On Mon, Jun 16, 2014 at 09:00:24AM +0200, Öyvind Saether wrote: > > Ordinary people do not know this word "code" (especially open > > source). They believe that the piper calls the tune. And in fact it > > is very difficult to argue with such a statement without falling into > > the technical details ("code is open") > > "code is open" means NOTHING, so sorry - just look at OpenSSL. > > That "open code" is somehow safe is a completely false myth. It is very > easy to insert "bugs" that result in huge security holes into any "open > code" project and we have seen more than enough examples of this to > keep wearing blinders and pretend that "the code is available" means > that the code is safe.
Much easier insert backdoor into proprietary software. Even hide nothing/"nowhere" > > "code is audited" means a tiny bit more. I would really like to see > some truly independent audit. Such an audit could (like Tor itself) be > funded using cryptocurrencies like Bitcoin so that governments can not > easily prevent donations. Agreed 100%. Today it is more important than auditing TrueCrypt. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk