> Ordinary people do not know this word "code" (especially open
> source). They believe that the piper calls the tune. And in fact it
> is very difficult to argue with such a statement without falling into
> the technical details ("code is open")
"code is open" means NOTHING, so sorry - just look at OpenSSL.
That "open code" is somehow safe is a completely false myth. It is very
easy to insert "bugs" that result in huge security holes into any "open
code" project and we have seen more than enough examples of this to
keep wearing blinders and pretend that "the code is available" means
that the code is safe.
"code is audited" means a tiny bit more. I would really like to see
some truly independent audit. Such an audit could (like Tor itself) be
funded using cryptocurrencies like Bitcoin so that governments can not
easily prevent donations.
Attachment:
signature.asc
Description: PGP signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk