Search Mailing List Archives
[liberationtech] FB-like "Twitter-connect" soon. How can we avoid all this tracking?
Sarah A. Downey
sarah at getabine.com
Fri May 25 10:54:08 PDT 2012
Thanks for the thoughtful reply; it makes sense. I could provide you with
an objective, third-party review, like this
CNET, but it doesn't seem like it would make a difference if you can't
see the source. You make a good point about providing a license to independent
auditors. If you or anyone else reading this are interested in seeing the
DNT+ source with those use limitations, just email our CTO, Andy Sudbury,
at Andrew at GetAbine.com.
On Fri, May 25, 2012 at 12:37 PM, Eleanor Saitta <ella at dymaxion.org> wrote:
> On 2012.05.25 16.37, Sarah A. Downey wrote:
> > I'll respond to your "everything must be open source" statement,
> > although I'm fairly certain it won't have any effect on your opinion
> > that "closed" always equals "bad." And please keep in mind that we're
> > giving away a /free /add-on with /zero /tracking of or advertising to
> > its users.
> > It's an unnecessarily restrictive and self-handicapping position that
> > software /must /be open source to be useful for privacy. Plenty of open
> > source privacy tools have come and gone in the past because they aren't
> > sustainable without funding.
> > Our software does what it says, and it's designed to be simple enough
> > that the vast majority of Internet users--people who aren't coders or
> > particularly tech savvy--can use it.
> The problem here is that we don't trust you. It's nothing personal. We
> don't trust anyone, unless we can verify. If we can't see exactly what
> the tool does, we don't have a way of verifying what it does. This is
> critical normally, but much more important for tools that claim to
> provide privacy or security protection.
> There are a lot of ways around this. Open source is one of them.
> Providing source access to independent auditors under a license that
> does not restrict them from talking about what it does and how it does
> it is another.
> If you're not willing to be open about exactly how your tool protects my
> privacy, why should I trust that you got it right? No, I don't expect
> all users will check, or care, but some of us will, and we tell others
> what they should use.
> Privacy, like crypto, is *hard*. Would you trust someone who claimed to
> have a super-secure crypto algorithm that they wrote themselves that's
> never been peer reviewed? No. Why should we do it with a privacy tool?
> Ideas are my favorite toys.
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> Should you need to change your subscription options, please go to:
> If you would like to receive a daily digest, click "yes" (once you click
> above) next to "would you like to receive list mail batched in a daily
> You will need the user name and password you receive from the list
> moderator in monthly reminders. You may ask for a reminder here:
> Should you need immediate assistance, please contact the list moderator.
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
*Sarah A. Downey*
Privacy Analyst | Attorney
Abine, The Online Privacy Company
t: @SarahADowney | p: 800.928.1987
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the liberationtech