[SamReidHughes]

It uses a 47.6 bit key?

Generated by Math.random()? (According to MDN, that's seeded from the current time...)

Update: Another problem is that there is no message authentication. The server can flip individual bits within the message.

Update: Also, obviously, we have to trust noplaintext.com to send us an uncompromised web page.

But wait! View source!

<script type="text/javascript" async="" src="https://ssl.google-analytics.com/ga.js></script>;

We also have to trust Google, specifically google-analytics.com not to steal the message.

<script type="text/javascript" src="https://crypto-js.googlecode.com/files/2.5.3-crypto-sha1-hma...;

AHHHHHHHHHHHH!

We also have to trust whoever controls the crypto-js project and the people running googlecode.com.

[DanWaterworth]

It's even worse than that. The sources of entropy you have available to you in the browser are servers which you obviously can't use in this case and the user which would be a UX disaster.

[ketralnis]

> We also have to trust whoever controls the crypto-js project and the people running googlecode.com.

And every router between them and googlecode.com (or whatever that resolves to in their DNS situation!)

[SamReidHughes]

The link is an HTTPS link so that's not true. You merely have to trust every CA.

[larelli]

I noticed that the generated links default to non-SSL even though SSL seems to work and even when the site itself has been accessed via SSL.