Also: the RSA Security logo isn't the logo of the RSA algorithm; it's the logo of the company that sells RSA tokens.
I tire of hearing this repetitively, every time somebody attempts to take this path, but I recognize you are doing it for anybody that is new and didn't hear the other warnings.
Isn't the perfect the enemy of the good?
Can we recognize that this is a good first step, and definitely constitutes a huge improvement over gmail/yahoo type webmail solutions?
You can still quickly add a disclaimer that you hope they quickly begin the large task of development of native windows/mac/linux/ios/android apps that will remove the javascript concern.
If you spit on everything that is not perfect, you may be steering people away from taking any action to protect their privacy.
Look at Lavabit, which was good but not perfect... everyone thought they were protected enough, and then the government came knocking and all of a sudden the little gotcha of "Well, Lavabit did have access to your data after all, even though they promised not to look and also be really careful about their encryption keys" is the crack they use to blow the entire thing open. (Though that was a pretty damn big crack, admittedly.)
If there's a way to break in, then it will be broken in to--and then "good enough" all of a sudden becomes "tragically and dangerously broken" for the kinds of people who trusted it the most: activists, whistleblowers, informants, political radicals, etc.
No its not. "Browser crypto" in the form of JS is broken. There are many different possible attacks. So a false sense of security is actually worse then no security at all.
There is no need for niceties when you're trying to promote something as secure when it isn't.
Yes, but neither of those descriptors apply to this product.
No honestly, thank you for your comment and the ensuing discussion - most people get swayed by big names and such and reading sincere criticism of this sort of stuff is important and educating.
And you have to do this every time you load any page on the site, and any time any of those pages asynchronously load any content.
So, no, contrary to popular belief, this doesn't work.
The site even helpfully asks you to identify yourself with ANOTHER username and passphrase first, making it even safer for the attacker.
http://arstechnica.com/tech-policy/2013/12/switzerland-wont-...
That's the current status quo. And members of the Bundesrat (the executive gov body) have proposed more plans to ease the use of wiretaps.
Sorry, didn't bother to download and look for the source code, to find out how the inner mechanics work. The website doesn't give much information either.
As an aside, I see other people on this thread talking about the well-documented problems of in-browser encryption/decryption. Could someone point me to a list?
This is a dangerous and insane misunderstanding of the trust relationships work in the public CA system.
Any CA can impersonate any site. Your choice of CA has no bearing on your exposure to this risk.
(If this were an app or browser extension, you could plausibly pin the right certificate path to only trust SwissSign. But if you can do that, you can just pin your certificate and don't need a CA at all.)
This holds up "No private / public key management." as a feature. Without key management (specifically, secure generation, storage, and authentication) encryption is worse than useless.
So far we are still tracked by GA, so IDK...
