[twr]

I was curious what that meant with "even if the server is malicious." Turns out, in short, the Mylar paper creates a distinction between the "web site owner," and "the server operator."

It shouldn't need to be stated, but not all people believe that is always an important distinction.

Mylar places complete trust in the application developer, whereas an important aspect of other security software is that you don't need to trust the developer: if one version of the software is audited, you can stay on that version; or the other can be examined.

Mylar doesn't make the web any less of an ephemeral and invisible black-box execution environment, where code goes in and vanishes without earlier proof of existence.

It sounds like I'm panning it, but really I think the idea is sound: It makes the lives of non-affiliated/non-government attackers more difficult. I'd use it with my bank website. Just not for highly sensitive communications.