No, my views are not based on my own needs or paranoia. As a security-oriented software developer I recognize that software that claims to be secure needs to deliver, because people like Snowden, Assange et al. may be…
I'm not making any assumptions as to their motives; I have not accused them of any wrong doing. As far as I'm concerned, they might be working in good faith or they might not be. That's not good enough when it comes to…
Yes, in theory it is possible. However even 100% secure proprietary software must be assumed to be insecure, because we're still running on blind faith, which is patently stupid for anyone who requires security.
You're making the baseless (and some might say naive) assumption that it is secure to the best of their knowledge. If they really wanted to build trust then they would prove it and leave no doubt in people's minds.
Your points are well taken, but this is unfortunately a sacrifice that needs to be made in the name of security. While partial centralization would solve a few problems, it would also introduce weak points in its…
There are already FOSS replacements for Skype, such as Tox. The fact is that if every line of code can't be inspected then the software can't be considered secure, and we're forced to put blind faith in a faceless…
No one is taking this project lightly and I don't know why you would suggest otherwise. You keep vaguely alluding to "the nature of the commits" but still have yet to give a single concrete example of what you have…
Google play store doesn't have that problem.
Comparing C to Javascript makes no sense, and Javascript is NOT a safe language. Those issues you mentioned are due to programmer incompetence. Bad programmers will make bad code no matter what language they program in.…
Yes, everything is encrypted from what I can tell.
You're talking complete nonsense. Constructive criticism please.
C is far from a non-safe language; it's the language of choice for NASA systems that lives depend on after all. I'm not sure what you're trying to point out with those links. How is this related to openssl?
Toxic is the name of the CLI client. https://github.com/tox/toxic I take the opposite perspective though. In nature toxins and poisons are used as protection against predators.
No, my views are not based on my own needs or paranoia. As a security-oriented software developer I recognize that software that claims to be secure needs to deliver, because people like Snowden, Assange et al. may be…
I'm not making any assumptions as to their motives; I have not accused them of any wrong doing. As far as I'm concerned, they might be working in good faith or they might not be. That's not good enough when it comes to…
Yes, in theory it is possible. However even 100% secure proprietary software must be assumed to be insecure, because we're still running on blind faith, which is patently stupid for anyone who requires security.
You're making the baseless (and some might say naive) assumption that it is secure to the best of their knowledge. If they really wanted to build trust then they would prove it and leave no doubt in people's minds.
Your points are well taken, but this is unfortunately a sacrifice that needs to be made in the name of security. While partial centralization would solve a few problems, it would also introduce weak points in its…
There are already FOSS replacements for Skype, such as Tox. The fact is that if every line of code can't be inspected then the software can't be considered secure, and we're forced to put blind faith in a faceless…
No one is taking this project lightly and I don't know why you would suggest otherwise. You keep vaguely alluding to "the nature of the commits" but still have yet to give a single concrete example of what you have…
Google play store doesn't have that problem.
Comparing C to Javascript makes no sense, and Javascript is NOT a safe language. Those issues you mentioned are due to programmer incompetence. Bad programmers will make bad code no matter what language they program in.…
Yes, everything is encrypted from what I can tell.
You're talking complete nonsense. Constructive criticism please.
C is far from a non-safe language; it's the language of choice for NASA systems that lives depend on after all. I'm not sure what you're trying to point out with those links. How is this related to openssl?
Toxic is the name of the CLI client. https://github.com/tox/toxic I take the opposite perspective though. In nature toxins and poisons are used as protection against predators.