[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] offtopic:

From: admin
Subject: Re: [Sks-devel] offtopic:
Date: Thu, 12 Dec 2013 12:52:03 +0100
User-agent: Internet Messaging Program (IMP) H5 (6.1.6)

Who are the intended targets of this service?
Non-PGP users.

You can't control the senders environment, maybe an old windows box
with keystroke logging, backdoors, etc. It's not my intention to be
the MITM. Yes it's a matter of trust.


Gabor Kiss <address@hidden>:

> Simple, we're using client side encryption, you can review the javascript
> code in your browser. The server/service receives encrypted messages and
> send it to the receiver. The server/service can't decrypt your
message, it's
> PGP.
I think that what Gabor meant was that *maybe* a client will check
the source
code *once*, but not always! With time, you don't continue to do the same
annoying tasks (aka. checking that the source code is the same), and you

A lambda person won't check the code, and then, the NXA (or another third
party), can alter with the code, and do a simple MITM. Everybody
will fall in
the trap.

Who are the intended targets of this service?
Peoples who cannot install (,stricly check) and run a gpg program
on their own computers. Who cannot run a command line program.
Whose only cabability is moving mouse. (So called one armed lawyers. :)
I'm pretty sure that most of them is unable to audit any JS, Ruby or C code.

Wenn ist das Nunstück git und Slotermeyer?
Ja! ... Beiherhund das Oder die Flipperwaldt gersput.

Sks-devel mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]