undefined | Better HN

0 pointstokenizerrr12y ago0 comments

But that would defeat the point of opening the source, the part we're interested in is the security of the transport not how that pretty UI is made.

0 comments

x005412y ago

If the UI module does encryption and decryption, and if the said encryption is good enough, why would you care if the transport layer steals your encrypted data?

makomk12y ago

The transport layer is running on the same computer at the same trust level as the encryption layer, which means it can intercept the unencrypted data. Even if the developer's 100% honest it's easy for them to accidentally create a remote code execution vulnerability that allows an attacker to do this.

j / k navigate · click thread line to collapse

0 pointstokenizerrr12y ago0 comments

But that would defeat the point of opening the source, the part we're interested in is the security of the transport not how that pretty UI is made.

0 comments

x005412y ago

If the UI module does encryption and decryption, and if the said encryption is good enough, why would you care if the transport layer steals your encrypted data?

makomk12y ago

j / k navigate · click thread line to collapse