On 11/07/13 at 01:36pm, Mitar wrote: > Hi! > > On Thu, Jul 11, 2013 at 1:04 PM, Julian Oliver <[email protected]> > wrote: > > A good point. Nonetheless the way forward for security critical software is > > toward de-centralisation; encouraging deployment and adaptation to local > > contexts - political, social and topological. This is why both client and > > server > > need to be open such that they can be both audited and adapted. > > But how do you assure that server is really running the server code you > audited? >
You can't; application design should rely on the "only trust myself" principle.. Thinking that remote nodes don't always play following the rules helps. This is really hard, I admit, but completely resolve this problem. You're right over one crucial point: we are talking about something which doesn't exists =) -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
