Nadim is biased - and that matters little IMO. That puts him in the company of, oh, 100% of other professionals. ;-)
My complaint is that if there is an agenda, and I take him at his word for what he wrote, are these repeated and targeted nits at an accessible and usable player who does use standards, has good written policy, who does have history on it's staff and founder's side, has "Government" blood on its hands, etc. a ~good~ idea for the wider goals? Or could Nadim, and others in his highly visible position, be a bit more diplomatic and show potential support with the caveats that they will only wait so long to see the promises fulfilled or to be engaged directly. This isn't unique to Nadim, not by a long shot, as I noted earlier in thread it's a cultural divide that I think continues to widen the gap between the enablers and those most in need of solutions. -Ali On Tue, Nov 6, 2012 at 2:25 PM, Nadim Kobeissi <[email protected]> wrote: > Greg, > If you can see anything that is biased in my blog post, please let me know > so I can fix it ASAP. > > > NK > > > > On Tue, Nov 6, 2012 at 2:23 PM, Greg Norcie <[email protected]> wrote: > >> Nadim, >> >> I am aware of your blog post - especially since this is the third time >> you have posted it in this thread :) >> >> I am simply cautioning you that you could be creating the appearance of >> a bias. >> -- >> Greg Norcie ([email protected]) >> GPG key: 0x1B873635 >> >> On 11/6/12 2:13 PM, Nadim Kobeissi wrote: >> > Greg, >> > I don't intend to be anonymous. Why would I? I intend for Silent Circle >> > to open their source code for review, because as it stands they are >> > being dangerous to the methodology of security software development. I >> > have already written a blog post about this under my own >> > name: http://log.nadim.cc/?p=89 >> > >> > >> > NK >> > >> > >> > On Tue, Nov 6, 2012 at 2:11 PM, Greg Norcie <[email protected] >> > <mailto:[email protected]>> wrote: >> > >> > Nadim, >> > >> > You are correct - the website (nor the whois) mention you. But your >> post >> > on this mailing list does. >> > >> > You seem like a very intelligent guy - if you had intended this to >> be an >> > anonymous critique, I doubt you'd have used your real name to post >> the >> > link :) >> > -- >> > Greg Norcie ([email protected] <mailto:[email protected]>) >> > GPG key: 0x1B873635 >> > >> > On 11/6/12 2:06 PM, Nadim Kobeissi wrote: >> > > Greg, >> > > The website does not mention me at all, it's purely meant as a >> > complaint >> > > against Silent Circle's policy. I've already written a lengthy >> post >> > > regarding Silent Circle (http://log.nadim.cc/?p=89) and yet have >> > > received no reply. >> > > >> > > >> > > NK >> > > >> > > >> > > On Tue, Nov 6, 2012 at 2:04 PM, Greg Norcie <[email protected] >> > <mailto:[email protected]> >> > > <mailto:[email protected] <mailto:[email protected]>>> wrote: >> > > >> > > Nadim >> > > >> > > I understand your position, but actions like this website >> > won't help >> > > your cause. >> > > >> > > Can you understand how actions like setting up this web site >> > might be >> > > viewed as a way to call attention to oneself, rather than >> > champion the >> > > (respectable) ideals of the open source movement? >> > > -- >> > > Greg Norcie ([email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>) >> > > GPG key: 0x1B873635 >> > > >> > > On 11/6/12 1:53 PM, Nadim Kobeissi wrote: >> > > > Ali, >> > > > The issue is trust. Security software verifiability should >> > not have to >> > > > depend on Silent Circle (or who they hire to audit, for >> example >> > > Veracode.) >> > > > >> > > > >> > > > NK >> > > > >> > > > >> > > > On Tue, Nov 6, 2012 at 1:51 PM, Ali-Reza Anghaie >> > > <[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>> >> > > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>>> wrote: >> > > > >> > > > Nobody would dispute that - that's not quite the same >> > thing as >> > > FOSS >> > > > default positions or some of the other criticisms. >> > > > >> > > > For example, I'd contend a paid Veracode audit would in >> all >> > > > likelihood be better than any typical FOSS audit. Had >> they >> > > done that >> > > > (heck, they might have but I doubt it) and still >> > announced the >> > > > intent of opening the codebase - I wager that would not >> have >> > > stopped >> > > > the criticism. >> > > > >> > > > It appears to be a deep-seeded cultural divide more >> than any >> > > of the >> > > > other factors combined. >> > > > >> > > > -Al >> > > > >> > > > >> > > > >> > > > On