-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Thank you very much Jean! I really appreciate your feedback!
I am sorry for the delay of my reply. Jean-Philippe Ouellet: > The same problems would still apply, but would instead apply to > obtaining and bootstrapping trust in your copy of Qubes. If this is > a problem you really wish to solve, simply providing trust via > signed qubes templates is not sufficient. I am not sure why "simply providing trust via signed qubes templates is not sufficient". Do you mean if one do no verify the Lantern software, he/she will probably not do verify for Qubes OS installation file neither? Could you please explain more about this to me? Thank you very much! > >> B. Privacy ... By placing Lantern in an independent qube, it will >> not be able to collect the local user behaviors that happen in >> other qubes. > > I think claiming this is somewhat misleading unless you also also > enforce that the traffic within is somehow also protected > independently. Thank you for your feedback! I did find it misleading. The following is my correction to the previous statement. How do you like this one? By placing Lantern in an independent qube, it will not be able to collect the user behaviors that happen in other qubes. Additionally, a whonix-gateway can be set up between Lantern-Gateway and an AppVM, making all the traffic through the Lantern client encrypted by Tor client already. > Running the server-side infrastructure to forward traffic has > associated costs, and perhaps those running them somehow rely on > income from Lantern Pro in order to cover those costs? I think it > would be wise to at least start a discussion with them about this > rather than taking an adversarial approach towards Brave New > Software right from the start. Thank you very much for your advice! I agree with you that I should start a discussion with the Lantern community. I did not even realize this can be a problem. Your advice let me realize that there is a difference between being a DIY user and being a responsible developer. I will start a discussion with them soon! And I will report the result to the mail-list. > > Finally, (making the assumption that Iry Koon may not be your IRL > identity) > > On Sun, Mar 12, 2017 at 2:12 PM, iry > <[email protected]> wrote: >> Hi everyone! >> >> I am Iry. > > Be aware that Google will likely want to de-pseudonymize you at > least in order to pay you, and possibly also for > transparency/legal/tax/whatever reasons. If this is a concern, I > would strongly suggest discussing this with the GSoC administrative > staff well in advance of the relevant deadlines. > Thank you very much for your suggestions! I do find it valuable. I have taken care of the identity issue > Regards, Jean-Philippe Please let me say thank you again for your feedback, Jean! Best, Iry -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJYz1RBAAoJEKFLTbxtzdU89/MP/iix9UWM7+2TRlqmy16+0XTU NoP3ZpFB0XiF75cNU4bDyK4mUk9SqNGrEY9BG/Jl0BgPN60trQO4pLpri9ICMdx/ aZ3WPjqkwGYxNdRKROB5rxi3n1VuK59eV/p91Rnu6854SaKP7Xei7XNAO8QxkE4j BIsRe0IixcSRnzTh14mIrUDOSZp+APrzvoXZAB76a6XdnHR1zh0QN92Fba/rMXvb jxItzXAXPLC0vwVFjeemacBl67lhHkqv6pxw7GyMBnqH7R0mhFYrdSkwwBwof/O5 /y0qBpYsEZbsLQe/JHC19DgsxKwmaFdKl91pN3WmC77kIESCrW6DjpsafS7BNhDD dt/+oxGkSYQwQmCMn83oy44AyNXQJi412lompBB2TA5nJ4MRbWk5K74/FMQnFVuy pbRiQ7BREE1zYXKDDBswn8H6RJFbGdd2mjnqI/jWpkk+mggHLb5DitiY/vWRbIoP iqNJ0jWnvvScYnZMjWq1/mr+3SX+cvYK+6bkJrvdIWDr1EBlx1EZF2ecBcEOIfqK 2sDZRaTaHtToyVWMOcljWmDCS5c5S30TyoOb1Ef1m1TZrjGDZMCtWw43VzBlfHqu vsZ3D1iFQPSb/zTWaPuSbUwpQB3x6Qqzipkrxe2m6/mTj4V9bIXSNHqOxquRRoLr mH6xCjhkhAqIPdH9j8bP =cn8Z -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/oank7t%249eg%242%40blaine.gmane.org. For more options, visit https://groups.google.com/d/optout.
