Re: How regularly is the GnuPG source code examined?
Crypto_at_S.M.S
Date: 09/27/05
- Next message: tomstdenis_at_gmail.com: "Re: How regularly is the GnuPG source code examined?"
- Previous message: Crypto_at_S.M.S: "Re: How regularly is the GnuPG source code examined?"
- In reply to: tomstdenis_at_gmail.com: "Re: How regularly is the GnuPG source code examined?"
- Next in thread: tomstdenis_at_gmail.com: "Re: How regularly is the GnuPG source code examined?"
- Reply: tomstdenis_at_gmail.com: "Re: How regularly is the GnuPG source code examined?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 28 Sep 2005 06:09:12 +1000
tomstdenis@gmail.com wrote:
>
> As far as I know no open source project has EVER gone through a proper
> verification cycle. In many cases this is ok because a bug or failure
> is not harmful, just annoying. But in the case of cryptography it can
> be a nightmare.
>
> Tom
>
When you say "no open source project has EVER gone through a proper
verification cycle", do you mean that the source code was not really
inspected by the authors' peers? Isn't this the reason why some think
that open source is so important? If nobody really audits the source
code, how does distributing it help make the system more secure?
Just because somebody *could* have looked at it doesn't mean they did.
- Next message: tomstdenis_at_gmail.com: "Re: How regularly is the GnuPG source code examined?"
- Previous message: Crypto_at_S.M.S: "Re: How regularly is the GnuPG source code examined?"
- In reply to: tomstdenis_at_gmail.com: "Re: How regularly is the GnuPG source code examined?"
- Next in thread: tomstdenis_at_gmail.com: "Re: How regularly is the GnuPG source code examined?"
- Reply: tomstdenis_at_gmail.com: "Re: How regularly is the GnuPG source code examined?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
