I've noticed that this discussion has a tendency to be framed in terms
of the crypto primitives. The core problems, as I see them, are
actually somewhat unrelated to whether it's possible to efficiently
perform cryptographic operations in JavaScript or not. In my reading,
this blog post seems to
On 08/06/2012 05:28 PM, Jillian C. York wrote:
> A /safer /web-based tool than Facebook chat with a GIANT WARNING is far
> better than everyone continuing to hold their discussions in insecure fora.
I think this sentence is really the essence of the problem. Why do you
assume it's safer?
Crypt
On 08/06/2012 06:22 PM, Douglas Lucas wrote:
> Is not Riseup accessed over SSL webmail a comparable analogy to current
> Cryptocat? And yet activists without their own .mx trust Riseup, and no
> one says there's little to no difference between Facebook email and
> Riseup email.
I actually disagr
On 08/06/2012 06:59 PM, Eleanor Saitta wrote:
> Except that with your harm mitigation, you push many potential users
> back to plaintext, where they are guaranteed to be owned. What
> percentage of potential cryptocat users would the plugin version have to
> stop from using the tool for you to a
On 08/06/2012 10:19 PM, fr...@journalistsecurity.net wrote:
> No doubt the functional security of tools is an indispensable, essential
> concern. Ignoring any vulnerabilities is dangerous, indeed. But the
> usability of the same tools and making them accessible to
> non-technologists is just as b
On 08/08/2012 06:37 AM, liberationt...@lewman.us wrote:
> On Tue, Aug 07, 2012 at 05:18:02PM -0700, e...@sundelof.com wrote 4.7K bytes
> in 111 lines about:
> :partial defenses using any technology tool. I may feel too strong about
> :tools being discussed as THE solution or THE bulletproof vest
On 08/13/2012 09:18 AM, Brian Conley wrote:
> I'd love your thoughts, you may also be interested in some of the issues
> I've noted with TextSecure and Truecrypt, and how they may provide
> lessons to all of us involved in developing better tools and training
> for activists, journalists, etc.
H
On 10/11/2012 09:15 AM, Nadim Kobeissi wrote:
> James, you can charge for a service and leave it as open source
> software. This has been done countless times over the years and has
> functioned successfully. I am not against Silent Circle costing money -
> I'm against it being closed source soft
On 10/11/2012 11:24 AM, Nadim Kobeissi wrote:
>> Zimmerman stated that servers are located in Canada to avoid US
>> subpoenas (not a lawyer, not sure what's that worth in the end).
>
> His entire IP block is connected to servers in the United States. I
> am very skeptical of that claim. Furtherm
On 12/22/2012 04:49 AM, Brian Conley wrote:
> That said, thus far, neither redphone nor those over listed rivals skype
> or Google hangouts quality of transmission.
Depends. RedPhone's audio quality is (in general) substantially better
on Android than Skype's has been. Skype's desktop audio qu
This Spring will be the first Open Whisper Systems Spring Break Of Code,
a week-long expenses-paid retreat to Maui for folks who like software
development, security, and the beach. We’ve rented a large beachfront
house on the west coast of Maui for everyone to stay in, and will pay
for your airfar
11 matches
Mail list logo
