[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] offtopic:

From: Frank Villaro-Dixon
Subject: Re: [Sks-devel] offtopic:
Date: Thu, 12 Dec 2013 11:09:36 +0100
User-agent: Mutt/1.5.22 (2013-10-16)

On 13-12-12 10:44:18, address@hidden, wrote 0.8K characters saying:
Simple, we're using client side encryption, you can review the javascript code in your browser. The server/service receives encrypted messages and send it to the receiver. The server/service can't decrypt your message, it's PGP.
I think that what Gabor meant was that *maybe* a client will check the source code *once*, but not always! With time, you don't continue to do the same annoying tasks (aka. checking that the source code is the same), and you forget.

A lambda person won't check the code, and then, the NXA (or another third party), can alter with the code, and do a simple MITM. Everybody will fall in the trap.

IMHO, I think your service, as good as it may seem, is a false-good idea.



"Kiss Gabor (Bitman)" <address@hidden>:

How an innocent bystander could be sure that (s)he will use
the _same_ code when sending mail via your service?
If I worked to the No Such Agency I'd probably do this trick. :-)


--       - PGP: 6F36914A
Envie d'électricité 100% verte ?
What is a Velomobile ?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]