Re: [Sks-devel] offtopic: encrypt.to

[admin]

> Who are the intended targets of this service?
Non-PGP users.

You can't control the senders environment, maybe an old windows box
with keystroke logging, backdoors, etc. It's not my intention to be
the MITM. Yes it's a matter of trust.

Best
Jan



Gabor Kiss <address@hidden>:

> > > Simple, we're using client side encryption, you can review the javascript
> > > code in your browser. The server/service receives encrypted messages and
> > > send it to the receiver. The server/service can't decrypt your
> > message, it's
> > > PGP.
> > I think that what Gabor meant was that *maybe* a client will check
> > the source
> > code *once*, but not always! With time, you don't continue to do the same
> > annoying tasks (aka. checking that the source code is the same), and you
> > forget.
> >
> > A lambda person won't check the code, and then, the NXA (or another third
> > party), can alter with the code, and do a simple MITM. Everybody
> > will fall in
> > the trap.
>
> Yeah.
> Who are the intended targets of this service?
> Peoples who cannot install (,stricly check) and run a gpg program
> on their own computers. Who cannot run a command line program.
> Whose only cabability is moving mouse. (So called one armed lawyers. :)
> I'm pretty sure that most of them is unable to audit any JS, Ruby or C code.
>
> Gabor
> --
> Wenn ist das Nunstück git und Slotermeyer?
> Ja! ... Beiherhund das Oder die Flipperwaldt gersput.
>
> _______________________________________________
> Sks-devel mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/sks-devel