[liberationtech] Cryptography super-group creates unbreakable encryption
Nadim Kobeissi
nadim at nadim.cc
Tue Feb 19 13:39:03 PST 2013
On Tue, Feb 19, 2013 at 1:00 PM, Adam Fisk <a at littleshoot.org> wrote:
>
> There are just so many aspects that go into software licensing that I
> just don't draw that same line. If the goal is secure code, I again
> think the key is having an adequate number of capable people analyzing
> and dissecting that code on a constant basis. That can mean closed
> source code audits, and it can mean having a full time security team
> analyzing and improving the code at all times (Google, Facebook, many
> others) regardless of the software license. Open source is awesome,
> and I believe in it wholeheartedly, but I don't think if an
> organization doesn't open source their code they're automatically
> crazy and kicked out of the club.
>
Just a small clarification here: Trust via policy or word-of-mouth is not
the same as trust via source code review. "We're secure, trust us" is not
the same as "we're secure, see for yourself." So they're not "automatically
crazy", but they're just saying "trust us" instead of "see for yourself",
which I believe is not enough.
>
> -a
> --
> Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130219/b80e326d/attachment.html>
More information about the liberationtech
mailing list