BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Good and Bad Crypto
- Subject: [Discuss] Good and Bad Crypto
- From: richard.pieri at gmail.com (Richard Pieri)
- Date: Sun, 20 Apr 2014 11:29:50 -0400
- In-reply-to: <14b5446b65314ece8402914040d7efb6@CO2PR04MB684.namprd04.prod.outlook.com>
- References: <14b5446b65314ece8402914040d7efb6@CO2PR04MB684.namprd04.prod.outlook.com>
Edward Ned Harvey (blu) wrote: > Anyone following the AeroFS thread knows I just wrote a bunch about > good and bad crypto, with particular emphasis that the quality of > crypto is not strongly correlated to the code being open or closed > source. Indeed. The Heartbleed fiasco is a perfect example of how being open source does not magically make the code "better". As you wrote previously, it's not the quantity of eyes looking at the code, it's the quality of those eyes. I like how AeroFS and BTSync handle things. Even if the encryption is weak or flawed they never store any of the data. A master key is of little use to an attacker if he can't get his hands on the lockbox. -- Rich P.
- References:
- [Discuss] Good and Bad Crypto
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] Good and Bad Crypto
- Prev by Date: [Discuss] AeroFS
- Next by Date: [Discuss] AeroFS
- Previous by thread: [Discuss] Good and Bad Crypto
- Next by thread: [Discuss] Good and Bad Crypto
- Index(es):