[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] "Safeplug"

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] "Safeplug"
From: Philipp Winter <identity.function@xxxxxxxxx>
Date: Sat, 23 Nov 2013 20:38:07 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 23 Nov 2013 14:41:13 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:subject:message-id:reply-to:mail-followup-to :references:mime-version:content-type:content-disposition :in-reply-to:user-agent; bh=wujITumxXn7EvKMzsSfkBqln52mCVMCvpX7g5Bye+ss=; b=YU8Uv15JYhOyCiXdAH6KYiO496D/nByzu/XjTtvQY/7Cn9WvERGlcpBBR4Nx7EOv7+ BC+PKL4NfBXGJo11FffpImb2h4xyyY8DkVteQCXqFnGS8scM4SEYzVccfpHQONi3Q/Jt S6X1S8qciINGIfaQhidQTjkPoV9I1BKT2K6lcer9xJBsc8k7hDyIFJkJNQMH742H7xQO zAQjUh7MduybQjX/Ekm33wjZ3R+9AWOCaxQvNlkWhkj2+QyOrEs769hmON5nnr79VM7H wwtW89mn7Rtk11T1qyFaDnUJEKJgBrHJOneQRl9OZ4Fc/VLwkFUxlpjxqyBc7wwcD9Bs DOow==
In-reply-to: <DUB121-W38D087EB3944E580CEDC3CC8E30@xxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Mail-followup-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
References: <20131122165044.3343f003@natsu> <20131122112533.GB5843@tuzo> <20131122190400.190c4392@natsu> <20131122155655.GD5908@xxxxxxxxxxxx> <52901799.4010009@xxxxxxxxxxxxx> <20131123134640.GG14841@xxxxxxxxxxxxxxxxxx> <DUB121-W38D087EB3944E580CEDC3CC8E30@xxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)

On Sat, Nov 23, 2013 at 02:22:48PM +0000, Mark McCarron wrote:
> How about a certification program?  A company can donate some
> funds to have their product evaluated and if successful gain
> "TOR Certified" status.  It would stop all this nonsense and
> provide everyone the opportunity to request specific features
> or amendments to designs.

I would imagine such a certificate to be quite misleading.  Even
professional code audits never catch all bugs.  So it would only
be a matter of time until one of these "Tor certified" products
would fail horribly which would then provoke reactions along the
lines of "but... it was certified?".

Also, audits are one time snapshots.  The very first commit
after the certification process might already introduce new
bugs.

Cheers,
Philipp
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] "Safeplug"
  - From: Gibson, Aaron

References:
- [tor-talk] "Safeplug"
  - From: Roman Mamedov
- Re: [tor-talk] "Safeplug"
  - From: Sean Alexandre
- Re: [tor-talk] "Safeplug"
  - From: Roman Mamedov
- Re: [tor-talk] "Safeplug"
  - From: andrew
- Re: [tor-talk] "Safeplug"
  - From: Griffin Boyce
- Re: [tor-talk] "Safeplug"
  - From: andrew
- Re: [tor-talk] "Safeplug"
  - From: Mark McCarron

Prev by Author: Re: [tor-talk] Orbot for Android
Next by Author: Re: [tor-talk] "Safeplug"
Previous by thread: Re: [tor-talk] "Safeplug"
Next by thread: Re: [tor-talk] "Safeplug"
Index(es):
- Author
- Thread