Tom Ritter t...@ritter.vg writes:
I *think* that app stores take a binary you upload and run their
static and dynamic checks on that. They then publish that binary
without modification. (Indeed, how could they modify it? You sign it
with your key.) In that case, I think a verifiable build
On Sun, Aug 11, 2013 at 4:46 AM, Michael Rogers
mich...@briarproject.org wrote:
The app store can't substitute a different binary (no developer signing
key), users
can verify that the app was what the developer produced (via pulling the
binary and
checking the hash), and advanced users can
The app store can't substitute a different binary (no developer signing key),
users can verify that the app was what the developer produced (via pulling
the binary and checking the hash), and advanced users can verify that what
the developer produced is what they produce via the replicable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/08/13 17:43, Reed Black wrote:
CryptoCat is served up by the Chrome app store. Do you have
control over what binary gets distributed to who? Does any assurace
exist beyond the app store's own signing validation?
I thought this was like
On 10 August 2013 11:43, Michael Rogers mich...@briarproject.org wrote:
If we assume that app stores aren't going away any time soon, we need
to address this problem: How can a user who downloads an app from an
app store be satisfied that it was built from published source code?
We might also
On 2013-08-08, at 11:53 PM, Mike Perry mikepe...@torproject.org wrote:
It is profoundly encouraging to see that people of such courage and
integrity as the Lavabit staff exist, and are willing to put everything
on the line to stand up against this madness.
+1.
For what it's worth, and even
On Fri, Aug 9, 2013 at 4:26 AM, Nadim Kobeissi na...@nadim.cc wrote:
For what it's worth, and even though I think it's pretty unlikely that
Cryptocat will receive such an order,
*snip*
You're right but that should provide little comfort - when they come
after the non-business platform libtech
On 2013-08-09, at 11:31 AM, Ali-Reza Anghaie a...@packetknife.com wrote:
On Fri, Aug 9, 2013 at 4:26 AM, Nadim Kobeissi na...@nadim.cc wrote:
For what it's worth, and even though I think it's pretty unlikely that
Cryptocat will receive such an order,
*snip*
You're right but that should
Le 09 août - 11:48, Nadim Kobeissi a écrit :
On 2013-08-09, at 11:31 AM, Ali-Reza Anghaie a...@packetknife.com wrote:
On Fri, Aug 9, 2013 at 4:26 AM, Nadim Kobeissi na...@nadim.cc wrote:
For what it's worth, and even though I think it's pretty unlikely that
Cryptocat will receive such
On 2013-08-09, at 11:59 AM, Julien Rabier tazi...@flexiden.org wrote:
Le 09 août - 11:48, Nadim Kobeissi a écrit :
On 2013-08-09, at 11:31 AM, Ali-Reza Anghaie a...@packetknife.com wrote:
On Fri, Aug 9, 2013 at 4:26 AM, Nadim Kobeissi na...@nadim.cc wrote:
For what it's worth, and even
Also, weren't NSLs ruled unconstitutional recently?
NK
I don't remember that, but I do remember hearing the FISC ruled some of the
NSA's activities unconstitutional….in 2011.
http://www.ibtimes.com/fisc-will-not-object-release-2011-court-opinion-confirmed-nsas-illegal-surveillance-1305023
I think Nadim is referring to this:
https://www.eff.org/press/releases/national-security-letters-are-unconstitutional-federal-judge-rules
On Fri, Aug 9, 2013 at 11:34 AM, Nadim Kobeissi na...@nadim.cc wrote:
On 2013-08-09, at 11:59 AM, Julien Rabier tazi...@flexiden.org wrote:
Le 09 août
On Fri, Aug 09, 2013 at 11:26:21AM +0300, Nadim Kobeissi wrote:
On 2013-08-08, at 11:53 PM, Mike Perry mikepe...@torproject.org wrote:
It is profoundly encouraging to see that people of such courage and
integrity as the Lavabit staff exist, and are willing to put everything
on the line to
On 2013-08-09, at 1:24 PM, Nick liberationt...@njw.me.uk wrote:
On Fri, Aug 09, 2013 at 11:26:21AM +0300, Nadim Kobeissi wrote:
On 2013-08-08, at 11:53 PM, Mike Perry mikepe...@torproject.org wrote:
It is profoundly encouraging to see that people of such courage and
integrity as the Lavabit
On 2013-08-09, at 1:55 PM, Fabio Pietrosanti (naif) li...@infosecurity.ch
wrote:
Il 8/9/13 10:59 AM, Julien Rabier ha scritto:
Le 09 août - 11:48, Nadim Kobeissi a écrit :
On 2013-08-09, at 11:31 AM, Ali-Reza Anghaie a...@packetknife.com wrote:
On Fri, Aug 9, 2013 at 4:26 AM, Nadim
On Fri Aug 9 06:55:12 2013, Fabio Pietrosanti (naif) wrote:
This is because with OpenFire + Chrome you can also do end-to-end
encrypted WebRTC Audio/Video call.
Firefox nightlies, as far as I'm aware, also provide WebRTC capability
these days (based on DTLS-SRTP... they voted down at last
Il 8/9/13 3:29 PM, Joseph Lorenzo Hall ha scritto:
On Fri Aug 9 06:55:12 2013, Fabio Pietrosanti (naif) wrote:
This is because with OpenFire + Chrome you can also do end-to-end
encrypted WebRTC Audio/Video call.
