chrome://messenger/locale/messengercompose/composeMsgs.properties:
On Sun, 29 Nov 2009 01:49:29 +0000
Stroller<strol...@stellar.eclipse.co.uk> wrote:
Everyone's yakking it up because it makes them look clever.
Either that, or they're 'yakking it up' in hopes of discouraging a
regular user here from taking an amazing risk with his banking access
passwords.
The "Why LastPass is safe" page<https://lastpass.com/safety.php> is
indeed bullet-points for idiots, and if that was the only
information available on the site then I, too, might be more
suspicious. If you look at the "Technology" summary on the site it
looks far more reasonable:<https://lastpass.com/technology.php>.
Perhaps some other commenters should have read this before posting?
You've missed the point, which is that users have no way of verifying
that the LastPass technology actually behaves the way their web site
claims.
For example, how would you verify that their software, installed on
your own machine, doesn't make a hash of the key to your data and send
it to them? Of course their web site says they don't do that, and if
that's good enough for you, good luck.
And that is why they need to let someone independently review their code
to see exactly what it does and in some cases, can do. I trust
Seamonkey for example for the reason that anyone can see their code. If
there was something in the code that allowed Seamonkey to grab passwords
or other information they shouldn't, then I'm sure someone would speak
up and say so. After all, how many people see the source code for
Seamonkey, thousands, maybe million or more? I don't think that many
people can keep a secret like that.
I think lostpass should open up the books so that people can see the
code. Then people may trust what they claim and could even make it
better at that. There is always someone out there with a better mouse
trap. I did read on there somewhere that Mozilla has some of their code
but it is not all of it. Not sure if it is the "good" stuff or what tho.
Dale
:-) :-)
