|
|
|
|
|
|
by m8urn
4613 days ago
|
|
|
That is a key point--that no system can ever be secure as long as the host has some way of intercepting messages. The fact is that no matter how secure Levison makes the system, there will always be some way he could intercept messages if he really wanted to, even if it meant modifying the code a bit. And if he can do it, the feds can compel him to do it. |
|
|
Erm, that's only the case for systems that use cleartext in transit. If you encrypt and decrypt (and we assume you're doing it right) at the endpoints then the intermediate can't do anything with the content.
Your 'no matter how' bit is correct, and it was flawed to rely on SSL for transit only and hope the law would protect the keys. Hence tqbf's point that using cleartext in-out is just plain bad to begin with.