On 2011-10-10, Arturo Filastò a...@globaleaks.org wrote:
On 10/10/11 9:44 AM, Robert Ransom wrote:
On 2011-10-10, Fabio Pietrosanti (naif) li...@infosecurity.ch wrote:
is anyone evaluating whenever to include PGP encryption support into the
default Tor Browser Bundle as a Firefox extension?
On 2011-10-10, Fabio Pietrosanti (naif) li...@infosecurity.ch wrote:
is anyone evaluating whenever to include PGP encryption support into the
default Tor Browser Bundle as a Firefox extension?
No.
I looked at the implementation and:
* FireGPG it's discontinued
On 10/10/2011 2:44 AM, Robert Ransom wrote:
No. See https://tails.boum.org/bugs/FireGPG_may_be_unsafe/ , but
beware -- I'm sure katmagic and I missed a few dozen attacks.
You're correct - that is, the https site you link has an unsafe
certificate, * per msg * in Firefox 7:
tails.boum.org uses
On Oct 10, 2011, at 2:48 PM, Joe Btfsplk wrote:
On 10/10/2011 2:44 AM, Robert Ransom wrote:
No. See https://tails.boum.org/bugs/FireGPG_may_be_unsafe/ , but beware --
I'm sure katmagic and I missed a few dozen attacks.
You're correct - that is, the https site you link has an unsafe
On 10/10/11 13:48, Joe Btfsplk wrote:
tails.boum.org uses an invalid security certificate.
Anyone else seeing same security msg?
Well done, you've found the flaw in the PKI model.
Julian
--
3072D/D2DE707D Julian Yon (2011 General Use) pgp.2...@jry.me
signature.asc
Description: OpenPGP
On 10/10/11 9:44 AM, Robert Ransom wrote:
On 2011-10-10, Fabio Pietrosanti (naif) li...@infosecurity.ch wrote:
is anyone evaluating whenever to include PGP encryption support into the
default Tor Browser Bundle as a Firefox extension?
No.
I actually think it would be a great idea to include
On 10/10/2011 01:07 PM, Mike Perry wrote:
The problem with a browser extension is that the very thing that makes
it useful is what makes it so risky. A GPG plugin of any kind becomes
a vector for all sorts of nasty web attacks that would have normally
been stopped by the server, such as XSS,
Thus spake Arturo Filastò (a...@globaleaks.org):
I actually think it would be a great idea to include PGP encryption
support into the browser.
I remember discussing this with Jake some time ago of maybe in the
future having a bundle for Thunderbird and enigmail. I don't see why it
it a bad