Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Deconstructing the security risks narrative of Haystack

Bram Cohen bram.cohen at
Sat Sep 18 13:12:06 PDT 2010

I feel like I'm raining on everybody's parade here, but the fact is that 
Haystack was taken down because it sucked. It had serious issues with 
deployment, implementation, and protocol design, all of which had obvious 
problems. It wasn't because it wasn't open (although that would have helped find 
the problems sooner) or because of any issue with the amount of work which had 
been put into it or the intentions of the authors, it was because of technical 

This is all very par for the course. Most crypto-related projects have similar 
issues, although usually they have the opportunity to improve and be good 
learning experiences for the authors without becoming a PR disaster. The 
difference with Haystack is that it got a huge amount of press of a form which 
was unwarranted, and was used (it is claimed) by people who urgently needed to 
keep their identity secret.


More information about the liberationtech mailing list