[tor-bugs] #7085 [Tor bundles/installation]: Integrate Cryptocat Browser Extension into Tor Browser Bundle

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Feb 14 08:26:26 UTC 2013 

#7085: Integrate Cryptocat Browser Extension into Tor Browser Bundle
--------------------------------------+-------------------------------------
 Reporter:  kaepora                   |          Owner:  erinn                        
     Type:  enhancement               |         Status:  new                          
 Priority:  normal                    |      Milestone:  TorBrowserBundle 2.2.x-stable
Component:  Tor bundles/installation  |        Version:  Tor: unspecified             
 Keywords:                            |         Parent:                               
   Points:                            |   Actualpoints:                               
--------------------------------------+-------------------------------------

Comment(by mikeperry):

 Replying to [comment:35 kaepora]:
 > Replying to [comment:34 mikeperry]:
 > > I've also been wondering if your CSIS encounter counts as another code
 review.
 >
 > Frankly, there are so many unknown unknowns with that weird story that
 I'm just trying as hard as possible to put it out of my life, revise and
 increase my security culture, and keep on with my work. Dwelling on that
 incident is just counter-productive and frustrating.

 Yeah, I remember that part. Don't worry, it gets better.

 > > As soon as the TBB-stable FF17 transition is over, I think we can at
 least try out CryptoCat in the next TBB-alpha and see what happens. If you
 never hear from me again after this, assume you have my blessing ;).
 >
 > Amazing! Should we stay in close contact as this progresses? Maybe I
 should add you on GTalk or XMPP?

 This is sort of a bootstrap problem, isn't it? :)

 Targeted attacks are my main concern with both CryptoCat and Pidgin. I'm
 not exactly willing to dive right in myself and announce a public XMPP
 addr using either pidgin or CryptoCat at this point. I am hoping an alpha
 cycle will give us time to understand that threat in better detail for
 CryptoCat. I am also hoping that if the JS crypto implementations really
 are a problem, an alpha cycle will give us time to realize that and stub
 them out to C/C++ functions if necessary. For TBB, we can easily patch
 Firefox and add whatever libs we want, after all.

 At any rate, #tor-dev on irc.oftc.net is best for realtime chat. 6697 is
 SSL.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7085#comment:36>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list