Edward Ned Harvey (blu) wrote:
Anyone following the AeroFS thread knows I just wrote a bunch about good and bad crypto, with particular emphasis that the quality of crypto is not strongly correlated to the code being open or closed source.
Indeed. The Heartbleed fiasco is a perfect example of how being open source does not magically make the code "better". As you wrote previously, it's not the quantity of eyes looking at the code, it's the quality of those eyes.
I like how AeroFS and BTSync handle things. Even if the encryption is weak or flawed they never store any of the data. A master key is of little use to an attacker if he can't get his hands on the lockbox.
-- Rich P. _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
