[liberationtech] Whiteout OpenPGP.js encrypted mail client (Chrome HML5 App)

[Fabio Pietrosanti (naif)]

Il 1/22/14, 8:06 AM, Paul Ferguson ha scritto:
>
> While I do not disagree with you here, per se, I would like to point
> out that any client  that gratuitously trusts JavaScript *or* HTML5 is
> also a client which allows the end user to be victimized by the most
> casual daily criminal campaigns.

I just would like to argue that the delivery (download, installation,
upgrade) of an Chrome App is far more secure than an native application
with an executable installer, due to the trust model of application
store and the reduced risks of being hijacked/infected during the download.

That's not a website delivering you javascript code.

That's an *application* that is built using Javascript/HTML5 like if it
was built using Objectice-C/C++ for iOS.

No substancial difference.

I'm really bored about the continuous critics against use of Javascript
for encryption purposes.

HTML5/JS is in the the future of any application development, it's the
only eterogenous application development environment, the browser is the
home of the end-user.

That's what we just need to accept, it already happened, it's always
that way. We just need to deal with that.

-- 
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20140122/4fdc35e6/attachment.html>