Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] issilentcircleopensourceyet.com

Ali-Reza Anghaie ali at packetknife.com
Tue Nov 6 11:31:21 PST 2012


Nadim is biased - and that matters little IMO.

That puts him in the company of, oh, 100% of other professionals. ;-)

My complaint is that if there is an agenda, and I take him at his word for
what he wrote, are these repeated and targeted nits at an accessible and
usable player who does use standards, has good written policy, who does
have history on it's staff and founder's side, has "Government" blood on
its hands, etc. a ~good~ idea for the wider goals?

Or could Nadim, and others in his highly visible position, be a bit more
diplomatic and show potential support with the caveats that they will only
wait so long to see the promises fulfilled or to be engaged directly.

This isn't unique to Nadim, not by a long shot, as I noted earlier in
thread it's a cultural divide that I think continues to widen the gap
between the enablers and those most in need of solutions.

-Ali



On Tue, Nov 6, 2012 at 2:25 PM, Nadim Kobeissi <nadim at nadim.cc> wrote:

> Greg,
> If you can see anything that is biased in my blog post, please let me know
> so I can fix it ASAP.
>
>
> NK
>
>
>
> On Tue, Nov 6, 2012 at 2:23 PM, Greg Norcie <greg at norcie.com> wrote:
>
>> Nadim,
>>
>> I am aware of your blog post - especially since this is the third time
>> you have posted it in this thread :)
>>
>> I am simply cautioning you that you could be creating the appearance of
>> a bias.
>> --
>> Greg Norcie (greg at norcie.com)
>> GPG key: 0x1B873635
>>
>> On 11/6/12 2:13 PM, Nadim Kobeissi wrote:
>> > Greg,
>> > I don't intend to be anonymous. Why would I? I intend for Silent Circle
>> > to open their source code for review, because as it stands they are
>> > being dangerous to the methodology of security software development. I
>> > have already written a blog post about this under my own
>> > name: http://log.nadim.cc/?p=89
>> >
>> >
>> > NK
>> >
>> >
>> > On Tue, Nov 6, 2012 at 2:11 PM, Greg Norcie <greg at norcie.com
>> > <mailto:greg at norcie.com>> wrote:
>> >
>> >     Nadim,
>> >
>> >     You are correct - the website (nor the whois) mention you. But your
>> post
>> >     on this mailing list does.
>> >
>> >     You seem like a very intelligent guy - if you had intended this to
>> be an
>> >     anonymous critique, I doubt you'd have used your real name to post
>> the
>> >     link :)
>> >     --
>> >     Greg Norcie (greg at norcie.com <mailto:greg at norcie.com>)
>> >     GPG key: 0x1B873635
>> >
>> >     On 11/6/12 2:06 PM, Nadim Kobeissi wrote:
>> >     > Greg,
>> >     > The website does not mention me at all, it's purely meant as a
>> >     complaint
>> >     > against Silent Circle's policy. I've already written a lengthy
>> post
>> >     > regarding Silent Circle (http://log.nadim.cc/?p=89) and yet have
>> >     > received no reply.
>> >     >
>> >     >
>> >     > NK
>> >     >
>> >     >
>> >     > On Tue, Nov 6, 2012 at 2:04 PM, Greg Norcie <greg at norcie.com
>> >     <mailto:greg at norcie.com>
>> >     > <mailto:greg at norcie.com <mailto:greg at norcie.com>>> wrote:
>> >     >
>> >     >     Nadim
>> >     >
>> >     >     I understand your position, but actions like this website
>> >     won't help
>> >     >     your cause.
>> >     >
>> >     >     Can you understand how actions like setting up this web site
>> >     might be
>> >     >     viewed as a way to call attention to oneself, rather than
>> >     champion the
>> >     >     (respectable) ideals of the open source movement?
>> >     >     --
>> >     >     Greg Norcie (greg at norcie.com <mailto:greg at norcie.com>
>> >     <mailto:greg at norcie.com <mailto:greg at norcie.com>>)
>> >     >     GPG key: 0x1B873635
>> >     >
>> >     >     On 11/6/12 1:53 PM, Nadim Kobeissi wrote:
>> >     >     > Ali,
>> >     >     > The issue is trust. Security software verifiability should
>> >     not have to
>> >     >     > depend on Silent Circle (or who they hire to audit, for
