On 07/15/2012 09:44 AM, Jacob Appelbaum wrote: >> Again: Is the source public? Have there been reviews/audits? Jake? :)
We've recently put up two posts as part of our overall efforts to self-audit in a very public, transparent manner: "A Network Analysis of Encrypted Voice over OSTN" https://guardianproject.info/2012/07/05/a-network-analysis-of-encrypted-voice-over-ostn/ "Threats and Usability of Secure Voice" https://guardianproject.info/2012/07/10/threats-and-usability-of-secure-voice/ You can also find the project wiki here, which includes all the research we did into the various clients, servers, services, etc: https://guardianproject.info/wiki/OSTN As for source code, you can find everything here: https://github.com/guardianproject/OSTel Our full project tracker is also here, if you want to report bugs, comment on features, or otherwise get involved: https://dev.guardianproject.info/projects/ostn/roadmap It must be noted that OSTN is more an exercise in integration, configuration and tuning, than outright software development from scratch. All the pieces existed already to put the stack together (CSipSimple for Android, and Freeswitch server), but they just needed a bit more work on ensuring they worked together in a simple manner. So in summary, eff ya there are audits, notes, code, reports, and basically whatever else we can manage to put out there, in order to build trust with our users and supporters. +n _______________________________________________ liberationtech mailing list [email protected] Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
