Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Do you know of any publicized auditing done on the E2E aspect of it? Curious about that since it's part of the name and a prominent publicized feature.


I'm from the CryptPad team

There is our white paper on the security features of CryptPad: https://blog.cryptpad.org/2023/02/02/Whitepaper/

In terms of audits, we don't have the funding for formal audits but a couple years ago the European Community paid a bug bounty https://commission.europa.eu/news/european-commissions-open-...

We received some interesting reports but not as much on the cryptography than on web related issues

Ludovic


Thanks. Isn't vouching for other online instances a bit risky? Wouldn't you have to constantly verify the source is unmodified in an automated fashion for those instances you don't control?


Interesting point. We should add some warnings about this.

Ludovic, from the CryptPad team.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: