Dnia wtorek, 19 sierpnia 2014 20:20:17 piszesz: > On Tue, Aug 19, 2014 at 11:35:18PM +0200, rysiek wrote: > > Well, > > > > not trying to be a wet blanket, but why use Subrosa, when RetroShare does > > almost all of that (sans group video conferences), and does not require a > > single server, at all? > > > > If RS was able to get crypto right and in a completely decentralised > > manner, why go back to client-server architecture, with all it's > > potential single points of failure? > > Deployment. Since there is no AGPLv3 hardware that contains all the tools > required to design (and validate no trojan circuits), we might as well just > use client-server from groups that we have some confidence in their motives, > or at least that write good code.
So you either have a situation in which you use free software secure communication project on unverified hardware, or a situation in which you use a free software secure communication project with potential single points of failure, and on unverified hardware. Both situations are not great, but one is a bit less bad. Can you spot, which? ;) > How do I get Retroshare on my phone? (okay, bad question, because Qualcomm > has my keys), but if I want my friends to use it, It needs to work on > android/ios/etc. The same way you get Subrosa on any client right now: write a mobile client for it. Instead of writing a new client-server architecture (which *should* be considered obsolete by now, IMVHO) tool, why not expand upon the completely decentralised projects? -- Pozdr rysiek
signature.asc
Description: This is a digitally signed message part.
