Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] issilentcircleopensourceyet.com

André Rebentisch tabesin at gmail.com
Tue Nov 6 16:26:28 PST 2012


Am 06.11.2012 20:13, schrieb Nadim Kobeissi:
> Greg,
> I don't intend to be anonymous. Why would I? I intend for Silent
> Circle to open their source code for review, because as it stands they
> are being dangerous to the methodology of security software development.

For the open source call (just saying):
- mere "disclosure of the source code" is different from "open source".
- source review is unreliable (reviewed != safe)
- disclosure of source code does not protect from tainted binaries or
other remaining attack vectors (e.g. download trail).

Agreed, source review tends to substantially improve the "blackness" of
grey.

Best,
André






More information about the liberationtech mailing list