Tue, Nov 6, 2012 at 1:43 PM, Yosem Companys >> > > > <[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>>> >> wrote: >> > > > >> > > > Security audits are always important, especially >> > when people's >> > > > lives are at risk. >> > > > >> > > > On Tue, Nov 6, 2012 at 10:37 AM, Nadim Kobeissi >> > > <[email protected] >> > > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>>> wrote: >> > > > >> > > > Hi Ali, >> > > > There is no "agenda," and there needn't be one >> > if you >> > > are to >> > > > critique security software. No need to be so >> > aggressive. >> > > > My qualms against Silent Circle are detailed >> > > > here: http://log.nadim.cc/?p=89 >> > > > >> > > > >> > > > NK >> > > > >> > > > >> > > > >> > > > On Tue, Nov 6, 2012 at 1:34 PM, Ali-Reza Anghaie >> > > > <[email protected] >> > <mailto:[email protected]> <mailto:[email protected] >> > <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>>> wrote: >> > > > >> > > > Seriously - what's your agenda? >> > > > >> > > > Where are the domains for the other tens of >> > providers >> > > > who charge arms and legs based on closed >> > protocols >> > > even? >> > > > >> > > > What's the nit with Silent Circle >> specifically? >> > > Because >> > > > they're accessible? Because it's easier to >> use? >> > > Because >> > > > the founders have good track records of >> > standing up to >> > > > Government too? >> > > > >> > > > Being absolutist about everything isn't >> > helping anyone >> > > > who ~needs~ it - it's a privilege of the >> "haves" >> > > that we >> > > > can have these conversations over and over >> > again. >> > > > >> > > > Shouldn't we have taken the "fight" to >> > carriers, Apple >> > > > iOS T&Cs, etc. harder and longer ago? And >> why do >> > > we keep >> > > > expecting private entities to fight our >> > Government >> > > > battles for us? It's a losing proposition >> and >> > > increases >> > > > the costs-per-individual to untenable levels >> > when >> > > we mix >> > > > absolutely all their enterprise with civil >> > liberty >> > > issues. >> > > > >> > > > There has got to be a better way than this >> > ridiculous >> > > > trolling and bickering. Someone? Anyone? >> > > > >> > > > Again, seriously, what's the agenda against >> > Silent >> > > > Circle specifically? >> > > > >> > > > -Ali >> > > > >> > > > >> > > > >> > > > On Tue, Nov 6, 2012 at 1:20 PM, Nadim >> Kobeissi >> > > > <[email protected] <mailto:[email protected] >> > <mailto:[email protected]> >> > > <mailto:[email protected] <mailto:[email protected]>>>> wrote: >> > > > >> > > > http://issilentcircleopensourceyet.com/ >> > > > >> > > > NK >> > > > >> > > > -- >> > > > Unsubscribe, change to digest, or change >> > password >> > > > at: >> > > > >> > > https://mailman.stanford.edu/mailman/listinfo/liberationtech >> > > > >> > > > >> > > > >> > > > -- >> > > > Unsubscribe, change to digest, or change >> > password at: >> > > > >> > > https://mailman.stanford.edu/mailman/listinfo/liberationtech >> > > > >> > > > >> > > > >> > > > -- >> > > > Unsubscribe, change to digest, or change >> > password at: >> > > > >> > > https://mailman.stanford.edu/mailman/listinfo/liberationtech >> > > > >> > > > >> > > > >> > > > -- >> > > > Unsubscribe, change to digest, or change password >> at: >> > > > >> > https://mailman.stanford.edu/mailman/listinfo/liberationtech >> > > > >> > > > >> > > > >> > > > -- >> > > > Unsubscribe, change to digest, or change password at: >> > > > >> https://mailman.stanford.edu/mailman/listinfo/liberationtech >> > > > >> > > > >> > > > >> > > > >> > > > -- >> > > > Unsubscribe, change to digest, or change password at: >> > > https://mailman.stanford.edu/mailman/listinfo/liberationtech >> > > > >> > > -- >> > > Unsubscribe, change to digest, or change password at: >> > > https://mailman.stanford.edu/mailman/listinfo/liberationtech >> > > >> > > >> > > >> > > >> > > -- >> > > Unsubscribe, change to digest, or change password at: >> > https://mailman.stanford.edu/mailman/listinfo/liberationtech >> > > >> > -- >> > Unsubscribe, change to digest, or change password at: >> > https://mailman.stanford.edu/mailman/listinfo/liberationtech >> > >> > >> > >> > >> > -- >> > Unsubscribe, change to digest, or change password at: >> https://mailman.stanford.edu/mailman/listinfo/liberationtech >> > >> -- >> Unsubscribe, change to digest, or change password at: >> https://mailman.stanford.edu/mailman/listinfo/liberationtech >> > > > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech >
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
