[liberationtech] issilentcircleopensourceyet.com
Greg Norcie
greg at norcie.com
Tue Nov 6 11:23:37 PST 2012
Nadim,
I am aware of your blog post - especially since this is the third time
you have posted it in this thread :)
I am simply cautioning you that you could be creating the appearance of
a bias.
--
Greg Norcie (greg at norcie.com)
GPG key: 0x1B873635
On 11/6/12 2:13 PM, Nadim Kobeissi wrote:
> Greg,
> I don't intend to be anonymous. Why would I? I intend for Silent Circle
> to open their source code for review, because as it stands they are
> being dangerous to the methodology of security software development. I
> have already written a blog post about this under my own
> name: http://log.nadim.cc/?p=89
>
>
> NK
>
>
> On Tue, Nov 6, 2012 at 2:11 PM, Greg Norcie <greg at norcie.com
> <mailto:greg at norcie.com>> wrote:
>
> Nadim,
>
> You are correct - the website (nor the whois) mention you. But your post
> on this mailing list does.
>
> You seem like a very intelligent guy - if you had intended this to be an
> anonymous critique, I doubt you'd have used your real name to post the
> link :)
> --
> Greg Norcie (greg at norcie.com <mailto:greg at norcie.com>)
> GPG key: 0x1B873635
>
> On 11/6/12 2:06 PM, Nadim Kobeissi wrote:
> > Greg,
> > The website does not mention me at all, it's purely meant as a
> complaint
> > against Silent Circle's policy. I've already written a lengthy post
> > regarding Silent Circle (http://log.nadim.cc/?p=89) and yet have
> > received no reply.
> >
> >
> > NK
> >
> >
> > On Tue, Nov 6, 2012 at 2:04 PM, Greg Norcie <greg at norcie.com
> <mailto:greg at norcie.com>
> > <mailto:greg at norcie.com <mailto:greg at norcie.com>>> wrote:
> >
> > Nadim
> >
> > I understand your position, but actions like this website
> won't help
> > your cause.
> >
> > Can you understand how actions like setting up this web site
> might be
> > viewed as a way to call attention to oneself, rather than
> champion the
> > (respectable) ideals of the open source movement?
> > --
> > Greg Norcie (greg at norcie.com <mailto:greg at norcie.com>
> <mailto:greg at norcie.com <mailto:greg at norcie.com>>)
> > GPG key: 0x1B873635
> >
> > On 11/6/12 1:53 PM, Nadim Kobeissi wrote:
> > > Ali,
> > > The issue is trust. Security software verifiability should
> not have to
> > > depend on Silent Circle (or who they hire to audit, for example
> > Veracode.)
> > >
> > >
> > > NK
> > >
> > >
> > > On Tue, Nov 6, 2012 at 1:51 PM, Ali-Reza Anghaie
> > <ali at packetknife.com <mailto:ali at packetknife.com>
> <mailto:ali at packetknife.com <mailto:ali at packetknife.com>>
> > > <mailto:ali at packetknife.com <mailto:ali at packetknife.com>
> <mailto:ali at packetknife.com <mailto:ali at packetknife.com>>>> wrote:
> > >
> > > Nobody would dispute that - that's not quite the same
> thing as
> > FOSS
> > > default positions or some of the other criticisms.
> > >
> > > For example, I'd contend a paid Veracode audit would in all
> > > likelihood be better than any typical FOSS audit. Had they
> > done that
> > > (heck, they might have but I doubt it) and still
> announced the
> > > intent of opening the codebase - I wager that would not have
> > stopped
> > > the criticism.
> > >
> > > It appears to be a deep-seeded cultural divide more than any
> > of the
> > > other factors combined.
> > >
> > > -Al
> > >
> > >
> > >
> > > On Tue, Nov 6, 2012 at 1:43 PM, Yosem Companys
> > > <companys at stanford.edu <mailto:companys at stanford.edu>
> <mailto:companys at stanford.edu <mailto:companys at stanford.edu>>
> > <mailto:companys at stanford.edu <mailto:companys at stanford.edu>
> <mailto:companys at stanford.edu <mailto:companys at stanford.edu>>>> wrote:
> > >
> > > Security audits are always important, especially
> when people's
> > > lives are at risk.
