[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Google'es End-to-End



> Message du 04/06/14 00:29
> De : "rysiek" 
>
> OHAI,
> 
> Dnia Å?roda, 4 czerwca 2014 00:19:43 piszesz:
> > > not sure what to think about this one:
> > > http://googleonlinesecurity.blogspot.com/2014/06/making-end-to-end-encrypt
> > > ion-easier-to.html
> > > 
> > > Technical specs:
> > > https://code.google.com/p/end-to-end/
> > 
> > If you want to land on a watch-list and maybe no-fly list, you just install
> > it in your Chrome. Because as far as we can tell Google is in bed with the
> > NSA and so the proprietary browser may just flag you to the system and done
> > you are, or may forward all your messages in the clear. Who knows? Which is
> > worst?
> > 
> > That's why there is not foocking way to trust proprietary software.
> > Companies are forced to act like criminals on behalf of the government.
> > There is no loyalty, respect, ethics, honesty or even business which the US
> > government won't try to trample upon.
> > 
> > If one wants to go crypto, he goes all the way with OpenBSD, Tails, Kali,
> > Gentoo, Firefox, Midori or even old and good Lynx, but not Chrome.
> > 
> > lol
> 
> A heck with it, why not -- I'll play the Google's advocate here.
> 
> So, the extension itself will be FLOSS, as I understand, so the extension 
> itself will be audit-able (inb4 openssl, truecrypt). And as I understand it 
> *will* be installable in Chromium too.
> 
> Is that an acceptable combination? With such an assumption ("use Chromium, 
> Luke!"), does End-to-End seem to make sense? Or are there other problems we 
> need to look into and be wary of?
> 

With chromium, End-to-End can start looking respectable. But even then Chromium is cranked by a much smaller team than Firefox and surely suffers from the same problems OpenSSL has faced for most of its existence.