On Fri, Jun 20, 2014 at 1:22 PM, Rikairchy <[email protected]> wrote:
> Why would a website focused on providing security allow users to > upload their private keys? > They are willfully creating a less secure system in hopes of making it popular. Supporting private key upload completely changes the threat model, from the end-to-end system they are allegedly trying to supplement, to one that's no different from just using TLS and a central service. I hope it's clear to any security enthusiasts where their priorities lie. Security takes a backseat to popularity. That's the wrong set of priorities for secure software. -- Tony Arcieri _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
