Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Good and Bad Crypto

On 4/22/14, 14:37 , Edward Ned Harvey (blu) wrote:
> You're saying, that the only way anybody in the world can trust anything, is to literally download everything from source, *read* all the source, and compile it themselves.

instead of just calling "bs" can you suggest some other means by which
you can trust crypto software?

if you're not doing this work [source examination and local compile]
then what are you basing your trust upon?

someone else's word? someone else's audit report? what other means are
available to you?

people are very clever and often do not tell the truth. do you have
children?

also, if a bunch of people [say in the context of a corporation] is the
one offering the audit ... well, the record of corporations acting out
of any motivation outside of next quarter's numbers is pretty bad ...
[simple example: GM ignition recall]

i just don't see how you can say you trust some software that you
haven't examined. or maybe i just have an inaccurate sense of the nature
of human beings ...

maybe there's a mitigated risk here that is unspoken [so far].

-- 
\js [http://or8.net/~johns/] : i am alive
BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix / webmaster@blu.org