[pp.int.general] MeowCat, a new internet messaging platform

Thu Jul 19 06:24:24 CEST 2012

On Tue, Jul 17, 2012 at 11:52:43PM -0400, Richard Stallman wrote:
>     yes, that's why we might not have true privacy on the internet
>     for decades to come. there will always be an attack vector
>     written in javascript.
> 
> Unless you block Javascript.
> 
> The LibreJS program blocks nontrivial Javascript unless it carries
> a free license.  But it could block certain activities unconditionally.
> Is it possible to identify which Javascript operations are needed
> in order for Javascript to be malicious?

Hello again, Richard.

Well, in this case the failure can happen by *leaving out* the
Javascript. Imagine the web applcation the user tends to trust
for private messaging usually has a SEND button that executes
the end-to-end encryption, then passes the message to the
server for store-and-forward. If the server was compromised or
a SSL-level MITM is successful, then an HTML code can be provided
that simply *leaves out* the encryption onClick/onSubmit, thus
transmitting the message to the server in the clear - and since
it's still in an https tunnel you wouldn't even figure that out
easily.

So even just the HTML can play you tricks. Only if the entire
web app with all its components is "signed" and ideally no longer
updated over the web for security, then you can presume that it 
will do what it did last week. So far it was essential to web
apps that if the software provider updates it, it does something
different from last week.

So if you're effectively going to install a web app statically
on your device, something Globaleaks intends to do if I'm not
mistaken, you're pretty close to dealing with a traditional
software installation. You might as well do it by apt-get install
then.

If you're doing a software installation of a tool for highly
secured private communications, you're probably better served
with something that doesn't depend on somebody's server - because
most people do not own their own servers, and their best friend's
servers are exactly the ones they may want to hide their secrets
from. Think girls and their boyfriend's server. They'd rather use
Facebook, and they do.

So it boils down to having your own little Internet router for
private messaging on your own device, a bit like sendmail was
originally intended, but dynamic IPs and NAT and ADSL spoiled it.