Fit-Anything8352 t1_j1gers3 wrote on December 24, 2022 at 3:27 AM

Reply to comment by wren337 in The Lastpass hack was worse than the company first reported by glawgii

I mean they physically can't implement the cipher in a way that allows for a backdoor, it wouldn't work(unless they are simply lying about how they encrypt the data I guess, but some quick reverse engineering of their app should figure out pretty easily if they aren't actually using AES-256).

That's why it's a good idea to use open source security tools though. You can read the source code to make sure there's no funny business going on.

Ioncannon t1_j1udcjv wrote on December 27, 2022 at 1:47 PM

I never understood this. Could they not just keep a secret branch that implements all the bad shit and they just merge the public main in from time to time?

Most people aren't compiling their own binaries.

[deleted] t1_j1if43v wrote on December 24, 2022 at 4:49 PM

[removed]