Hacker News new | ask | show | jobs
by tomp 4296 days ago
> We believe that SJCL provides the best security which is practically available in Javascript. (Unforunately, this is not as great as in desktop applications because it is not feasible to completely protect against code injection, malicious servers and side-channel attacks.)
1 comments
bradleyjg 4296 days ago
And? It's vetted by a cryptographer who noted the caveats that apply. Do you take 'vetted' to mean 'unreservedly recommend'?
link
wglb 4296 days ago
I would, yes.

His disclaimer mentions three game-over problems.

link