> > >
> > > On Tue, Nov 6, 2012 at 10:37 AM, Nadim Kobeissi
> > <nadim at nadim.cc
> > > <mailto:nadim at nadim.cc <mailto:nadim at nadim.cc>
> <mailto:nadim at nadim.cc <mailto:nadim at nadim.cc>>>> wrote:
> > >
> > > Hi Ali,
> > > There is no "agenda," and there needn't be one
> if you
> > are to
> > > critique security software. No need to be so
> aggressive.
> > > My qualms against Silent Circle are detailed
> > > here: http://log.nadim.cc/?p=89
> > >
> > >
> > > NK
> > >
> > >
> > >
> > > On Tue, Nov 6, 2012 at 1:34 PM, Ali-Reza Anghaie
> > > <ali at packetknife.com
> <mailto:ali at packetknife.com> <mailto:ali at packetknife.com
> <mailto:ali at packetknife.com>>
> > <mailto:ali at packetknife.com <mailto:ali at packetknife.com>
> <mailto:ali at packetknife.com <mailto:ali at packetknife.com>>>> wrote:
> > >
> > > Seriously - what's your agenda?
> > >
> > > Where are the domains for the other tens of
> providers
> > > who charge arms and legs based on closed
> protocols
> > even?
> > >
> > > What's the nit with Silent Circle specifically?
> > Because
> > > they're accessible? Because it's easier to use?
> > Because
> > > the founders have good track records of
> standing up to
> > > Government too?
> > >
> > > Being absolutist about everything isn't
> helping anyone
> > > who ~needs~ it - it's a privilege of the "haves"
> > that we
> > > can have these conversations over and over
> again.
> > >
> > > Shouldn't we have taken the "fight" to
> carriers, Apple
> > > iOS T&Cs, etc. harder and longer ago? And why do
> > we keep
> > > expecting private entities to fight our
> Government
> > > battles for us? It's a losing proposition and
> > increases
> > > the costs-per-individual to untenable levels
> when
> > we mix
> > > absolutely all their enterprise with civil
> liberty
> > issues.
> > >
> > > There has got to be a better way than this
> ridiculous
> > > trolling and bickering. Someone? Anyone?
> > >
> > > Again, seriously, what's the agenda against
> Silent
> > > Circle specifically?
> > >
> > > -Ali
> > >
> > >
> > >
> > > On Tue, Nov 6, 2012 at 1:20 PM, Nadim Kobeissi
> > > <nadim at nadim.cc <mailto:nadim at nadim.cc
> <mailto:nadim at nadim.cc>
> > <mailto:nadim at nadim.cc <mailto:nadim at nadim.cc>>>> wrote:
> > >
> > > http://issilentcircleopensourceyet.com/
> > >
> > > NK
> > >
> > > --
> > > Unsubscribe, change to digest, or change
> password
> > > at:
> > >
> > https://mailman.stanford.edu/mailman/listinfo/liberationtech
> > >
> > >
> > >
> > > --
> > > Unsubscribe, change to digest, or change
> password at:
> > >
> > https://mailman.stanford.edu/mailman/listinfo/liberationtech
> > >
> > >
> > >
> > > --
> > > Unsubscribe, change to digest, or change
> password at:
> > >
> > https://mailman.stanford.edu/mailman/listinfo/liberationtech
> > >
> > >
> > >
> > > --
> > > Unsubscribe, change to digest, or change password at:
> > >
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> > >
> > >
> > >
> > > --
> > > Unsubscribe, change to digest, or change password at:
> > > https://mailman.stanford.edu/mailman/listinfo/liberationtech
> > >
> > >
> > >
> > >
> > > --
> > > Unsubscribe, change to digest, or change password at:
> > https://mailman.stanford.edu/mailman/listinfo/liberationtech
> > >
> > --
> > Unsubscribe, change to digest, or change password at:
> > https://mailman.stanford.edu/mailman/listinfo/liberationtech
> >
> >
> >
> >
> > --
> > Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> >
> --
> Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>
>
>
> --
> Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
More information about the liberationtech
mailing list