Again - SSL flaws, bad server, etc... Maybe a buggy browser. Can you imagine a
bug allowing JS injection in any tab? Post a bit.ly link and wait for keys...
Bugs like that have existed before.
2012-04-01 02:54 skrev James A. Donald:
On 2012-04-01 7:51 AM, natanae...@gmail.com wrote:
It's
On 2012-03-31 11:49 PM, Mario Contestabile wrote:
You guys have any cypherpunk opinions on https://crypto.cat/ ?
It's a secure online communication tool, apparently used by Anonymous.
It was developed by Nadim Kobeissi, (yet another Montrealer).
Mario
Public source, standard algorithms,
On 2012-04-01 6:17 AM, natanae...@gmail.com wrote:
There are two issues IMHO:
* SSL flaws/Javascript MITM/bad servers. Your key can be leaked.
According to the spec, your key remains on your browser.
So cannot be leaked unless your computer has been got at.
On 2012-04-01 7:51 AM, natanae...@gmail.com wrote:
It's running in a browser using JS...
To attack JS, the attacker needs to induce the victim to open the
attackers web page at the same time as the attacked web page, and
successfully apply a cross site scripting attack. The simplicity of