[tptacek]

I don't even know how to respond to this: "the endpoints might be compromised, so why bother making the crypto secure"? That's the idea?

Browser JS is a uniquely terrible vector for delivering crypto to end users. Use something different.

[mpowers]

Your logical fallacy is: putting words into my mouth (argumentum ad logicam). I didn't say "why bother making the crypto" secure. I said that you can't point to endpoint security as a reason to fault JS more than you can fault every other crypto implementation.

Schneier thinks NSA may have already compromised certain binaries and checksums, and John Gilmore is wondering if certain source trees have been compromised.

JS is not immune to these kinds of attacks, nor is it any more susceptible. All we can do is make sure our implementation is clear and correct and avoids browser exploits. We can't control your binaries, OS, browser, or otherwise.