On 10/11/2012 1:54 PM, Moxie Marlinspike wrote: > > In general, I'm not actually convinced that OSS is a necessity for > secure communication tools. Protocols can generally be verified on the > wire, and unfortunately, the number of people who are going to be able > to look at software-based cryptography and find vulnerabilities is very > small -- and two of them put their names behind Silent Circle.
Protocols aren't half the story. There is much more in a piece of cryptography software to consider. Backdoors, to say the very least. NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech