On Wed, Jun 27, 2012 at 12:54:06PM -0700, Chris Ballinger wrote: > I noticed that a lot of people these days don't use dedicated chat clients > anymore and tend to use in-browser chat interfaces on platforms like Gmail > or Facebook. It's difficult to get people to change their behavior, > especially to get people to decide to run some 3rd party desktop software > with which they might not be comfortable. Also, a lot of people seem to use > Gmail chat from places where they aren't allowed to install 3rd party > software. > > Would it be possible/feasible to write browser extensions (Chrome, Safari, > FF) that use Emscripten (LLVM to JS compiler) to compile libotr, and then > hook into the DOM for Gmail or Facebook (or possibly any two user-defined > text fields?) for "seamless" in-browser OTR?
Lots of people have considered that, but there's a major obstacle: how do you know the libotr plugin is actually being used, and it's not just sending plaintext to GTalk? As far as I know, there's no "secure chrome" mechanism extensions can use to confirm to the user that the text is being typed directly to the extension, and that other javascript running on the same page can't intercept the keystrokes. - Ian _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
