[Trisquel-users] Re : LibreBin - Share any text securely

magicbanana at gmail.com magicbanana at gmail.com
Wed Aug 27 00:51:58 CEST 2014


The user should be warned about the shortcomings of the tool. If the key is  
sent to the server, the attacker only needs to sniff the traffic at the  
entrance of the server and nothing actually is secret to her.

If the key is not send, the attacker could still see what IP is sending the  
text and then sniff the traffic going out of it. The user who send the key  
unencrypted via Internet (in an email, via XMPP, etc.) is screwed as well.

But, then, if the user sends the key in an encrypted way (or give it in  
person) then she could have send the message instead! I guess the user could  
use Tor so that the attacker cannot know her IP... but she is not a lambda  
user anymore!

In the end, and unless I missed something, I do not see a use-case for this  
service.


More information about the Trisquel-users mailing list