> mm. It says on the SC website that it will use 
>"Open Source Peer-Reviewed Encryption,"
> "Peer Reviewed Encryption and Hashing Algorithms,"
> and also says "we believe in open source." Is that very ambiguous

As a reporter working on a "piece", you should make sure you understand the 
different between using open-source and being open-source. Having code 
availability for private audit or dumping a zip file of code that doesn't quite 
build entirely is very different from bring a fully transparent open-source 
project. I am not splitting hairs here, just trying to make sure that you look 
beyond vague statements and perhaps ask "where's your git repo going to be 
hosted?" or "what license are you planning to use?" or even "will an 
independent developer be able to compile and run their own version of your 

As an example, Phil's much heralded ZRTP protocol was openly published but 
server code to enable Asterisk support for it had a very ambiguous license that 
made it unusable in anything but a pure academic setting.

Like "organic", open-source is a term that is easily claimed but not often 
truly fulfilled. Nadim should be given more credit for the completely 
transparent and engaged open-source project he runs, and for defending an 
approach and philosophy that he is completely living up to.

Unsubscribe, change to digest, or change password at: 

Reply via email to