You would still control the code that's served and would still be
subject to local laws. How hard would it really be to compromise or
compel you, whether through lawful or unlawful means?
On Mon, Aug 26, 2013 at 3:57 PM, Francisco Ruiz wrote:
> You're absolutely right. I don't feel good about thi
Steve Weis wrote:
>If delivered as a regular Javascript web app, then Francisco, anyone
>at Site 44, or anyone at Dropbox can steal PassLok keys and messages
>anytime they want.
You're absolutely right. I don't feel good about this. But what if I set up
my own server? I can do it here at the univ
On 08/26/13 20:44, Francisco Ruiz wrote:
>
> 2. Even worse, if they save any data (public keys, in this case), the
> database remains tied to each particular computer. Forget about going to
> the library and using it there.
Forget about going to the library. The public access computers are a
co
If delivered as a regular Javascript web app, then Francisco, anyone
at Site 44, or anyone at Dropbox can steal PassLok keys and messages
anytime they want.
I do not think it's realistic to expect every single user to "look at
the code before [they] execute it" for every single page load. As
alrea
Thanks, Griffin, Eduardo,
I haven't gotten a lot of response to this issue, but I've been doing my
own thinking, after some more testing of extensions similar to what I want.
Here's by $0.01 worth:
Extensions are cool, but those I've seen have these huge problems for my
application (and probably
On 08/24/2013 05:13 PM, Francisco Ruiz wrote:
>
> My encryption app, PassLok, is currently in the shape of a standalone,
> static web page with two text boxes where users copy and paste plain
> or encrypted messages. I am considering the possibility of making a
> browser extension version out of it
Hello Francisco:
We have the same dilemma in our online decision-taking software (Agora
voting). Browser extensions are more secure by being more static i.e.
the code is not loaded visiting a website. In general, this is a
problem of trust. If you're doing client-side encryption you have
multiple
My encryption app, PassLok, is currently in the shape of a standalone,
static web page with two text boxes where users copy and paste plain or
encrypted messages. I am considering the possibility of making a browser
extension version out of it, probably along the lines of myMail-crypt or
Mailvelope
