collAnon (multi web app for private communication services and tools)

Site Development Tool Suggestions
1

Hi!

I’m Eugene, the owner/maker of collAnon which trying to become a suite of private and innovative communication services and offline capable tools all packaged in a PWA(Progressive Web App) where there’s gonna always be a freemium tier(and the users data are not the product in this case) and data ownership through data import/export for all services/tools.
Given this presentation I’m gonna answer directly to the points that you’ve made in the criteria page:

  • Secure: Tools should follow security best-practices wherever applicable.
    • Given that I’m a solo developer, the best setup that I can achive is HTTPS and LUKS encrypted SSD on which the services are running.
  • Source Availability: Open source projects are generally preferred over equivalent proprietary alternatives.
    • Unfortunately this service doesn’t have yet any open source code(despite I personally try to contribute to the libraries that power the web app), but I’m looking up to open source the client if it is of help.
  • Cross-Platform: We typically prefer recommendations to be cross-platform, to avoid vendor lock-in.
    • Fortunately PWAs are the most cross-platform web apps available, wherever there’s a browser, there’s a chance to “install” it directly on the device.
  • Active Development: The tools that we recommend should be actively developed, unmaintained projects will be removed in most cases.
    • It’s been in development for 2 year and I count on continuing innovating and increasing the offering for everyday folks
  • Usability: Tools should be accessible to most computer users, an overly technical background should not be required.
    • I’m really into making this services as easy and as accessible as possible.
  • Documented: Tools should have clear and extensive documentation for use.

Developer Self-Submissions

  • Must disclose affiliation, i.e. your position within the project being submitted.
    • As above, I’m the sole owner and maker of the services/tools.
  • Must have a security whitepaper if it is a project that involves handling of sensitive information like a messenger, password manager, encrypted cloud storage, etc.
    • The minimum requirement to sign up and use is a username and password, no further data is required to use the service, hope it’s good enough.
    • Third party audit status. We want to know if you have one, or have one planned. If possible please mention who will be conducting the audit.
      • I don’t have one and it’s not planned simply because I can’t afford it for now :confused:
  • Must explain what the project brings to the table in regard to privacy.
    • Does it solve any new problem?
      • That my starting point of the services and tools, “Discussions” are private(invite only qr code/link) and temporary-anonymous discussions with an ending date where the discussion ends and who made the answers will be seen with the best agreed upon on top(and no data on who put those likes) this is in order to avoid personal biases, make more sincere discussions and provide no retaliation against the individual voters, meanwhile “Perspective exchange” is 1vs1 private place(invite only) to, given a context, have a clear way to exchange each own perspectives/opinions about a particular context(for example a couple that have difficulty to say clearly what’s wrong because of temper or invasive emotions). And finally a Simple Gantt calendar(completely offline capable, local data only) for a new and simpler take on following your life events through a view that clearly shows how much time have things took to realize. And more to come.
    • Why should anyone use it over the alternatives?
      • They are kind of new approaches, there’s little(getballoon_com for “Discussions” but it’s for businesses) to no alternatives that I can find around so there’s the novelty of having them out to try.
  • Must state what the exact threat model is with their project.
    • It should be clear to potential users what the project can provide, and what it cannot.
      • The copy at the above link should suffice but I’m aware that it could be better, and I’m trying! Do you have any guide/resource on how to approach this?

Given this context I hope I can qualify for your list of suggestions, otherwise I’m open ears on how to do better.