Kim Dotcom resigns as Mega director(couriermail.com.au) |
Kim Dotcom resigns as Mega director(couriermail.com.au) |
Assume that every single thing he does has the end goal of defrauding someone for his personal gain, and you won't be disappointed.
Sync apps on android is already launched. iOS and desktop client coming soon. They have launched an SDK which helps developers build apps based on Mega storage layer.
The whole cookie thing is just people flying off the handle anyway. One person put a warning so now everybody else does too.
It's not an insurmountable problem though, I would like to see an attempt at solving it (a browser extension would be required, but arguably you could have much greater transparency in updates than even most package managed apps if you used readable JS).
But above is just a nuance. I agree on the basic idea when it comes to Javascript you run in the browser, it is a lost battle - unless I get a SHA256 of every version of every javascript library and compare to that, and disallow other unreadable (random emscripten junk) scripts on random pages you visit while browsing. That is why I have NoScript installed, and only allow handpicked sites to run javascript in the browser.
If only we would have had the declarative approach (I still am a little grumpy that the browser makers abandoned W3C and the far better designed declarative technology XHTML2 + XForms to pursue what is now HTML5).
A stupid/malicious designer will always exploit features of a language to reduce/eliminate the security of the entire system.
Don't be hating on js for the sake of hating on js!
It's broken by design, it's not a flaw of js per se.
That's why they created the browser extension. It might even come signed. At least you can read the source in plain text, unlike a compiled binary.
Some environments are very hard for cryptography. Javascript in the browser is inherently tricky for cryptography.
If you are interested in the rationale, and how you can use technologies like DANE to make it even better, read the paper by Gabor Toth and Tjebbe Vlieg (http://staff.science.uva.nl/~delaat/rp/2012-2013/p56/report....).