>> example
>> >     >     Veracode.)
>> >     >     >
>> >     >     >
>> >     >     > NK
>> >     >     >
>> >     >     >
>> >     >     > On Tue, Nov 6, 2012 at 1:51 PM, Ali-Reza Anghaie
>> >     >     <ali at packetknife.com <mailto:ali at packetknife.com>
>> >     <mailto:ali at packetknife.com <mailto:ali at packetknife.com>>
>> >     >     > <mailto:ali at packetknife.com <mailto:ali at packetknife.com>
>> >     <mailto:ali at packetknife.com <mailto:ali at packetknife.com>>>> wrote:
>> >     >     >
>> >     >     >     Nobody would dispute that - that's not quite the same
>> >     thing as
>> >     >     FOSS
>> >     >     >     default positions or some of the other criticisms.
>> >     >     >
>> >     >     >     For example, I'd contend a paid Veracode audit would in
>> all
>> >     >     >     likelihood be better than any typical FOSS audit. Had
>> they
>> >     >     done that
>> >     >     >     (heck, they might have but I doubt it) and still
>> >     announced the
>> >     >     >     intent of opening the codebase - I wager that would not
>> have
>> >     >     stopped
>> >     >     >     the criticism.
>> >     >     >
>> >     >     >     It appears to be a deep-seeded cultural divide more
>> than any
>> >     >     of the
>> >     >     >     other factors combined.
>> >     >     >
>> >     >     >     -Al
>> >     >     >
>> >     >     >
>> >     >     >
>> >     >     >     On Tue, Nov 6, 2012 at 1:43 PM, Yosem Companys
>> >     >     >     <companys at stanford.edu <mailto:companys at stanford.edu>
>> >     <mailto:companys at stanford.edu <mailto:companys at stanford.edu>>
>> >     >     <mailto:companys at stanford.edu <mailto:companys at stanford.edu>
>> >     <mailto:companys at stanford.edu <mailto:companys at stanford.edu>>>>
>> wrote:
>> >     >     >
>> >     >     >         Security audits are always important, especially
>> >     when people's
>> >     >     >         lives are at risk.
>> >     >     >
>> >     >     >         On Tue, Nov 6, 2012 at 10:37 AM, Nadim Kobeissi
>> >     >     <nadim at nadim.cc
>> >     >     >         <mailto:nadim at nadim.cc <mailto:nadim at nadim.cc>
>> >     <mailto:nadim at nadim.cc <mailto:nadim at nadim.cc>>>> wrote:
>> >     >     >
>> >     >     >             Hi Ali,
>> >     >     >             There is no "agenda," and there needn't be one
>> >     if you
>> >     >     are to
>> >     >     >             critique security software. No need to be so
>> >     aggressive.
>> >     >     >             My qualms against Silent Circle are detailed
>> >     >     >             here: http://log.nadim.cc/?p=89
>> >     >     >
>> >     >     >
>> >     >     >             NK
>> >     >     >
>> >     >     >
>> >     >     >
>> >     >     >             On Tue, Nov 6, 2012 at 1:34 PM, Ali-Reza Anghaie
>> >     >     >             <ali at packetknife.com
>> >     <mailto:ali at packetknife.com> <mailto:ali at packetknife.com
>> >     <mailto:ali at packetknife.com>>
>> >     >     <mailto:ali at packetknife.com <mailto:ali at packetknife.com>
>> >     <mailto:ali at packetknife.com <mailto:ali at packetknife.com>>>> wrote:
>> >     >     >
>> >     >     >                 Seriously - what's your agenda?
>> >     >     >
>> >     >     >                 Where are the domains for the other tens of
>> >     providers
>> >     >     >                 who charge arms and legs based on closed
>> >     protocols
>> >     >     even?
>> >     >     >
>> >     >     >                 What's the nit with Silent Circle
>> specifically?
>> >     >     Because
>> >     >     >                 they're accessible? Because it's easier to
>> use?
>> >     >     Because
>> >     >     >                 the founders have good track records of
>> >     standing up to
>> >     >     >                 Government too?
>> >     >     >
>> >     >     >                 Being absolutist about everything isn't
>> >     helping anyone
>> >     >     >                 who ~needs~ it - it's a privilege of the
