Tuesday, August 21, 2012

JavaScript cryptography considered harmful?

After coming across an article from Matasano Security titled, "JavaScript Cryptography Considered Harmful," I decided to submit a question to the Security Now podcast to get a second opinion on the security of JavaScript cryptography. Here is Steve Gibson's take on the question of secure JavaScript cryptography in episode 365 of his podcast:

video

Matasano Security seems to be assuming a different use case than I'm interested in. They assume one wants to use JavaScript cryptography as a substitute for SSL/TLS, while I'm more concerned with secure storage of data in the cloud.

No comments:

Post a Comment