Search Mailing List Archives
[liberationtech] Cryptography super-group creates unbreakable encryption
nadim at nadim.cc
Tue Feb 19 14:29:36 PST 2013
I agree with Julian!
And it doesn't mean that if you open source your code, you can't profit
from it. You can pick a license that makes your code open source while
still giving you IP rights. While I personally don't like those licenses,
for-profit crypto companies should always do this and publish their source
BEFORE the app is released, so there's time for audits and public review.
On Tue, Feb 19, 2013 at 5:21 PM, Julian Oliver <julian at julianoliver.com>wrote:
> ..on Mon, Feb 18, 2013 at 08:00:24PM -0800, Adam Fisk wrote:
> > I think the principle of that is great, but in practice we just can't
> > all review all the code all the time. In practice we often end up
> > trusting open source code that is far worse reviewed than much of the
> > closed source code we trust. I'm not trying to attack open source --
> > I've been writing open source code full time for the past 13 years --
> > it's what I do. But I don't think we should be delusional about it.
> I find this an unproductive black-and-white argument. Proprietary software
> not grant and encourage its own users even the /possibility/ to fully
> audit the
> service whereas open source software does.
> It's a no brainer, quite frankly.
> We need to simply stop considering proprietary solutions at all (as it's
> ridiculous to have any case of trust built atop it) and make our starting
> the wide variety of open source software, some of which is poorly
> engineered and
> some which is not.
> The "what sucks the least" scale must begin with open source, not
> offerings from for-profit companies with a centralised service.
> Again, it's a no-brainer.
> Julian Oliver
> Unsubscribe, change to digest, or change password at:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the liberationtech