|
|
|
|
|
|
by ctz
4389 days ago
|
|
|
"Nobody, not even us, can read or listen into your conversations." This cannot possibly be true, given they are the root of trust for establishing the recipient's authentic public key. Also, minified javascript really does not count as a source code release. |
|
|
And it wouldn't take a complicated tweak at all to sneak the real password (or some sufficient version of it) back to the server, after which point certainly "even us" can read & listen in to all of that user's conversations.