[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Unsigned Mac OS X binary for TorBrowser



I guess it comes down to risk calculus:

Which has a worse outcome: training users to ignore security warning
from OSX, or the chilling effects an Apple NDA could have on the project.

(I don't pretend to know the answer myself.)

--
Greg Norcie (greg@xxxxxxxxxx)
GPG key: 0x1B873635

On 11/9/12 6:25 PM, Roger Dingledine wrote:
> On Fri, Nov 09, 2012 at 06:05:58PM -0500, Matthew Fisch wrote:
>> TorProject should be registered as an Apple software developer, and the
>> binary should be signed, both to increase credibility of the torproject
>> and the safety of users.
> 
> I agree with you about the 'safety of users' side. But I'm not so clear
> on the 'credibility' side. Last I checked, to become an official Apple
> developer, they required you to sign an NDA *in order to see the agreement
> they would then ask you to sign*.
> 
> We at Tor aren't big on signing blanket broad NDAs with large
> corporations, so you can see why we'd be hesitating (to put it nicely). I
> imagine we're not the only ones.
> 
> --Roger
> 
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> 
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk