Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Cryptography super-group creates unbreakable encryption

Nadim Kobeissi nadim at nadim.cc
Fri Feb 8 08:48:49 PST 2013


Overall, I am dissatisfied with Chris totally ignoring my point regarding
hype in the media. Chris selectively criticizes projects he doesn't like
when the media hypes them up, but when it's Silent Circle, even calling it
"unbreakable crypto" doesn't get anything out of him but dozens of
quotations all over their media blitz. I remain convinced that he is being
absolutely unfair and biased.


NK


On Thu, Feb 7, 2013 at 8:14 PM, Christopher Soghoian <chris at soghoian.net>wrote:

> See Inline
>
> On Thu, Feb 7, 2013 at 12:15 PM, Andy Isaacson <adi at hexapodia.org> wrote:
>
>> Silent Circle may be an excellent privacy app.  It might not have any
>> significant security problems.  It might even do a good job of
>> mitigating important platform-based attacks and supporting important new
>> use cases (the "burn after reading" feature).  When it's actually open
>> source I'll take a look and if it is good, I'll recommend it to users.
>>
>> Until that open review happens, I think it's inappropriate for voices in
>> our community to commend or recommend such a proprietary system.  Each
>> person makes their own choices, of course, and nobody should base their
>> actions solely on what *I* think is right, but I hope you can hear my
>> concerns and consider the outcomes of your actions.
>>
>
> Twitter's official client and server code are not open source. That hasn't
> stopped the good folks at EFF, as well as many other privacy advocates from
> praising the company's law enforcement transparency policies, as well as
> Twitter's willingness to go the extra mile when responding to various forms
> of legal process.
>
> Much of Google's code, including all of the Gmail backend code is not open
> source, but that hasn't stopped privacy advocates from legitimately
> praising the company for voluntarily publishing some really useful data on
> government requests and DMCA takedown demands.
>
> Although I have not recommended Silent Circle to anyone, I believe that it
> is entirely legitimate to praise the company for its commitment to
> transparency regarding law enforcement requests and the company's overall
> law enforcement policy.
>
> Hell, looking at the list of companies ranked on EFF's "Who's got your
> back" website, closed source is by far the norm, not the exception. That
> hasn't stopped EFF from giving out gold stars where they feel they are
> deserved. See:
> https://www.eff.org/pages/when-government-comes-knocking-who-has-your-back
>
> In fact, for many of the factors that I am most interested in, source code
> is completely irrelevant. Client source code does not reveal a company's
> data retention policy, and server data retention configurations are
> impossible to verify. Source code does not reveal whether a company will
> tell its users about subpoenas submitted for user data where not prevented
> from doing so by a gag order. Source code will not reveal a company's
> willingness to spend hundreds of thousands of dollars on legal bills to
> fight an improper request submitted by lawyers at the Department of
> Justice. For such things, you have to evaluate the company on its public
> policy (and, once the policy is put into action, you can judge the company
> via its track record).
>
> By all means, continue to harass Silent Circle about its source code.
> Likewise, please do hold journalists accountable for the bogus headlines
> they, or their editors have selected. But do not dismiss my legitimate
> interest in the law enforcement legal policies adopted by companies. These
> policies are often just as important, yet impossible to verify, even when
> companies publish their source code.
>
> Cheers,
>
> Chris
>
> --
> Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130208/13f96390/attachment.html>


More information about the liberationtech mailing list