3 comments

[ 3.2 ms ] story [ 19.2 ms ] thread
Interesting, and I bet you could do a browser plugin to handle some of this on sites that don't support this. I wonder if OTR has a browser plugin.
Seems like a technical ad for their product. If the thread model includes malicious admins then all bets are off as admins can change both server-side and front-side code.

Some measure of security could be achieved using browser extensions (c.f. Mailvelope or https://stosb.com/blog/signed-web-pages/).

It's also part 1 of 2 and part 2 isn't out yet, which renders it basically useless.