[cryptography] If this isn't a honey-pot, it should be
marsh at extendedsubset.com
Wed Jun 15 13:39:53 EDT 2011
On 06/15/2011 12:00 PM, Jack Lloyd wrote:
> In fairness, this is no worse that downloading some random program off
> the internet and using it for the same purpose.
But it is. If you download a 'random' program off the internet it's
unlikely to have been targeted at you specifically.
Whereas for an online service the attacker learns your IP, geolocation,
exact time, etc. in association with the plaintext and then he has the
option of keeping your plaintext or weaken your ciphertext at the time
you perform the encryption.
Note that this site is sourcing Google analytics.
> At least here the
> worst case is basically that someone gets your plaintext (and later
> extorts you when you want the plaintext back), vs rootkiting your
> machine when you run that proggie as Admin.
Rootkits are bad, but at least it's happening on your machine and your
network where you can observe, isolate, and wipe it.
More information about the cryptography