(no subject)
Jul. 18th, 2012 05:29 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
unbibiumI've been messing around with scrambls and annoying people on facebook with it. so far I've discovered a few things that trouble me a little.
First, the double-@-sign bit doesn't work with LJ's rich text editor: @@derp@@. if I switch to HTML it will, like in my last post.
More troubling is that I can retroactively change the access group of any message, no matter where I post it. This tells me that the decryption isn't completely client-side; your browser will at least have to phone home to determine the current access group of the message. So, strictly speaking, you do not have anonymity when you read messages; scrambls' servers know which account is reading which message. But it also implies that every message is encrypted under a different key, which might make it harder to break the encryption.
It admits it's "social" security, meaning it's better for personal use than for overthrowing the Syrian government. But anyone I know who cares enough about encryption to install a plugin, probably cares a lot about anonymity too.
First, the double-@-sign bit doesn't work with LJ's rich text editor: @@derp@@. if I switch to HTML it will, like in my last post.
More troubling is that I can retroactively change the access group of any message, no matter where I post it. This tells me that the decryption isn't completely client-side; your browser will at least have to phone home to determine the current access group of the message. So, strictly speaking, you do not have anonymity when you read messages; scrambls' servers know which account is reading which message. But it also implies that every message is encrypted under a different key, which might make it harder to break the encryption.
It admits it's "social" security, meaning it's better for personal use than for overthrowing the Syrian government. But anyone I know who cares enough about encryption to install a plugin, probably cares a lot about anonymity too.
