Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] issilentcircleopensourceyet.com

Greg Norcie greg at norcie.com
Tue Nov 6 11:23:37 PST 2012


Nadim,

I am aware of your blog post - especially since this is the third time
you have posted it in this thread :)

I am simply cautioning you that you could be creating the appearance of
a bias.
--
Greg Norcie (greg at norcie.com)
GPG key: 0x1B873635

On 11/6/12 2:13 PM, Nadim Kobeissi wrote:
> Greg,
> I don't intend to be anonymous. Why would I? I intend for Silent Circle
> to open their source code for review, because as it stands they are
> being dangerous to the methodology of security software development. I
> have already written a blog post about this under my own
> name: http://log.nadim.cc/?p=89
> 
> 
> NK
> 
> 
> On Tue, Nov 6, 2012 at 2:11 PM, Greg Norcie <greg at norcie.com
> <mailto:greg at norcie.com>> wrote:
> 
>     Nadim,
> 
>     You are correct - the website (nor the whois) mention you. But your post
>     on this mailing list does.
> 
>     You seem like a very intelligent guy - if you had intended this to be an
>     anonymous critique, I doubt you'd have used your real name to post the
>     link :)
>     --
>     Greg Norcie (greg at norcie.com <mailto:greg at norcie.com>)
>     GPG key: 0x1B873635
> 
>     On 11/6/12 2:06 PM, Nadim Kobeissi wrote:
>     > Greg,
>     > The website does not mention me at all, it's purely meant as a
>     complaint
>     > against Silent Circle's policy. I've already written a lengthy post
>     > regarding Silent Circle (http://log.nadim.cc/?p=89) and yet have
>     > received no reply.
>     >
>     >
>     > NK
>     >
>     >
>     > On Tue, Nov 6, 2012 at 2:04 PM, Greg Norcie <greg at norcie.com
>     <mailto:greg at norcie.com>
>     > <mailto:greg at norcie.com <mailto:greg at norcie.com>>> wrote:
>     >
>     >     Nadim
>     >
>     >     I understand your position, but actions like this website
>     won't help
>     >     your cause.
>     >
>     >     Can you understand how actions like setting up this web site
>     might be
>     >     viewed as a way to call attention to oneself, rather than
>     champion the
>     >     (respectable) ideals of the open source movement?
>     >     --
>     >     Greg Norcie (greg at norcie.com <mailto:greg at norcie.com>
>     <mailto:greg at norcie.com <mailto:greg at norcie.com>>)
>     >     GPG key: 0x1B873635
>     >
>     >     On 11/6/12 1:53 PM, Nadim Kobeissi wrote:
>     >     > Ali,
>     >     > The issue is trust. Security software verifiability should
>     not have to
>     >     > depend on Silent Circle (or who they hire to audit, for example
>     >     Veracode.)
>     >     >
>     >     >
>     >     > NK
>     >     >
>     >     >
>     >     > On Tue, Nov 6, 2012 at 1:51 PM, Ali-Reza Anghaie
>     >     <ali at packetknife.com <mailto:ali at packetknife.com>
>     <mailto:ali at packetknife.com <mailto:ali at packetknife.com>>
>     >     > <mailto:ali at packetknife.com <mailto:ali at packetknife.com>
>     <mailto:ali at packetknife.com <mailto:ali at packetknife.com>>>> wrote:
>     >     >
>     >     >     Nobody would dispute that - that's not quite the same
>     thing as
>     >     FOSS
>     >     >     default positions or some of the other criticisms.
>     >     >
>     >     >     For example, I'd contend a paid Veracode audit would in all
>     >     >     likelihood be better than any typical FOSS audit. Had they
>     >     done that
>     >     >     (heck, they might have but I doubt it) and still
>     announced the
>     >     >     intent of opening the codebase - I wager that would not have
>     >     stopped
>     >     >     the criticism.
>     >     >
>     >     >     It appears to be a deep-seeded cultural divide more than any
>     >     of the
>     >     >     other factors combined.
>     >     >
>     >     >     -Al
>     >     >
>     >     >
>     >     >
>     >     >     On Tue, Nov 6, 2012 at 1:43 PM, Yosem Companys
>     >     >     <companys at stanford.edu <mailto:companys at stanford.edu>
>     <mailto:companys at stanford.edu <mailto:companys at stanford.edu>>
>     >     <mailto:companys at stanford.edu <mailto:companys at stanford.edu>
>     <mailto:companys at stanford.edu <mailto:companys at stanford.edu>>>> wrote:
>     >     >
>     >     >         Security audits are always important, especially
>     when people's
>     >     >         lives are at risk.
>     >     >
>     >     >         On Tue, Nov 6, 2012 at 10:37 AM, Nadim Kobeissi
>     >     <nadim at nadim.cc
>     >     >         <mailto:nadim at nadim.cc <mailto:nadim at nadim.cc>
>     <mailto:nadim at nadim.cc <mailto:nadim at nadim.cc>>>> wrote:
>     >     >
>     >     >             Hi Ali,
>     >     >             There is no "agenda," and there needn't be one
>     if you
>     >     are to
>     >     >             critique security software. No need to be so
