undefined | Better HN

0 pointsdeanclatworthy12y ago0 comments

I have no answer. I don't think anyone can argue that the research is not valuable, but what would be more valuable is a peer-reviewed piece of software created by experts in this field so we would not even be having this discussion (re: telegram, cryptocat etc.)

0 comments

1 comments · 1 top-level

thirsteh12y ago

OTR is as close to this as you'll get for IM at the moment, and even the most popular implementations like OTR for Pidgin (or Cryptocat!) haven't been vetted very thoroughly (not to mention Pidgin itself has a fairly spotted security track record.)

The people at heml.is are looking at implementing something like TextSecure as an IM, and its interface does look quite attractive, but it's a no-go as long as they're not open source (especially given that none of its authors are cryptographers), and thus can't receive a thorough review. (Actually getting qualified people to perform a review once it's open source is a challenge in itself, but perhaps people will spend more of their energy on that than writing blog posts saying they could do it better.)

j / k navigate · click thread line to collapse