Re: ilocker
- From: Nomen Nescio <nobody@xxxxxxxxx>
- Date: Mon, 12 May 2008 18:20:04 +0200 (CEST)
me@xxxxxxxxxxx wrote:
Nomen Nescio wrote:
The site in question claims to use AES and encrypt client
side (JavaScript) by default,
Really? I looked at the websirte and didn't see any
technical details. I must have missed it -- where
did you find the above info?
I read the source code of their web pages for the most part. If you
go to their "create" page and do the same you'll see what I mean.
And encryption client side by default is discussed in their forums.
I guess phrasing it the way I did was misleading, but the script
names and usage clearly state AES, SHA, etc. So to my mind that's a
"claim" of using those algorithms. ;)
I also don't like the fact that they're vested in Google Analytics,
or that in spite of claiming not to keep any identifying
information they seem to say that they do in their forums. I
believe the wording was similar to "the same sort of logs you'll
see on any other web server". Which if you know anything about web
servers at all means precise time, IP or host information, and
exactly what you did.
.
- References:
- Re: ilocker
- From: me
- Re: ilocker
- Prev by Date: Re: ilocker
- Next by Date: Re: ilocker
- Previous by thread: Re: ilocker
- Next by thread: Re: ilocker
- Index(es):