>     aggressive.
>     >     >             My qualms against Silent Circle are detailed
>     >     >             here: http://log.nadim.cc/?p=89
>     >     >
>     >     >
>     >     >             NK
>     >     >
>     >     >
>     >     >
>     >     >             On Tue, Nov 6, 2012 at 1:34 PM, Ali-Reza Anghaie
>     >     >             <ali at packetknife.com
>     <mailto:ali at packetknife.com> <mailto:ali at packetknife.com
>     <mailto:ali at packetknife.com>>
>     >     <mailto:ali at packetknife.com <mailto:ali at packetknife.com>
>     <mailto:ali at packetknife.com <mailto:ali at packetknife.com>>>> wrote:
>     >     >
>     >     >                 Seriously - what's your agenda?
>     >     >
>     >     >                 Where are the domains for the other tens of
>     providers
>     >     >                 who charge arms and legs based on closed
>     protocols
>     >     even?
>     >     >
>     >     >                 What's the nit with Silent Circle specifically?
>     >     Because
>     >     >                 they're accessible? Because it's easier to use?
>     >     Because
>     >     >                 the founders have good track records of
>     standing up to
>     >     >                 Government too?
>     >     >
>     >     >                 Being absolutist about everything isn't
>     helping anyone
>     >     >                 who ~needs~ it - it's a privilege of the "haves"
>     >     that we
>     >     >                 can have these conversations over and over
>     again.
>     >     >
>     >     >                 Shouldn't we have taken the "fight" to
>     carriers, Apple
>     >     >                 iOS T&Cs, etc. harder and longer ago? And why do
>     >     we keep
>     >     >                 expecting private entities to fight our
>     Government
>     >     >                 battles for us? It's a losing proposition and
>     >     increases
>     >     >                 the costs-per-individual to untenable levels
>     when
>     >     we mix
>     >     >                 absolutely all their enterprise with civil
>     liberty
>     >     issues.
>     >     >
>     >     >                 There has got to be a better way than this
>     ridiculous
>     >     >                 trolling and bickering. Someone? Anyone?
>     >     >
>     >     >                 Again, seriously, what's the agenda against
>     Silent
>     >     >                 Circle specifically?
>     >     >
>     >     >                 -Ali
>     >     >
>     >     >
>     >     >
>     >     >                 On Tue, Nov 6, 2012 at 1:20 PM, Nadim Kobeissi
>     >     >                 <nadim at nadim.cc <mailto:nadim at nadim.cc
>     <mailto:nadim at nadim.cc>
>     >     <mailto:nadim at nadim.cc <mailto:nadim at nadim.cc>>>> wrote:
>     >     >
>     >     >                     http://issilentcircleopensourceyet.com/
>     >     >
>     >     >                     NK
>     >     >
>     >     >                     --
>     >     >                     Unsubscribe, change to digest, or change
>     password
>     >     >                     at:
>     >     >
>     >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>     >     >
>     >     >
>     >     >
>     >     >                 --
>     >     >                 Unsubscribe, change to digest, or change
>     password at:
>     >     >
>     >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>     >     >
>     >     >
>     >     >
>     >     >             --
>     >     >             Unsubscribe, change to digest, or change
>     password at:
>     >     >
>     >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>     >     >
>     >     >
>     >     >
>     >     >         --
>     >     >         Unsubscribe, change to digest, or change password at:
>     >     >        
>     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>     >     >
>     >     >
>     >     >
>     >     >     --
>     >     >     Unsubscribe, change to digest, or change password at:
>     >     >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>     >     >
>     >     >
>     >     >
>     >     >
>     >     > --
>     >     > Unsubscribe, change to digest, or change password at:
>     >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>     >     >
>     >     --
>     >     Unsubscribe, change to digest, or change password at:
>     >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>     >
>     >
>     >
>     >
>     > --
>     > Unsubscribe, change to digest, or change password at:
>     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>     >
>     --
>     Unsubscribe, change to digest, or change password at:
>     https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> 
> 
> 
> --
> Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 



More information about the liberationtech mailing list