Hi! On Thu, Jul 11, 2013 at 4:04 AM, Albert López <new...@overflowedminds.net> wrote: > And who says so? If nobody is able to assure that, why should I use the app? > I mean that I wouldn't base the security of my communications in my guesses. > And if you do so because of usability, you are fucked, man.
You could still check the code of the client app. (If my hypothesis that client code will be open source, but server code will not be. And that crypto will be happening on the client.) Additional note: I would like to see how they assure that what you have on the client is really the code which you checked. And how they will implement that the client code will also have payable addons. Maybe those addons will be sandboxed or something inside a trusted (open source) host (on the client). Or maybe the client will be completely open source, together with addons, and they will verify payment only on the server side. But then you have an issue of easier linking between user and its real identity. Hm hm hm. Tricky issues. :-) > It's not a matter of destroying an idea. It's a matter of giving your > opinion about the architectural bases of an idea... So what architectural information about the system do we *know*? Mitar -- http://mitar.tnode.com/ https://twitter.com/mitar_m -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech