How is this any different from Cryptocat?
NK On Fri, Mar 22, 2013 at 4:59 PM, Cooper Quintin <coo...@radicaldesigns.org>wrote: > I had a chance to try out crypho a couple of weeks ago at a demo they > put on at noisebridge. I have some concerns about it, namely the > delivery of crypto code over javascript without any sort of verification > of it's authenticity (via browser plugin, etc.), since this point has > already been discussed to death on this list however, I do not wish to > re-open that debate. > I managed to find a couple of javascript injection attacks in the beta > already, though the developer assures me that they are working on fixing > all the bugs right now, still the lack of attention to basic web > security at such an early stage is concerning. > That aside it seems okay, though I have some worries about side channel > attacks and the fact that it hasn't been peer reviewed as far as I can > tell yet. > It does seem like an interesting project though, with some smart people > behind it. I am looking forward to seeing the code once they open source > it. > > Cooper Quintin > PGP Key ID: 75FB 9347 FA4B 22A0 5068 080B D0EA 7B6F F0AF E2CA > > On 03/22/2013 01:48 PM, R. Jason Cronk wrote: > > Anybody know the people who are doing this? http://www.crypho.com/ > > > > It's still in beta, so I'm assuming they are working out bugs prior to > > releasing the code which they say they will do. See > > http://www.crypho.com/faq.html > > > > > > Is it Open-Source? > > > > Yes! We are reviewing the source code for release. It will be > > available under an OSI approved license in the near future. > > > > > > > > > > > > *R. Jason Cronk, Esq., CIPP/US* > > /Privacy Engineering Consultant/, *Enterprivacy Consulting Group* > > <enterprivacy.com> > > > > * phone: (828) 4RJCESQ > > * twitter: @privacymaverick.com > > * blog: http://blog.privacymaverick.com > > > > > > > > -- > > Too many emails? Unsubscribe, change to digest, or change password by > emailing moderator at compa...@stanford.edu or changing your settings at > https://mailman.stanford.edu/mailman/listinfo/liberationtech > > > -- > Too many emails? Unsubscribe, change to digest, or change password by > emailing moderator at compa...@stanford.edu or changing your settings at > https://mailman.stanford.edu/mailman/listinfo/liberationtech >
-- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
