Thanks for the thoughtful reply; it makes sense. I could provide you with an objective, third-party review, like this one<http://download.cnet.com/8301-2007_4-57373684-12/do-not-track-plus-add-on-stops-the-tracking-paparazzi/>from CNET, but it doesn't seem like it would make a difference if you can't see the source. You make a good point about providing a license to independent auditors. If you or anyone else reading this are interested in seeing the DNT+ source with those use limitations, just email our CTO, Andy Sudbury, at and...@getabine.com.
-Sarah On Fri, May 25, 2012 at 12:37 PM, Eleanor Saitta <e...@dymaxion.org> wrote: > On 2012.05.25 16.37, Sarah A. Downey wrote: > > I'll respond to your "everything must be open source" statement, > > although I'm fairly certain it won't have any effect on your opinion > > that "closed" always equals "bad." And please keep in mind that we're > > giving away a /free /add-on with /zero /tracking of or advertising to > > its users. > > > > It's an unnecessarily restrictive and self-handicapping position that > > software /must /be open source to be useful for privacy. Plenty of open > > source privacy tools have come and gone in the past because they aren't > > sustainable without funding. > > > > Our software does what it says, and it's designed to be simple enough > > that the vast majority of Internet users--people who aren't coders or > > particularly tech savvy--can use it. > > The problem here is that we don't trust you. It's nothing personal. We > don't trust anyone, unless we can verify. If we can't see exactly what > the tool does, we don't have a way of verifying what it does. This is > critical normally, but much more important for tools that claim to > provide privacy or security protection. > > There are a lot of ways around this. Open source is one of them. > Providing source access to independent auditors under a license that > does not restrict them from talking about what it does and how it does > it is another. > > If you're not willing to be open about exactly how your tool protects my > privacy, why should I trust that you got it right? No, I don't expect > all users will check, or care, but some of us will, and we tell others > what they should use. > > Privacy, like crypto, is *hard*. Would you trust someone who claimed to > have a super-secure crypto algorithm that they wrote themselves that's > never been peer reviewed? No. Why should we do it with a privacy tool? > > E. > > -- > Ideas are my favorite toys. > > > _______________________________________________ > liberationtech mailing list > liberationtech@lists.stanford.edu > > Should you need to change your subscription options, please go to: > > https://mailman.stanford.edu/mailman/listinfo/liberationtech > > If you would like to receive a daily digest, click "yes" (once you click > above) next to "would you like to receive list mail batched in a daily > digest?" > > You will need the user name and password you receive from the list > moderator in monthly reminders. You may ask for a reminder here: > https://mailman.stanford.edu/mailman/listinfo/liberationtech > > Should you need immediate assistance, please contact the list moderator. > > Please don't forget to follow us on http://twitter.com/#!/Liberationtech > -- *Sarah A. Downey* Privacy Analyst | Attorney Abine, The Online Privacy Company t: @SarahADowney | p: 800.928.1987
_______________________________________________ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