Firefox nightlies, as far as I'm aware, also provide WebRTC capability
these
On Fri Aug 9 09:42:49 2013, Fabio Pietrosanti (naif) wrote:
To be true, i invested 4 weeks of trolling on IETF WebRTC mailing list
sustaining the need to support also SDES in order to provide
interoperability with existing VoIP world from day 1.
::) I think I'm solidly with EKR on this...
Fabio Pietrosanti (naif) wrote:
If someone want to make this recipie working, i think that the world
would appreciate with an easy to be setup, independently run, audio,
video, file transfer, chat infrastructure accessible with a web
browser .
Welp, there goes my weekend. Dangit, naif! ;-)
On 09.08.2013 13:15, Nadim Kobeissi wrote:
Yup, Cryptocat has had build assurance for quite some time.
Sorry, not possible to backdoor without people noticing
is still a valid line of defence and has been one for a while.
You should think about splitting Cryptocat software development and
Thankfully Cryptocat can be used with a custom server. They can shut down a
server but they can't prevent new servers being configured.
Hence the importance of decentralized open-source software.
On Aug 9, 2013, at 10:48 AM, Nadim Kobeissi na...@nadim.cc wrote:
On 2013-08-09, at 11:31 AM,
On 8/9/13 5:34 AM, Nadim Kobeissi wrote:
Also, weren't NSLs ruled unconstitutional recently? NK
Yes. However...
NSLs have been ruled unconstitutional several times beginning in 2004
[1] with my case ( Doe v. Ashcroft / Doe v. Gonzalez / Doe v. Mukasey /
Doe v. Holder ) and then again in 2007
Griffin, make it so!!
On Aug 9, 2013 7:31 AM, Griffin Boyce griffinbo...@gmail.com wrote:
Fabio Pietrosanti (naif) wrote:
If someone want to make this recipie working, i think that the world
would appreciate with an easy to be setup, independently run, audio,
video, file transfer, chat
On 09 August, 2013 - Moritz Bartl wrote:
On 09.08.2013 13:15, Nadim Kobeissi wrote:
Yup, Cryptocat has had build assurance for quite some time.
Sorry, not possible to backdoor without people noticing
is still a valid line of defence and has been one for a while.
You should think about
On Fri, Aug 9, 2013 at 1:26 AM, Nadim Kobeissi na...@nadim.cc wrote:
On 2013-08-08, at 11:53 PM, Mike Perry mikepe...@torproject.org wrote:
It is profoundly encouraging to see that people of such courage and
integrity as the Lavabit staff exist, and are willing to put everything
on the line
Moritz Bartl:
On 09.08.2013 13:15, Nadim Kobeissi wrote:
Yup, Cryptocat has had build assurance for quite some time.
Sorry, not possible to backdoor without people noticing
is still a valid line of defence and has been one for a while.
You should think about splitting Cryptocat software
Thanks for volunteering to help me test the service ;3
Brian Conley wrote:
Griffin, make it so!!
On Aug 9, 2013 7:31 AM, Griffin Boyce griffinbo...@gmail.com
mailto:griffinbo...@gmail.com wrote:
Fabio Pietrosanti (naif) wrote:
If someone want to make this recipie working, i think
of course!!! Ready and waiting captain!
On Aug 9, 2013 10:37 AM, Griffin Boyce griffinbo...@gmail.com wrote:
Thanks for volunteering to help me test the service ;3
Brian Conley wrote:
Griffin, make it so!!
On Aug 9, 2013 7:31 AM, Griffin Boyce griffinbo...@gmail.com
https://lavabit.com/https://mail.aljazeera.net/owa/redir.aspx?C=C-JjrgIYEEuVtop4L5ekkprZkHoJaNAI1emSTsdeFmPgXa3gmIunVE-6BLYJ-qLs7Uy3YNIHo0k.URL=https%3a%2f%2flavabit.com%2f
My Fellow Users,
I have been forced to make a difficult decision: to become complicit in
crimes against the American people
It is profoundly encouraging to see that people of such courage and
integrity as the Lavabit staff exist, and are willing to put everything
on the line to stand up against this madness.
David Johnson:
right. They're putting their lives' work, their livelihood, at stake.
Best Regards | Cordiales Saludos | Grato,
Andrés L. Pacheco Sanfuentes
a...@acm.org
+1 (817) 271-9619
On Thu, Aug 8, 2013 at 3:53 PM, Mike Perry mikepe...@torproject.org wrote:
It is profoundly encouraging to see that
http://boingboing.net/2013/08/08/lavabit-email-service-snowden.html
has the link to the correct paypal donation page.
On Thu, Aug 8, 2013 at 4:31 PM, David Johnson da...@bostonreview.netwrote:
I find it unlikely that it's an NSL per se. That would compel Lavabit
to produce existing business records, and shutting down doesn't
provide any defense against that.
But if the FBI (likely the lead agency on this) tried to compel
Lavabit to weaken its implementation so that they could conduct
33 matches
Mail list logo