> It's funny how many arguments supporting Javascript crypto devolve to "but the world would be so much better if this stuff worked".

It's hilarious how you completely ignore the much more pressing issues in HTTPS that I've pointed out. The server can read plaintext in the case of HTTPS, which is mitigated in JS crypto; not to mention that things such as SSLStrip and the COMODO hack have put many chinks in HTTPS's armour - HTTPS is a technology that derives a lot of trust from being able to authenticate the server, whereas we've seen authorities such as China create entirely passable fake certs to fool dissidents.

If you are worried that China may own one of the root certs in your browser, remove the certs you don't trust. Hell, remove all the certs. Every mainstream browser allows you to do that. In most of them, you can even set up permanent exceptions for Amazon.com after you strip your certs out.

Meanwhile, HTTPS/TLS has over a decade of the most intensive study anywhere on the planet, and your favorite half-assed ad-hoc bespoke random "crypto-cat" scheme... does not.

What? I don't see how that's necessarily true. The crypto code can be verified and if it turns out to be fine, then the server shouldn't be able to read the plaintext "no matter what." That's silly.

> Hell, remove all the certs.

Is this seriously your solution?

> ...does not.

This borders on ad-homimen - under this logic, we should never strive to attempt creating new techniques but always rely on 10+year old ones. There will always be new techniques that need testing, and the fact that older ones exist is not sufficient to prevent the study and advancement of new research.

Yes. If you think China is intercepting your HTTPS traffic, remove all the root certs in your browser. Then browse to the key sites you're worried about protecting and create exceptions for each of them. China will not be able to use "fake certs" to intercept traffic to those servers.

Yes. In cryptosystems, 10+ years of study does count for a lot.

I'm truly sorry, I follow you on Twitter and actually really respect your opinion, but that's just nonsense. the HTML, CSS and JS can all be verified, either by a plugin or by researchers studying what the server is sending, or by a variety of other ways. This ultimatum you're giving is silly.

> Yes. If you think China is intercepting your HTTPS traffic, remove all the root certs in your browser. Then browse to the key sites you're worried about protecting and create exceptions for each of them. China will not be able to use "fake certs" to intercept traffic to those servers.

That is not a real solution.

> Yes. In cryptosystems, 10+ years of study does count for a lot.

Of course - I never suggested it didn't - but that doesn't mean that new research can't undergo and survive skepticism.

That is not a real solution.

Neither is YOUR FACE.

We don't write comments like this here.

Ref: https://news.ycombinator.com/item?id=2934523

Are you genuinely trying to be funny or is this OK coming from you on HN?

Sorry if this appears kvetchy, but clearly I need to get the rules around here straight before I open my mouth again.

You can use sslstrip or malicious trusted CAs to argue the imperfection of SSL/TLS as deployed by browsers and users, but it does not follow that that somehow makes Javascript browser crypto any less broken.

There are definitely major problems with HTTPS/TLS as a security system, but I think most of them are UI/UX issues.

What that means is we get a choice:

* Rebuild everything from scratch and spend 15+ years testing it back into reliability, or

* Rebuild just the UX for a protocol we otherwise known to be sound.

Trying to "fix" this by rolling your own ad-hoc encryption (while ignoring the authentication issue entirely) is completely missing the point.

This matters because you can literally write a HOWTO that my mom could follow to get a browser configured so that China can't snoop on (many of) your HTTPS connections. No code required.