Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Moxie Marlinspike is working with them on their implementation of a more secure SMS app[1]. It's based on his previous secure SMS app I believe[2]. While I'm not sure I would use their CM Account¤ (also optional), the source[3] for the website mentioned in the article is up on their Github for anyone to critique. Site repo only appears to be the frontend though.

[1] http://www.cyanogenmod.org/blog/cyanogenmod-account

[2] https://whispersystems.org/

[3] https://github.com/CyanogenMod/CMAccountWebsite

¤ They're using encryption on the front end in JavaScript and that has me a bit worried if that is what they're solely relying on:

https://github.com/CyanogenMod/CMAccountWebsite/tree/master/...

http://www.matasano.com/articles/javascript-cryptography/

http://rdist.root.org/2010/11/29/final-post-on-javascript-cr...

https://news.ycombinator.com/item?id=4549504

https://news.ycombinator.com/item?id=2933730

https://news.ycombinator.com/item?id=2723332

https://news.ycombinator.com/item?id=6354883



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: