On 4/22/14, 14:37 , Edward Ned Harvey (blu) wrote: > You're saying, that the only way anybody in the world can trust anything, is > to literally download everything from source, *read* all the source, and > compile it themselves.
instead of just calling "bs" can you suggest some other means by which you can trust crypto software? if you're not doing this work [source examination and local compile] then what are you basing your trust upon? someone else's word? someone else's audit report? what other means are available to you? people are very clever and often do not tell the truth. do you have children? also, if a bunch of people [say in the context of a corporation] is the one offering the audit ... well, the record of corporations acting out of any motivation outside of next quarter's numbers is pretty bad ... [simple example: GM ignition recall] i just don't see how you can say you trust some software that you haven't examined. or maybe i just have an inaccurate sense of the nature of human beings ... maybe there's a mitigated risk here that is unspoken [so far]. -- \js [http://or8.net/~johns/] : i am alive _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
