[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Non-free country law preventing Tor from getting donations



On Mon, 16 Jun 2014 08:43:06 +0000
ÐÑÑÑÑ ÐÑÑÐÐÐÐ <art.istom@xxxxxxxxx> wrote:

> On Mon, Jun 16, 2014 at 09:00:24AM +0200, Ãyvind Saether wrote:
> > > Ordinary people do not know this word "code" (especially open
> > > source). They believe that the piper calls the tune. And in fact
> > > it is very difficult to argue with such a statement without
> > > falling into the technical details ("code is open")
> > 
> > "code is open" means NOTHING, so sorry - just look at OpenSSL.
> > 
> > That "open code" is somehow safe is a completely false myth. It is
> > very easy to insert "bugs" that result in huge security holes into
> > any "open code" project and we have seen more than enough examples
> > of this to keep wearing blinders and pretend that "the code is
> > available" means that the code is safe.
> 
> Much easier insert backdoor into proprietary software. Even hide
> nothing/"nowhere"

	Irrelevant. The discussion isnt about closed vs open source.
	
	But since you mention it...

	....people Âtrust open source code more because it
	is allegedly harder to subvert. It may be harder. Or not. 
	
	But at the end of the day, subverted open source code is as bad, or
	worse, than subverted closed source code.

 

> 
> > 
> > "code is audited" means a tiny bit more. I would really like to see
> > some truly independent audit. Such an audit could (like Tor itself)
> > be funded using cryptocurrencies like Bitcoin so that governments
> > can not easily prevent donations.
> 
> Agreed 100%. Today it is more important than auditing TrueCrypt.
> 
> 

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk