Hacker News new | ask | show | jobs
by quickthrower2 2743 days ago
Nope because the user encrypts them using their own secret. No access to historical emails but possible to backdoor the JS later on.
2 comments
chrismorgan 2743 days ago
If your code running on the user’s computer can use the secret provided by the user to access email, your code can steal the secret.

Running the encryption no the user’s computer instead of your own servers is not a panacea, because you still control the code.

link
zAy0LfpBZLC8mAC 2743 days ago
So, it is possible to backdoor the JS lateron, but it is impossible to use that for accessing the emails? Could you explain how that works?
link