>> "haves"
>> >     >     that we
>> >     >     >                 can have these conversations over and over
>> >     again.
>> >     >     >
>> >     >     >                 Shouldn't we have taken the "fight" to
>> >     carriers, Apple
>> >     >     >                 iOS T&Cs, etc. harder and longer ago? And
>> why do
>> >     >     we keep
>> >     >     >                 expecting private entities to fight our
>> >     Government
>> >     >     >                 battles for us? It's a losing proposition
>> and
>> >     >     increases
>> >     >     >                 the costs-per-individual to untenable levels
>> >     when
>> >     >     we mix
>> >     >     >                 absolutely all their enterprise with civil
>> >     liberty
>> >     >     issues.
>> >     >     >
>> >     >     >                 There has got to be a better way than this
>> >     ridiculous
>> >     >     >                 trolling and bickering. Someone? Anyone?
>> >     >     >
>> >     >     >                 Again, seriously, what's the agenda against
>> >     Silent
>> >     >     >                 Circle specifically?
>> >     >     >
>> >     >     >                 -Ali
>> >     >     >
>> >     >     >
>> >     >     >
>> >     >     >                 On Tue, Nov 6, 2012 at 1:20 PM, Nadim
>> Kobeissi
>> >     >     >                 <nadim at nadim.cc <mailto:nadim at nadim.cc
>> >     <mailto:nadim at nadim.cc>
>> >     >     <mailto:nadim at nadim.cc <mailto:nadim at nadim.cc>>>> wrote:
>> >     >     >
>> >     >     >                     http://issilentcircleopensourceyet.com/
>> >     >     >
>> >     >     >                     NK
>> >     >     >
>> >     >     >                     --
>> >     >     >                     Unsubscribe, change to digest, or change
>> >     password
>> >     >     >                     at:
>> >     >     >
>> >     >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> >     >     >
>> >     >     >
>> >     >     >
>> >     >     >                 --
>> >     >     >                 Unsubscribe, change to digest, or change
>> >     password at:
>> >     >     >
>> >     >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> >     >     >
>> >     >     >
>> >     >     >
>> >     >     >             --
>> >     >     >             Unsubscribe, change to digest, or change
>> >     password at:
>> >     >     >
>> >     >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> >     >     >
>> >     >     >
>> >     >     >
>> >     >     >         --
>> >     >     >         Unsubscribe, change to digest, or change password
>> at:
>> >     >     >
>> >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> >     >     >
>> >     >     >
>> >     >     >
>> >     >     >     --
>> >     >     >     Unsubscribe, change to digest, or change password at:
>> >     >     >
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> >     >     >
>> >     >     >
>> >     >     >
>> >     >     >
>> >     >     > --
>> >     >     > Unsubscribe, change to digest, or change password at:
>> >     >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> >     >     >
>> >     >     --
>> >     >     Unsubscribe, change to digest, or change password at:
>> >     >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> >     >
>> >     >
>> >     >
>> >     >
>> >     > --
>> >     > Unsubscribe, change to digest, or change password at:
>> >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> >     >
>> >     --
>> >     Unsubscribe, change to digest, or change password at:
>> >     https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> >
>> >
>> >
>> >
>> > --
>> > Unsubscribe, change to digest, or change password at:
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> >
>> --
>> Unsubscribe, change to digest, or change password at:
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>
>
>
> --
> Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20121106/dbdcd005/attachment.html>


More information about the liberationtech mailing list