DigiNews

Summary

The article describes exploiting Slack’s video embeds to enable end-to-end encrypted messaging by performing client-side cryptography in the browser, using OpenPGP.js, and a slug-based KV store to carry cryptographic data. It notes limitations (video blocks can't be ephemeral) and presents a hacky approach that highlights security design tradeoffs when embedding cryptographic workflows in chat apps.