+1 russ.
This is true of the dropbox daemon too. Are we to throw out DDs with dropboxd installed? Wine?
Gunnar Wolf <gwolf@gwolf.org> writes:
> Urgh...
> Well, please enlighten me here: Without fully auditing the _javascript_
> code you are using to do the crypto client-side, can you *really* be
> certain your private half has not travelled to Keybase?
If _javascript_ running in a browser has access to your GPG secret key
without you explicitly pasting it into the browser, I think you have
larger problems....
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
--
To UNSUBSCRIBE, email to debian-project-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: [🔎] 87d2gw4r3c.fsf@windlord.stanford.edu" target="_blank">https://lists.debian.org/[🔎] 87d2gw4r3c.fsf@windlord.stanford.edu