Published: 2026 Feb 12
Lately I'm seeing a lot, like I mean a lot of privacy and security related applications going extinct, I'm not talking about the normal stuff owned by for-profits which just say 'privacy focused' but actually useful apps and software created by a bunch of cyber junkies for cyber junkies, well i guessed that the reason was funding and donations drying up, but when i did some more digging i found that, the primary reason is not money but SIMPLY THAT IT'S NOT "FEASIBLE", like i was just dumbfounded, that developers just stopped getting more aware of privacy because its just not feasible.
So to see how difficult it was to make an actual privacy focused app in the present and to see if the developers are just lazy, i started making a web based encryption storage system.
At first it was easy, I made the plan; to make a really isolated storage app in the web which nobody could poke into.
I divided my project into 5 phases, the first one was ofcourse the usual one of laying the foundation and the concept, I wanted the app to be completely air-gapped, so my plan was to manually download the libraries needed and make it work flawlessly offline. I used Tailwind for a custom 'Mac OS 8/9 Platinum' style, I really don't know why i chose that but it looked retro and good, then I chose the CryptoJS library for the data encryption and authentication, for storage i was using the browser's localStorage as it was ideal enough for the project and remember that all of these was free amd open source and coud be downloaded from almost anywhere on the internet. First i planned that the whole app aas going to be an SPA(Single Page Application) so i could already patch up a surprising number of vulnerabilities, and as it already was completely offline based, i had made it nearly impossible for anybody to remotely hack it. And i made the basic version of the app, with a login tab and a registration tab, i purposefully removed the back up option to not make a security/privacy backdoor hence again removing another common vulnerability and also making the app easier to develop. I used AES-256 for the encryption of the data stored and used SHA-256 for the hashing of all the credentials, for the passkey, i used the same hashing but layered with PBKDF2 with 100000 iterations hence again preventing brute force attacks, and it has only been a day of work. Next i added a feature called the Volatile Random Access Memory Purge(VRAMP) which when logged out would wipe the entire credential entered clean and overwrites the wiped memory with random noise which are separately generated through the window.crypto.getRandomValues feature of the CryptoJS library. After this i created the very espionage-esque feature of a 'Duress Passkey', a secondary passkey set during registration, and if this is entered duting log in, the system silently wipes the entire data stored in the given user's vault, saves the empty state and logs the user(or the interrogator) in. It appears as a legit log in but actually the data is purged, and this was done through very simple lines of code.
And with a bunch of other features, i made a pretty powerful and secure text based storage(as in the end i thought, a hybrid storage of both text and images could open up new vulnerabilities) system called PIES or Pretty Isolated and Encrypted Software(it's on the dev repo) which was completely zero gapped amd could be text based storage apps which normies like us could get our hands on(only if used correctly), and this all happened in a matter of a week, so now i proved that it's not that hard to make a very privacy focused tool or is it unfeasible as in this world where you could be tracked or hacked in a matter of minutes, with the right tools you can stay safe, and also a big deemed problem by the devs is that making some systems could get the devs themselves in jeopardy on matters like illicit users(which are just excuses used by entities for mass surveillance), but with this app where there is no server collecting data or anything pinging anyone other user storing data, nobody can practically subpoena me to give up info, as i'm legally not binded to, hence stripping myself of my 'responsibilities' so look in this way, was this even expensive or even time consuming, no it was not. So just make more privacy focused apps.