Dnia wtorek, 3 czerwca 2014 19:55:16 James Murphy pisze: > On 6/3/2014 18:42, [email protected] wrote: > >> Message du 04/06/14 00:29 > >> De : "rysiek" > >> > >> OHAI, > >> > >> Dnia środa, 4 czerwca 2014 00:19:43 piszesz: > >>>> not sure what to think about this one: > >>>> http://googleonlinesecurity.blogspot.com/2014/06/making-end-to-end-encr > >>>> ypt > >>>> ion-easier-to.html > >>>> > >>>> Technical specs: > >>>> https://code.google.com/p/end-to-end/ > >>> > >>> If you want to land on a watch-list and maybe no-fly list, you just > >>> install > >>> it in your Chrome. Because as far as we can tell Google is in bed with > >>> the > >>> NSA and so the proprietary browser may just flag you to the system and > >>> done > >>> you are, or may forward all your messages in the clear. Who knows? Which > >>> is > >>> worst? > >>> > >>> That's why there is not foocking way to trust proprietary software. > >>> Companies are forced to act like criminals on behalf of the government. > >>> There is no loyalty, respect, ethics, honesty or even business which the > >>> US > >>> government won't try to trample upon. > >>> > >>> If one wants to go crypto, he goes all the way with OpenBSD, Tails, > >>> Kali, > >>> Gentoo, Firefox, Midori or even old and good Lynx, but not Chrome. > >>> > >>> lol > >> > >> A heck with it, why not -- I'll play the Google's advocate here. > >> > >> So, the extension itself will be FLOSS, as I understand, so the extension > >> itself will be audit-able (inb4 openssl, truecrypt). And as I understand > >> it > >> *will* be installable in Chromium too. > >> > >> Is that an acceptable combination? With such an assumption ("use > >> Chromium, > >> Luke!"), does End-to-End seem to make sense? Or are there other problems > >> we > >> need to look into and be wary of? > > > > With chromium, End-to-End can start looking respectable. But even then > > Chromium is cranked by a much smaller team than Firefox and surely > > suffers from the same problems OpenSSL has faced for most of its > > existence. > I went ahead and tried it out. One click to make a key and it integrates > into gmail. It's not going to replace PGP for anyone who already has a > key pair, but making end-to-end encryption one-click-easy is a shoe in > the door for getting the public to start caring about its own privacy > (and hence ours).
Okay, but how does that play with other PGP users? For example, will I be able to verify your signature with my "old" GPG? -- Pozdr rysiek
signature.asc
Description: This is a digitally signed message part.
