Anyone who thinks that doing client side crypto (here's looking at you, StrongCoin developers) adds any safety or security doesn't know how JavaScript works.

I direct you to the excellent write-up on matasano.com, explaining clearly why doing crypto on the clientside is a waste of time:

http://www.matasano.com/articles/javascript-cryptography/

It's also worth noting that StrongCoin sources javascript from both Google -and- Twitter, enabling either of those organizations (or anyone who obtains a certificate for either of those organizations, or anyone if SSL is not used) to completely subvert this "secure" clientside crypto.