[tor-talk] Most Security Assertions Dangerous [Re: YouTube via Onion Services]

grarpamp grarpamp at gmail.com
Thu Dec 6 23:15:02 PST 2018


> Tutanota open sourced their client. You could use the source and run your
> own version of the Tutanota client if that's your threat model. It's true
> the email provider could serve different users different versions of the app
> and there is no possible way to audit it in real time

A standalone app can give at least some distance and pinnable code.
And a bit more if served up from a "neutral" third party like github,
f-droid, or allowing tor or vpn to get it in some masked user fashion.


> 2) You are running unknown code every day. Do you trust the vendors?

Probably not wise until the world changes some more
towards those hashtags. Shall we add #SharedAudit .


> It's unfair [...] They're trying to
> solve a complicated problem, inside a web browser, with no easy solution :-/

Yes of course, they're at least trying something new,
that's important, so kudos.

> It's unfair [...] to call [out] encrypted email providers

But is it... just look at most of their own front page
advertising statements that often go like...

"Secure Encrypted Email in your Browser"

Without weasel words, those statements can end up
being fake.

Does what net benefit the service may have for [most] users
offset potential damage arising from such statements?

There's a bunch of front page statements here too
that also have more holes than a block of Swiss Cheese...

https://www.torproject.org/

Who is parsing and calling them out, and or proffering
page updates that use suitably accurate weasel words?

> inside a web browser, with no easy solution :-/

If the world is still stupidly insisting on the derelict spy exploited
relic of SMTP transport, instead of say fully encrypted P2P
overlay transports with legacy SMTP / POP / IMAP frontends
for the old timey feels, they should at least be directly extending
browser functionality to load and exec user selected third party
provided and fourth party audited message crypting code modules
from local disk.

Or should be using actual properly stood at a distance
tools like GPG, Enigmail, Mailpile, NeoMutt, whatever,
while replacement distributed P2P messaging and storage
systems gain marketshare.

If user can locally compile and use Tutanota from Github
with no blobs, that's interesting, perhaps consider dropping
them some coin if so.



More information about the cypherpunks mailing list