Self Destruction
Every note submitted to the server will eventually be destroyed. All unread notes are destroyed after 30 days. All notes that have been viewed are destroyed 3 minutes after viewing. When the note is destroyed, it is overwritten with random data. This application does not make any assumptions about the underlying filesystem. Better safe than sorry, we say.
Single View
The note can be viewed only once. If someone attempts to view the note after the initial viewing, whether or not the note has been destroyed, the client is redirected to a standard 404 error.
Blowfish Encrypted
Before storing the note on disk, every note is compressed with ZLIB, then encrypted with Blowfish in ECB mode.
Private Passwords
The application uses a shared password server-side that is used for the encryption and decryption of all the notes. However, the application supports using custom passwords to encrypt and decrypt the note. Even though the private password is not stored by default in the application, this does not prevent the system administrator from modifying the code to do so. Therefore, it is best that you host this application yourself, on your own server.
Hashcash Protected
To prevent spammers from abusing the service, note submission is protected by the client solving a proof-of-work puzzle by minting a valid Hashcash token. As such, JavaScript is required to post a note. Hashcash tokens are stored on the server to prevent double-spending of the same token. Unfortunately, minting Hashcash tokens does not work well with mobile browsers.
Anonymous Fingerprints
Part of Hashcash tokens is the ability to create a uniquely identifiable resource string. Typically, this is an email address. However, with this application, your browser fingerprint is used as the resource string. The browser fingerprint is a 32-bit MurmurHash number. By itself, it cannot identify who it belongs to. The system administrator could tie that fingerprint to an IP address and user agent string by looking in his web server logs.