Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
magikarp
on Aug 7, 2011
|
parent
|
context
|
favorite
| on:
Cryptocat: webchat with client-side encryption fea...
Why not? AES has been implemented in javascript half a dozen times.
tptacek
on Aug 7, 2011
|
next
[–]
And? What is that evidence of?
sorbus
on Aug 7, 2011
|
parent
|
next
[–]
That the implementation of an encryption library in Javascript is not a reason to mistrust services which use that library?
tptacek
on Aug 7, 2011
|
root
|
parent
|
next
[–]
It isn't evidence of that. Implementation in
browser
JS
is
in fact a reason to distrust a cryptosystem.
mtogo
on Aug 7, 2011
|
prev
[–]
Okay..? What difference does
that
make?
cranklin
on Aug 7, 2011
|
parent
[–]
because... the server might send a broken .js therefore forcing your chat client into sending plain text.
mtogo
on Aug 7, 2011
|
root
|
parent
[–]
Exactly, that's the point. Or a browser extension. Or various other fun things, see tptacek's conversation above.
Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
