[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Email provider for privacy-minded folk


On 14.02.2013 11:42, adrelanos wrote:
> What if Hushmail (or any other mail provider) had recommended the user
> to install a browser add-on to do encryption locally?
> Could they get forced to convince the user to install a malicious
> browser add on, on request by law enforcement?

Most likely. Why not?

"My" way would be to produce the browser addon independently from
offering mail services. The mail provider would then just be
recommending the "third-party" addon -- even if the addon is made
specifically for that service (or web interface).

Browser plugins for en/decryption were often discussed here and you
should be aware of their issues. In short, you cannot create a safe
en/decryption plugin and at the same time have high usability.

Moritz Bartl
tor-talk mailing list