Hacker News new | past | comments | ask | show | jobs | submit login

I agree that overselling the security of any product is bad - it should generally be considered defective to begin with. I can't even find enough information about Safeplug to begin analyzing their security as they don't provide any link to the source code, build process or any documentation. There's no way I could recommend this to anybody.

Also, on TLS, you will not be perfectly secure, and I think it's dangerous to consider yourself secure against a state-sponsored actor by using it. TLS has quite a large surface area for attack in its current form - The PKI. If you're going to take paranoid precautions, it's probably best to assume one or more CAs are rogue/compromised already (or that they could become so at any time).




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: