No. Download the iOS app for instance. It is very very old to what is available in the app store. So thee is no way to really verify the client either today.
Well, it is a client-side encryption app. If the encryption, public key authentication, etc. is being done well on the client, then the server's only purpose should be routing garbled ciphertext between users and managing things like login, etc.
In a social context, you make a very strong point.
Brace for business-based rationalizations as on why it's perfectly fine (HN is a YC marketing arm, he runs the website and can do whatever he wants, etc, etc).
If you're lucky, someone will start throwing around the word "entitled" to make you look like the bad guy just for expecting any standard of behavior from another that isn't exclusively profit focused.
> (HN is a YC marketing arm, he runs the website and can do whatever he wants, etc, etc).
HN is much more than a marketing arm — it's one of the most central forums for programmer discussions today. And this makes it YC's responsibility to treat it as such.
Is it really? Can't say I'd do differently. I'd bet the company will be reached by PG about it, despite the thread closing, because it was a near PR hit. If we're interested in a constructive process, then it would have only hurt them to make it a public ordeal.
EDIT: not allowed to reply to jacquesm, so putting it here:
Good points. I just don't think the community is that threatened by PG's moderation in this case. I know it looks bad, but sometimes the Internet can be a bit reactionary, so I can see why he tried to protect his company from a firestorm (like this) when it may not be substantiated.
As for the favoritism, well, it's YC's forum. It's mild enough that it doesn't really worry me.
Imo closing threads like that is a bigger PR hit, it makes both the start-up and HN (and by implication YC) look like they are ignoring feedback if it is public and negative. In a tech world where the norm seems to be that support is a luxury making some noise is sometimes the only way to get action (see countless threads regarding google on HN that did not get axed, implying a double standard) and in a conflict-of-interest situation letting these threads run their natural course would be to everybody's best interest.
Think of them as an opportunity to show that you do care about your customer, and that 'make something people want' is not just a hollow phrase, rather than to muzzle them and potentially adding insult to injury. If we're to believe what the OP wrote then PG's advice was especially bad given that he - by his own words, which I can't check but let's give the man the benefit of the doubt - had been trying to talk to the company for quite a while and turned to HN as a last-resort before suing them.
It is not, but there are reasons some people say that. Keep in mind this is a posting about jokes. By the way, someone managed to downvote the parent -- what a strange reaction to a joke! Kind of sad, really.
It's true that we don't have a research paper per se for the multiparty protocol, but we do have a specification document [1] as well as implementations in Objective-C, Java and JavaScript. The specification, as well as the implementations, have received both professional audits (from cryptographers) as well as community audits. The reason we don't have a research paper published is simply because we're working on one right now — a redesign of the multiparty protocol based on OTR. We have cryptographers on board from various Canadian universities and are organizing an internal forum to get them to collaborate on this. We expect publishable results by June 2014.
Regarding OTR, we actually switched to that 16 months ago — it's not exactly like we recently wisened up.
> as well as implementations in Objective-C, Java and JavaScript.
Factor the ObjC version out to plain C, and call into it from your Objective C implementation. Make the plain C version the canonical version. (Things like Emscripten may be useful here for your JS use-case.) This is how libotr does it, and for good reason.
Then, others can use it, and perhaps you will get meaningful free auditing. What you're doing now probably won't attract that because unless your bug bounty is six-figures, nobody competent will spend any significant amount of time auditing it because they have no incentive to do so.
I believe that we've been truly open source, transparent and accountable for our code since day one. There are other projects who are currently similarly open and transparent (I respect TextSecure for this,) but I can't say this is the standard in this field.
We've always solicited and compensated feedback from security enthusiasts, hobbyists and world-famous cryptographers alike. Over the past year, we've had the opportunity to grow into a product that examined what is fundamentally responsibly possible in the browser, and we've even landed ourselves as a primary use-case for the W3C's Web Cryptography working group. We've produced a true, responsible alternative for people who just don't know how to use anything more complicated than Facebook Chat, and we've made it clear that we are not trying to replace PGP or other iron-clad 30-year old solutions. We're trying to help mom and pop users.
We want to do things right. We are truly open source, truly honest, transparent and we take immediate steps for mitigation every time. We will continue to solicit audits and feedback for our more experimental browser client, but also hope to have a more grounded product in our upcoming Objective-C (iPhone) and Java (Android) apps.
Overcoming a bad reputation is extremely more difficult than keeping a good one. We have been less lucky than other projects. The fact that we used experimental platforms and coupled that with overly loud disclosure of all the failures those platforms lended us meant that we couldn't keep face as easily as other projects.
But that said, I can't but resent the continued accusation that after three years at this, myself and all other volunteers (a wide range) working on this haven't matured enough to know what we're doing, and haven't proven that we care very much to do it right. It's very relieving to hear that the community at HN can understand this and see that we have been proceeding responsibly for quite some time now.
> I can't but resent the continued accusation that after three years at this, myself and all other volunteers (a wide range) working on this haven't matured enough to know what we're doing, and haven't proven that we care very much to do it right.
The thing is, in the case of a significant percentage of people attempting crypto, it's not that they don't care, it's that they simply aren't capable of it. Jumblefucks like the telegram launch (which was too disorganised to be a clusterfuck, frankly) keep that fact fresh in everybody's mind.
What's interesting to note, though, is that people are now largely complaining about the fact that vulnerabilities have been found, rather than your response to them. I think maybe that's a more useful metric for how competently you're dealing with it than pure positive/negative response is, under the circumstances.
Isn't that how tech-centered controversies work? Especially in cryptography.