[tptacek]

I suppose I'm expected to give a full-throated defense of the Matasano post, which I wrote, but I'm not going to. While I don't dislike the post as much as this author appear to, I don't much like it either. I wrote it in a single draft, all at once, as a sort of message board comment I'd write once and maybe in the future refer back to. I didn't promote it on HN and I'm not the reason it keeps getting cited.

None of this bickering changes a simple truth: when a web mail provider claims to provide "NSA-proof" end-to-end encryption, hosted in Switzerland just to be safe, using software that you don't have to install on your computers at all, then you need to assume that web mail provider can read your email, and so can anyone who can coerce that provider into doing something. If you believe that --- and you should --- then I don't care what you think about the rest of the Matasano article.

[cryptbe]

> None of this bickering changes a simple truth: when a web mail provider claims to provide "NSA-proof" end-to-end encryption, hosted in Switzerland just to be safe, using software that you don't have to install on your computers at all, then you need to assume that web mail provider can read your email, and so can anyone who can coerce that provider into doing something. If you believe that --- and you should --- then I don't care what you think about the rest of the Matasano article.

This. The whole article could be replaced with this paragraph, and it couldn't be clearer.

[read]

using software that you don't have to install on your computers at all

That's the important question: what software do you need to install on a computer to make end-to-end crypto possible for web apps.

(The good kind of crypto that can be trusted.)

[bren2013]

If you think that's the "simple truth," you either didn't read the article, or you have some piece of information you're not sharing with the rest of us.

You also know something about the "formalisms of HBC" (now redacted), and how it doesn't work with browsers that even scholars don't know about.

I think we'd all appreciate elaboration.

[tptacek]

This comment appears to be totally unresponsive to mine.

Incidentally, the "now redacted" in the parent comment refers to three bullets I had written in the grandparent comment and left for four minutes before realizing that objecting in detail to this person's blog post more or less amounted to making a full-throated defense of the Matasano post. Which, like I said, I'm not in love with either.