Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] safegmail-is-a-simple-way-to-encrypt-messages-in-gmail

Alec Muffett alec.muffett at gmail.com
Tue Oct 23 17:04:14 PDT 2012


Maybe someone ought to tell lifehacker this perspective, until Sam gets a
team together to fix it?

    -a

On 23 October 2012 20:11, Steve Weis <steveweis at gmail.com> wrote:

> Seconded. Do not use this extension in production.
>
> I briefly looked at the code and found some mistakes: unauthenticated
> encryption, use of ECB for larger than one block, use of 512-bit ElGamal
> keys, possible timing attack to recover secret key hash, possible entropy
> exhaustion DoS attack, etc.
>
> [deletia]

-- 
http://dropsafe.crypticide.com/aboutalecm
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20121024/f14c7838/attachment.html>


More information about the liberationtech mailing list