Il 8/17/13 7:08 PM, Jon Callas ha scritto: > On Aug 17, 2013, at 2:41 AM, ianG <i...@iang.org> wrote: > > > So back to Silent Circle. One known way to achieve some control over their closed source replacement vulnerability is to let an auditor into their inner circle, so to speak. > > One correction of fact: > > Our source is not closed source. It's up on GitHub and has an non-commercial BSD variant license, which I know isn't OSI, but anyone who wants to build, use, and even distribute their verified version is free to do so.
It would be important to have a semi-automatic allignment of the Github's source code code base to each SilentCircle application's release. Now Github code is 6 months old. This would allow inspection of code before upgrade, additionally improving the transparency. -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
