Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Silent Circle to publish source code?

Nathan nathan at freitas.net
Thu Oct 11 17:12:09 PDT 2012


Ryan,

> mm. It says on the SC website that it will use 
>"Open Source Peer-Reviewed Encryption,"
> "Peer Reviewed Encryption and Hashing Algorithms,"
> and also says "we believe in open source." Is that very ambiguous

As a reporter working on a "piece", you should make sure you understand the different between using open-source and being open-source. Having code availability for private audit or dumping a zip file of code that doesn't quite build entirely is very different from bring a fully transparent open-source project. I am not splitting hairs here, just trying to make sure that you look beyond vague statements and perhaps ask "where's your git repo going to be hosted?" or "what license are you planning to use?" or even "will an independent developer be able to compile and run their own version of your software?". 

As an example, Phil's much heralded ZRTP protocol was openly published but server code to enable Asterisk support for it had a very ambiguous license that made it unusable in anything but a pure academic setting.

Like "organic", open-source is a term that is easily claimed but not often truly fulfilled. Nadim should be given more credit for the completely transparent and engaged open-source project he runs, and for defending an approach and philosophy that he is completely living up to.

+n8fr8


More information about the liberationtech mailing list