skylab/MasterPassword
2
0
Fork 0
Code Releases Activity

Add fallback in case the video doesn't work.

Browse Source
This commit is contained in:
Maarten Billemont
2014-10-06 23:30:41 -04:00
parent 480e7f192a
commit 979d3a2a5a
5 changed files with 40 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Site/2013-05/what.html
View File

@@ -158,9 +158,11 @@
<p>A very valid question, and arguably the most important one to ask!</p>
<p>Trust is a very difficult thing to guarantee. Powerful entities will sollicit your trust by appearing with it and coming well recommended. Trust can also be assured by legalese or contracts. If you have the means and energy to hold an entity responsible for his claims and actions, this might be sufficient for you.</p>
<p>Most of us mere mortals cannot affort this level of trust enforcement, however. We're mostly left in the position of trusting claims blindly, in the hopes that companies will not violate those claims for fear of taking a seizable public-relations hit.</p>
<p>I propose that none of these forms of trust are sufficient adequate.<br />
In fact, Master Password is what it is because it aims to avoid any requirement of trust in the solution's author. Master Password requires no services or proprietary storage format. I've published Master Password's algorithm for you to inspect and licensed to you the full source code to the implementations for you to use.</p>
<p>What that gives you, is the ability to either inspect and learn how Master Password works or to take this information to a professional (be it an academic, mathematician or payed developer) and have him do this for you.
<h3>I propose that none of these forms of trust are sufficient adequate.</h3>
<p>In fact, Master Password is what it is because it aims to avoid any requirement of trust in the solution's author. Master Password requires no services or proprietary storage format. I've published Master Password's algorithm for you to inspect and licensed to you the full source code to the implementations for you to use.</p>
<p>What that gives you, is the ability to either inspect and learn how Master Password works or to take this information to a professional (be it an academic, mathematician or payed developer) and have him do this for you.</p>
<p>While at first glimpse, this may not seem terribly useful to you - particularly when you don't have the skillset to perform this verification yourself - but it's actually a pretty big deal to show your naked self as proof of having nothing to hide. If you want to go all the way, you could even build the application from scratch rather than rely on the binaries provided by our distributions.</p>
<p>This is the closest we can get to voiding any need for trust in Master Password, and it's more than you're likely to find in most other popular password solutions.</p>
</div>