[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Google'es End-to-End



On Thu, Jun 5, 2014 at 10:37 AM, Black Fox <[email protected]> wrote:

> On Thu, Jun 5, 2014 at 4:48 AM, Alfie John <[email protected]> wrote:
> >
> > On Wed, Jun 4, 2014, at 10:19 AM, [email protected] wrote:
> > > That's why there is not foocking way to trust proprietary software.
> > > Companies are forced to act like criminals on behalf of the government.
> > > There is no loyalty, respect, ethics, honesty or even business which
> the
> > > US government won't try to trample upon.
> >
> > Someone's already submitted a bug report:
> >
> >   https://code.google.com/p/end-to-end/issues/detail?id=9
>
> Cute, but the threat model of the submitter seem unclear to me, in
> what is it different here from gpg binaries provided by a linux
> distribution package ?
>
> If even only one person have access to the packaging keys and is of
> american nationality he can receive a National Security Letter and
> would have to comply (Rubber hose is obviously working too if they
> want to risk it). Using quantum insert they don't even need to change
> the packages for everyone, only you.
>
> Updates for any software executing with access to your private data
> are dangerous.
>
> I don't see why this subject is present in the issue tracker of an
> extension... it's a lot more general issue (Except for the fact that
> Google bashing is cool today).
>

This seems like a good project, that will move PGP usability and standards
forward. It's also a big deal for Google to throw its support to the
project, since it is in direct tension with the business model Gmail is
built on (scanning your emails).

The auto-update feature is a big deal that will have to get wrestled with
openly as this moves further. Perhaps they'll work out a separate update
policy for it, who knows. But it'll also have applications outside of a
place in the Chrome Web Store.

For example, hopefully much of this work (especially the JS crypto work)
will also turn out to be reusable in Firefox.

-- 
konklone.com | @konklone <https://twitter.com/konklone>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20140605/470de5f5/attachment.html>