On Thu, Jun 5, 2014 at 4:48 AM, Alfie John <alfiej@fastmail.fm> wrote:
On Wed, Jun 4, 2014, at 10:19 AM, tpb-crypto@laposte.net wrote:
That's why there is not foocking way to trust proprietary software. Companies are forced to act like criminals on behalf of the government. There is no loyalty, respect, ethics, honesty or even business which the US government won't try to trample upon.
Someone's already submitted a bug report:
Cute, but the threat model of the submitter seem unclear to me, in what is it different here from gpg binaries provided by a linux distribution package ? If even only one person have access to the packaging keys and is of american nationality he can receive a National Security Letter and would have to comply (Rubber hose is obviously working too if they want to risk it). Using quantum insert they don't even need to change the packages for everyone, only you. Updates for any software executing with access to your private data are dangerous. I don't see why this subject is present in the issue tracker of an extension... it's a lot more general issue (Except for the fact that Google bashing is cool today).