[Cryptography] Can Google's new "End to End" leak plaintext via the DOM? [was: Re: [liberationtech] Mailvelope: OpenPGP Encryption for Webmail]
StealthMonger
StealthMonger at nym.mixmin.net
Thu Jun 12 16:36:15 EDT 2014
Uncle Zzzen <unclezzzen at gmail.com> writes:
> The reason why FireGPG no longer ships with tails is that the DOM of a web
> app is not a safe place for plaintext
> https://tails.boum.org/doc/encryption_and_privacy/FireGPG_susceptible_to_devastating_attacks/
> Any architecture where plaintext is stored inside a web app's DOM is
> dangerous. Especially a webmail app that can be expected to save drafts,
> but not only. Web apps can be MITMed, XSSed, etc. If it came via the web,
> it's a suspect.
> I'd expect a crypto add-on to only accept plaintext (and other sensitive)
> information via separate GUI that can only be launched manually (not via
> javascript in an app's DOM) and has a hard-to-imitate look-and-feel (to
> discourage phishing). The only communication between this add-on and the
> rest of the browser should be via the clipboard. Users who can't handle
> copy/paste shouldn't be trusted with a key pair :)
A prominent new entry in OpenPGP encrypted webmail is Google's
"end-to-end" [1,2]. Does it avoid this issue? How?
[1] https://code.google.com/p/end-to-end/
[2] http://googleonlinesecurity.blogspot.com/2014/06/making-end-to-end-encryption-easier-to.html
--
-- StealthMonger
Long, random latency is part of the price of Internet anonymity.
Key: mailto:stealthsuite at nym.mixmin.net?subject=send%20stealthmonger-key
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140612/314586af/attachment.sig>
More information about the cryptography
mailing list