Google'es End-to-End
tpb-crypto at laposte.net
tpb-crypto at laposte.net
Tue Jun 3 15:42:50 PDT 2014
> Message du 04/06/14 00:29
> De : "rysiek"
>
> OHAI,
>
> Dnia środa, 4 czerwca 2014 00:19:43 piszesz:
> > > not sure what to think about this one:
> > > http://googleonlinesecurity.blogspot.com/2014/06/making-end-to-end-encrypt
> > > ion-easier-to.html
> > >
> > > Technical specs:
> > > https://code.google.com/p/end-to-end/
> >
> > If you want to land on a watch-list and maybe no-fly list, you just install
> > it in your Chrome. Because as far as we can tell Google is in bed with the
> > NSA and so the proprietary browser may just flag you to the system and done
> > you are, or may forward all your messages in the clear. Who knows? Which is
> > worst?
> >
> > That's why there is not foocking way to trust proprietary software.
> > Companies are forced to act like criminals on behalf of the government.
> > There is no loyalty, respect, ethics, honesty or even business which the US
> > government won't try to trample upon.
> >
> > If one wants to go crypto, he goes all the way with OpenBSD, Tails, Kali,
> > Gentoo, Firefox, Midori or even old and good Lynx, but not Chrome.
> >
> > lol
>
> A heck with it, why not -- I'll play the Google's advocate here.
>
> So, the extension itself will be FLOSS, as I understand, so the extension
> itself will be audit-able (inb4 openssl, truecrypt). And as I understand it
> *will* be installable in Chromium too.
>
> Is that an acceptable combination? With such an assumption ("use Chromium,
> Luke!"), does End-to-End seem to make sense? Or are there other problems we
> need to look into and be wary of?
>
With chromium, End-to-End can start looking respectable. But even then Chromium is cranked by a much smaller team than Firefox and surely suffers from the same problems OpenSSL has faced for most of its existence.
More information about the cypherpunks
mailing list