I love what they say in the videos. The videos are very well done and
immediately put you at ease. I have dealt with Phil's products for a
very long time, and I would trust that what he says is true as far as he
knows about this product.
However, open scrutiny of the code is the only way to truly know it's
hostile environment safe. To have the programmer community pour over the
code and test it six ways to Sunday. Not only by the developers
themselves. As good as Phil and the other developers are, it almost
always takes a fresh eye to pour over code to put it through tests even
the developers haven't foreseen.
Even when code is supposedly closed, it will ultimately be cracked, and
then the vulnerabilities will be known but to the bad guys only.
I would like to have seen them address the question of opening up the
code to the community for scrutiny in the videos.
And the following is also worrisome:
Google Chrome says silentcircle.com certificate is invalid and you have
to click through like it is a bad site to see the site.
Firefox, says that although it is https, only part of the site is
encrypted and only partially protected communication, and does not
prevent eavesdropping.
Safari does not go to the site, but instead puts up box saying Safari
can't verify the identity of the website 'silentcircle.com'
Interestingly enough, Opera showed it as Trusted. Go figure.
If they want people to trust their product, the site itself should be
trustworthy as well, don't you think?
If someone is close with these guys, maybe you could mention this to
them. I am sure they want everything to vibrate safe, secure, etc.
On 10/12/12 2:16 PM, Julian Oliver wrote:
This should help clear things up:
http://is.gd/ZmBaMD
(Featuring VJ Ann O'Nymous)
--
Unsubscribe, change to digest, or change password at:
https://mailman.stanford.edu/mailman/listinfo/liberationtech
