undefined | Better HN

0 pointslibertymcateer9y ago0 comments

> this is all bunk tho since the big vulnerability here is that you're delivering the encryption routines via javascript in a global browser space

So what about mailvelope?

0 comments

libertymcateerOP9y ago

Nm, I understand your point, and yes, no contest. The extension is being broken up and will communicate with the environment on the tab with sent messages, rather than just injecting the whole content script. I hear your point loud and clear.

nikcub9y ago

You're not taking your own advice from two comments up :)

libertymcateerOP9y ago

Regarding professionals? I hear you - loud and clear.

I want you to know, very sincerely, I appreciate your feedback over the past two days.

Some lessons (re-)learned:

* Security is a conclusion, not an assertion - it is improper to present a system as secure without evidence. * I am not, nor will I ever be, qualified to provide a conclusion regarding security. * The language on the homepage needs to be clear in this regard without being 'cute.' * If I ever post on HN regarding security, either use evidentiary sources to back my points on provide code.

Thanks for the reality check.

j / k navigate · click thread line to collapse

0 comments

libertymcateerOP9y ago

nikcub9y ago

You're not taking your own advice from two comments up :)

libertymcateerOP9y ago

Regarding professionals? I hear you - loud and clear.

I want you to know, very sincerely, I appreciate your feedback over the past two days.

Some lessons (re-)learned:

Thanks for the reality check.

j / k navigate · click thread line to collapse