> You should have just conceded the point (it turned out later in the thread that you were wrong to have brought it up). Instead, you relentlessly personalized it. Now you're unhappy with how that went for you. Maybe…
Since you've asked me not to share contents of private emails, I won't. But your insistence on assuming bad faith on my part and rudely rejecting any conflict resolution from my end is deplorable, and you should be…
I'll make sure to answer any other comments so long as I have something to contribute.
I need to investigate this properly before I offer you an educated answer with details.
I hope I'm not mistaken, but my understanding is that you can have the same message C that would decrypt with K1 to the plaintext "Hello world" but with K2 to another plaintext of your choice ("Jello Warld" or whatever.)
Sorry, Thomas, but after you repeatedly replied to my private requests for conflict resolution with threats and abusive remarks, I refuse to interact with you entirely, publicly or privately. Those curious as to why I'm…
The attacker could send different Ks to each user so that K decrypts C to a different plaintext.
I don't think it would be trivial (it's likely possible to some degree, but authentication and integrity checks might make it slightly more difficult), but the issue with this protocol is that you don't even need server…
I endorse continuous transcript consistency, but believe that TextSecure currently does not allow its users to benefit from it and that this should be resolved. I think mpOTR is irrelevant to this discussion. I hope…
Thanks for laying out your thought process, it's very helpful. > I pointed out that the protocol Cryptocat builds that UI on is so bad that you conceded downthread that you're building a new protocol --- you made that…
It really seems like you wrote this comment not to add anything to the conversation, but simply to discourage me from commenting. I really don't understand. I'm trying to be constructive here and I wish you'd join me.…
UI is absolutely a very difficult part of the problem, and here we see an example outlining this. Even a capable protocol still has problems if the UI fails to translate the capabilities into benefits and security…
My original comment was simply to point out a current problem in this protocol design. There are some ways one can deploy to make it more difficult for Alice to send different messages to Bob and Carol without being…
Thanks for agreeing to turn the discussion in a more constructive direction, Thomas. I agree that mpOTR is a dead end. The initial paper by Goldberg et al describes a protocol that is bulky and largely undefined. I…
I'm sorry, but I don't think your approach to this discussion is constructive. I hope TextSecure developers address my initial concern, and that's all for me.
I think TextSecure is an excellent and inspiring project. All I'm trying to do is identify an area of concern for me. I'm not sure why you're attacking me personally here. I think my initial point of concern stands and…
I'm quite certain that the current TextSecure chat allows my proposed scenario with Alice, Bob and Carol to go through without issue. This is the main problem here. So while transcript consistency is discussed in the…
Yes, per your quote, transcript consistency is discussed. But the discussion simply outlines problems with implementing it in their mobile use case — to my understanding the current version being offered to users…
The fact that transcript consistency is waved aside, despite being an essential property of a messaging protocol especially in a group context, is problematic, from my perspective. Consider a group chat between Alice,…
I disagree; I don't think your summary is accurate. This is an audit of a pre-release prototype. All the bugs were fixed before release, and our blog post at…
To be clear, I'm not trying to cast aspersions. As I've already stated, TextSecure is a great project that I strongly recommend. I'm trying to have a serious discussion regarding transparency of audits. I feel your…
Why isn't Moxie replying? Publishing an audit, with or without vulnerabilities, surely is beneficial to TextSecure. I don't understand their reticence to publish audits. We know OTF has commissioned at least two audits…
I was the person who wrote to OTF asking them to fund our audit. I have no idea if they require it — I'm always the one to initiate the process.
It's important to note that this audit was commissioned to evaluate a prototype build before release. It was expected to find bugs, and all bugs were fixed before release. I believe I take my job very seriously when I…
Hmm. Cryptocat was actually the first ever OTF project. I believe they've always asked for the publication of audits. What I'm curious about is, why don't other projects such as TextSecure publish their audits as well?…
> You should have just conceded the point (it turned out later in the thread that you were wrong to have brought it up). Instead, you relentlessly personalized it. Now you're unhappy with how that went for you. Maybe…
Since you've asked me not to share contents of private emails, I won't. But your insistence on assuming bad faith on my part and rudely rejecting any conflict resolution from my end is deplorable, and you should be…
I'll make sure to answer any other comments so long as I have something to contribute.
I need to investigate this properly before I offer you an educated answer with details.
I hope I'm not mistaken, but my understanding is that you can have the same message C that would decrypt with K1 to the plaintext "Hello world" but with K2 to another plaintext of your choice ("Jello Warld" or whatever.)
Sorry, Thomas, but after you repeatedly replied to my private requests for conflict resolution with threats and abusive remarks, I refuse to interact with you entirely, publicly or privately. Those curious as to why I'm…
The attacker could send different Ks to each user so that K decrypts C to a different plaintext.
I don't think it would be trivial (it's likely possible to some degree, but authentication and integrity checks might make it slightly more difficult), but the issue with this protocol is that you don't even need server…
I endorse continuous transcript consistency, but believe that TextSecure currently does not allow its users to benefit from it and that this should be resolved. I think mpOTR is irrelevant to this discussion. I hope…
Thanks for laying out your thought process, it's very helpful. > I pointed out that the protocol Cryptocat builds that UI on is so bad that you conceded downthread that you're building a new protocol --- you made that…
It really seems like you wrote this comment not to add anything to the conversation, but simply to discourage me from commenting. I really don't understand. I'm trying to be constructive here and I wish you'd join me.…
UI is absolutely a very difficult part of the problem, and here we see an example outlining this. Even a capable protocol still has problems if the UI fails to translate the capabilities into benefits and security…
My original comment was simply to point out a current problem in this protocol design. There are some ways one can deploy to make it more difficult for Alice to send different messages to Bob and Carol without being…
Thanks for agreeing to turn the discussion in a more constructive direction, Thomas. I agree that mpOTR is a dead end. The initial paper by Goldberg et al describes a protocol that is bulky and largely undefined. I…
I'm sorry, but I don't think your approach to this discussion is constructive. I hope TextSecure developers address my initial concern, and that's all for me.
I think TextSecure is an excellent and inspiring project. All I'm trying to do is identify an area of concern for me. I'm not sure why you're attacking me personally here. I think my initial point of concern stands and…
I'm quite certain that the current TextSecure chat allows my proposed scenario with Alice, Bob and Carol to go through without issue. This is the main problem here. So while transcript consistency is discussed in the…
Yes, per your quote, transcript consistency is discussed. But the discussion simply outlines problems with implementing it in their mobile use case — to my understanding the current version being offered to users…
The fact that transcript consistency is waved aside, despite being an essential property of a messaging protocol especially in a group context, is problematic, from my perspective. Consider a group chat between Alice,…
I disagree; I don't think your summary is accurate. This is an audit of a pre-release prototype. All the bugs were fixed before release, and our blog post at…
To be clear, I'm not trying to cast aspersions. As I've already stated, TextSecure is a great project that I strongly recommend. I'm trying to have a serious discussion regarding transparency of audits. I feel your…
Why isn't Moxie replying? Publishing an audit, with or without vulnerabilities, surely is beneficial to TextSecure. I don't understand their reticence to publish audits. We know OTF has commissioned at least two audits…
I was the person who wrote to OTF asking them to fund our audit. I have no idea if they require it — I'm always the one to initiate the process.
It's important to note that this audit was commissioned to evaluate a prototype build before release. It was expected to find bugs, and all bugs were fixed before release. I believe I take my job very seriously when I…
Hmm. Cryptocat was actually the first ever OTF project. I believe they've always asked for the publication of audits. What I'm curious about is, why don't other projects such as TextSecure publish their audits as well?…