[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Fwd: I Encourage Everyone, Right Here And Now, To Donate Money To His Three Main Security Programs, Which He Uses The Most!


Thanks for posting this story.

GPG is certainly a fundamental tool that many of us rely upon and is well-deserving of more donations and funding.

I will certainly donate some euros to him soon.

I'm developing security/anonymity-focused free software (Qubes + Whonix) without any funding or donations, but am largely driven by my strong personal desires for having and using such software. This strong personal desire sustains me as long as I need such software for myself (probably several years into the future). And I'm focused on a software platform that affects my entire computing base, from low-level system infrastructure to high-level user applications.

I could see how not really truly personally needing his own software, or focusing so tightly on maintaining a secondary component of his own computing needs and for other people, would wear on a developer/person over time, compared to the development situation I'm currently in.

Overall the free software community focused on security and privacy really needs meaningful investment made into it that reflect its fundamental value to society.

Sadly, most users just want shiny new stuff with cool features, and so closed source mainstream technology corporations see the majority of all demand and revenue from users.

Sadly, the most powerful arms of governments around the world do not want robust open source security and privacy/anonymity tools to be successful.

Leveraging the self-interest of corporations and wealthy individuals is probably where the most fertile ground currently exists for large funding of open source security/privacy tools.

There probably needs to be a further mass culture shift of realizing...

Open Source = Trustable = Secure/Private

Closed Source  = Untrustable = Backdoored/Spyware

The corporations and wealthy individuals take in trillions per year. Spending a fraction of a fraction to ensure the technology that their organizations, families, and themselves personally use is trustworthy/secure/private and is not compromising their own lives should be an investment no-brainer for them, since they as a class control trillions per year in financial resources. If they can just make the very good association to open source technology and very bad association to closed source technology. Unlike less-powerful organizations and less-wealthy people, they have both the means and motives to ensure that their technology is not screwing them, by investing into key open source projects.

As more business executives and business IT people make the association of closed source being untrustworthy, there is probably some growing market demand for business products to deliver open source security and privacy technologies to businesses/corporations. It would be great if there were more beneficial financial links between successful open source security/privacy products and the open source infrastructure we all widely rely upon. For example, just *one* popular security/privacy tool, based on open source, could generate the funds to double or more Tor's current stream of annual funding.

And, also, I wonder why "bad guys" of the world don't regularly invest many millions into open source technology development. It would seem to be in their logical opsec self-interest and they have the economic means as well. Not that they'd openly write checks with their name on it, but done anonymously via cryptocurrency etc.

Low open source funding is probably one of the biggest security holes to the integrity of our infrastructure/security/privacy/anonymity tools.

It is hard to even point to a stack of existing tools for anybody, even including to us security/anonymity tool developers, to remain truly secure and private, since so much key infrastructure is so over-bloated, under-verified, and ripe for exploits.

This quote from the article is probably also one of the key reasons why our industry of open source security/privacy remains so grossly under-financed...

"Really I am better at programming than this business stuff."

The "business stuff" is a fundamental key for ensuring the successful -- not just social mission -- but actual core technical integrity of our security/privacy technology.

We'd be many years ahead of our current development and verification curve as an industry if we had greater financial resources within our currently teeny tiny industry that probably at least hundreds of millions of people are directly trusting in and relying upon.

Those who have the most money and most to lose should be running to invest in key projects. And we should do better at positioning ourselves and our industry for such (ethical) investments.

Such a critical issue!


tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to