undefined | Better HN

0 pointsuallo6y ago0 comments

That does not really answer my question. Why does missing support for Yubikeys "suggest [that] something very very scary going on at the organization"? Supporting Yubikeys is probably already in their list of planned features. But ProtonMail is a relatively small company and the user base requesting that feature might be relatively small. Yes, security is one of their top-most priorities but so is earning money. The latter requires a large paying audience where other features might be more important.

0 comments

rshnotsecure6y ago

It’s such an oversight that to quote someone from early 20th century ... “is this stupidity or is this treason”.

Not doing this was a deliberate choice. The benefits of implementing it outweigh at maybe a dozen orders of magnitude not implementing it.

The very scary thing btw is simple. They were bribed the same way the WordPress Core Contributors have been for years. Let me discuss this quickly, and I’m happy to name names in a separate posting (Gary Pendergast out of Australia is going to jail though along with another America dev). That being said please review this discussion where several core contributors admit to not even reading an extremely important path from arguably one of the best PHP developers in the world (certainly in terms of security): https://core.trac.wordpress.org/ticket/39309

j / k navigate · click thread line to collapse

0 comments

rshnotsecure6y ago

It’s such an oversight that to quote someone from early 20th century ... “is this stupidity or is this treason”.

Not doing this was a deliberate choice. The benefits of implementing it outweigh at maybe a dozen orders of magnitude not implementing it.

j / k navigate · click thread line to collapse