[liberationtech] Heml.is - "The Beautiful & Secure Messenger"
Mitar
mmitar at gmail.com
Thu Jul 11 12:23:25 PDT 2013
Hi!
BTW. Even Tor has centralized directory servers. And it does not
really matter if the code there is open source or not, because you
anyway cannot know if they are really running some particular code
there or not.
Mitar
On Thu, Jul 11, 2013 at 12:17 PM, Mitar <mmitar at gmail.com> wrote:
> Hi!
>
> On Thu, Jul 11, 2013 at 6:25 AM, Albert López <newbiesworld at hotmail.com> wrote:
>> Ok, I understand what you mean. But why rely in a client-server approach
>> when you can achieve your goal with a peer to peer solution?
>
> Their answer is:
>
> "The way to make the system secure is that we can control the
> infrastructure. Distributing to other servers makes it impossible to
> give any guarantees about the security. We’ll have audits from trusted
> third parties on our platforms regularily, in cooperation with our
> community."
>
> Which is a bit hand-wavy if we assumed that server code can be closed
> source if client part is done well enough that you don't have to think
> about the server side and you still know that you are secure. :-)
>
> But my main and almost only argument was, that I think we should wait
> for a bit more concrete information before discarding the idea. At
> least I can imagine plausible ways to implement the system securely
> and having it known security properties while retaining part of it
> closed source and centralized. But we don't know much to make any real
> claims. What is interesting though, is that:
>
> "We are building Heml.is on top of proven technologies, such as XMPP with PGP."
>
>
> Mitar
>
> --
> http://mitar.tnode.com/
> https://twitter.com/mitar_m
--
http://mitar.tnode.com/
https://twitter.com/mitar_m
More information about the liberationtech
mailing list