On 25-07-2013 23:17, atair wrote: > This basically means, that everyone(!) can access, modify and > redistribute the source code of the program (see [2] if you're > interested). There are lots of people (usually volunteers from all > over the wold) who do peer reviews on the sources (and if you start > with [2], _you_ can be another one). Therefore, changes that look like > back doors are VERY unlikely to find their way in a release, because > hundreds of people are looking how the software evolves and will > reject such a patch.
Yes, I know the mantra, and I'm sure that obvious backdoors are not present because they would be found rather quickly. However, more subtle bugs leading to decipherable messages can take more time to find. The infamous PRNG bug in pgp 5 on Unix is a well-known example. That said, I do trust GnuPG with things I like to keep confidential. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
