-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Aug 17, 2013, at 2:41 AM, ianG <i...@iang.org> wrote:
> So back to Silent Circle. One known way to achieve some control over their
> closed source replacement vulnerability is to let an auditor into their inner
> circle, so to speak.
One correction of fact:
Our source is not closed source. It's up on GitHub and has an non-commercial
BSD variant license, which I know isn't OSI, but anyone who wants to build,
use, and even distribute their verified version is free to do so.
Secondly, we have auditors in the mix. We are customers of Leviathan Security
and their "virtual security officer" program. They do regular code audits,
network audits, and are helping us create a software development lifecycle.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.2.0 (Build 1672)
Charset: us-ascii
wj8DBQFSD64VsTedWZOD3gYRAp5iAKDFiDEn9MyTMscvsuznSY5jS83SpACg41F3
WL8vRZBFo747yv4C1DfwFeA=
=FYfS
-----END PGP SIGNATURE-----
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
