure that only Reddit users sign up through our website and to automatically parse some public account information to determine if your account meets activity and age requirements. The threat involved with this is that if your Reddit account were to be compromised, your data would be accessible to the hacker (if they knew to look through your sent messages for your key, then logged in here and used it). We have attempted to mitigate this by allowing you to change your sensitive data or key at any given point in time. Once you have received confirmation from your santa that they have purchased your gift, we recommend that you go into your profile page and resubmit the "Shipping Information" form with no information in the box. This will delete your encrypted address from our database, never to be seen again. We also recommend that you change your Reddit password with a strong password on a regular basis.
If you wish to scrutinize our security practices, you may look through this website's source code or the messaging bot's source code and submit pull requests with your findings.
Server Validity
See this page if you want to verify the integrity of the server.
Screenshot Safety
One of our bigger motivations for making our own site was to ensure the safety of everyone's private information. We do our best to keep everything secure, and only for a short time around the exchange, however we can't ensure the safety of data before it gets to us. For example, some screenshotting tools like Lightshot give you the option to upload the image to their servers for easy public sharing, and other tools will automatically upload the image. This may be convenient for some cases, however this poses a threat to the safety of the person whose address was uploaded. For this reason, we ask that any person participating in our event please not upload their proof images to any online services outside of our own.
For your convenience, here is a list of screenshotting utilities that are free and safe to use:
- Web Browsers
- Firefox has a built in screenshot utility for desktop versions 58+
- Chrome users will need an extension, such as Make a Screenshot
- Operating Systems
- For Windows 7-10, Snipping Tool is available
- For Windows 10, Snip and Sketch is also available
- For Mac, press shift+command+4
- For GNU/Linux and other *nixes, your Desktop Environment probably has its own utility, otherwise maim is a very lightweight CLI program for screenshotting
- For basically any operating system, you can install GIMP
- Smartphones
TL;DR: Make sure that your screenshotting tool does not upload your images automatically, and do not upload them to any online service outside of this website.