> Message du 04/06/14 00:29 > De : "rysiek" > > OHAI, > > Dnia środa, 4 czerwca 2014 00:19:43 piszesz: > > > not sure what to think about this one: > > > http://googleonlinesecurity.blogspot.com/2014/06/making-end-to-end-encrypt > > > ion-easier-to.html > > > > > > Technical specs: > > > https://code.google.com/p/end-to-end/ > > > > If you want to land on a watch-list and maybe no-fly list, you just install > > it in your Chrome. Because as far as we can tell Google is in bed with the > > NSA and so the proprietary browser may just flag you to the system and done > > you are, or may forward all your messages in the clear. Who knows? Which is > > worst? > > > > That's why there is not foocking way to trust proprietary software. > > Companies are forced to act like criminals on behalf of the government. > > There is no loyalty, respect, ethics, honesty or even business which the US > > government won't try to trample upon. > > > > If one wants to go crypto, he goes all the way with OpenBSD, Tails, Kali, > > Gentoo, Firefox, Midori or even old and good Lynx, but not Chrome. > > > > lol > > A heck with it, why not -- I'll play the Google's advocate here. > > So, the extension itself will be FLOSS, as I understand, so the extension > itself will be audit-able (inb4 openssl, truecrypt). And as I understand it > *will* be installable in Chromium too. > > Is that an acceptable combination? With such an assumption ("use Chromium, > Luke!"), does End-to-End seem to make sense? Or are there other problems we > need to look into and be wary of? >
With chromium, End-to-End can start looking respectable. But even then Chromium is cranked by a much smaller team than Firefox and surely suffers from the same problems OpenSSL has faced for most of its existence.
