u: > On 22.03.19 02:24, Daniel Kahn Gillmor wrote: >> Is the concern that it's too expensive to maintain both the extension >> and the javascript going forward? > > Ideally we'd only maintain one of those, but I think your idea is good: > if we could increase verification by having an internal mechanism, this > would be an improvement. However, the question remains: what happens if > an attacker controls the website?
If an attacker controls the website we're screwed anyway. See attack [C] of our threat model: https://tails.boum.org/contribute/design/verification_extension/#index3h2 -- sajolida _______________________________________________ Tails-dev mailing list [email protected] https://www.autistici.org/mailman/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
