[liberationtech] Heml.is - "The Beautiful & Secure Messenger"

Wed Jul 10 12:30:06 PDT 2013

Hemlis have posted the answer to whether they will open source their app:

"Will it be Open Source?
We have all intentions of opening up the source as much as possible for scrutiny and help! What we really want people to understand however, is that Open Source in itself does not guarantee any privacy or safety. It sure helps with transparency, but technology by itself is not enough. The fundamental benefits of Heml.is will be the app together with our backend infrastructure, which is what really makes the system interesting and secure." — https://heml.is/

I'm sort of infamous by now for the fusses I make regarding the importance of open-sourcing security software. I'm pretty sure people are tired of me so I'm going to be quiet. But it's clear to me that Hemlis's answer is not the right answer.

NK

On 2013-07-10, at 10:29 AM, Albert López <newbiesworld at hotmail.com> wrote:

> 
> Hello Wasabee,
> 
> I've used TextSecure but I found that it's like sending encrypted SMS, therefore you have the consequent cost associated to it. I don't know ifHeml.is will be a kind of secure whatsapp or if it will have the same approach of TextSecure.
> 
> Correct me if I'm wrong with the SMS stuff. It was what I thought once I received my bill.
> 
> 
> 
> 
> gpg --keyserver pgp.mit.edu --search-keys EEE5A447
> http://pgp.mit.edu:11371/pks/lookup?search=0xEEE5A447&op=vindex
> 
> 
> 
> Date: Wed, 10 Jul 2013 14:31:53 +0100
> From: wasabee18 at gmail.com
> To: liberationtech at lists.stanford.edu
> Subject: Re: [liberationtech] Heml.is - "The Beautiful & Secure Messenger"
> 
> https://whispersystems.org/ already has an open-source secure messaging, voice and more.
> Has anyone reviewed their code?
> Does anyone use it?
> Why not build on top of it?
> 
> 
> On 10/07/13 14:07, Nick wrote:
> noone said it would be closed source. That's peoples guess. Like, your guess, I guess.
> 
> According to their twitter account, the answer is "maybe":
> 
> https://twitter.com/HemlisMessenger/statuses/354927721337470976
> 
> 
> Peter Sunde (one of the people behind it) said "eventually", but
> in my experience promises like that tend to be broken:
> 
> https://twitter.com/brokep/status/354608029242626048
> 
> 
> 
> and the feature 'unlocking' aspect of the project - to be indication of a
> proprietary code base.
> 
> Frankly I can't see how they could get the "feature unlock" funding
> stuff to work well if it's proper open source. As I'd expect people
> to fork it to remove such antifeatures. It's a pity, as several new
> funding models have been successful recently which are compatible with
> free software, but this doesn't look to be one of them.
> --
> Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at 
> companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> 
> -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
> --
> Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech