Security of the Code

[alan.tyrell]

I am not trying to be negative here. I do believe there is a need for
a secure, adaptive and anonymous wave within the existing internet
fabric. And it must be free from any and all interference.

A couple of thoughts…
Is there not a risk with an open source code development model, that
code could be subverted to provide information that would defeat all
the other security measures?

Code update delivery methodology?

[Joe Hillenbrand]

You sound extremely naive. Openness is the only way to mitigate risk
in a project like this.

Interference will happen whether the source is open or not (hackers
don't need access to the source), so it might as well be open so that
anyone can fix potential issues.

> --
> You received this message because you are subscribed to the Google Groups "Phantom Protocol" group.
> To post to this group, send email to phantom-...@googlegroups.com.
> To unsubscribe from this group, send email to phantom-protoc...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/phantom-protocol?hl=en.
>

[alan.tyrell]

Then is there any point in developing a 'security' product that is
comprised at the get go, other than doing it as a proof of concept?

People looking for a secure anonymous internet routing protocol wont
use it, if can't be 'proved' secure beyond reasonable doubt.

It would be naive to think any different.

[Joe Hillenbrand]

Nobody will use it because there is only an unmaintainable reference
implementation, not because it's insecure.

The theoretical security is a requirement of the protocol and it has
nothing to do with the implementation.

[Ben Giles]

There is a risk that the code can be subverted, but it is no less or greater than closed source.

To read more about that topic see "security by obscurity".

Sent from Siri. Dictated not read.

[Joe Hillenbrand]

> Nobody will use it because there is only an unmaintainable reference

Oops, I meant "unmaintained". It's definitely maintainable.

[Magnus Bråding]

Also, "open source" does not imply that just anyone can edit the code in
the main trunk at their will. It will always be validated by a
maintainer before being accepted in there, so as long as you download
the program from the main repository (contrary to some random site that
says "download <name-of-open-source-product> from our special site here!".

In the latter case, it can indeed be an arbitrarily manipulated version,
but as mentioned previously in this discussion, the exact same thing
goes for closed source products in that scenario too, so there is really
no difference (other than possibly the somewhat increased skill level
required for binary modification of a closed source program, but there
are quite simple ways to do that too).

What rather makes the open source alternative more secure is that anyone
who wants to can download the source, review it in any detail, and then
compile their own binary executable from it (i.e. if they don't trust
the binary version in the main repository to do what it says it does).

Regards,
Magnus

On 2012-03-08 22:45, Ben Giles wrote:
> There is a risk that the code can be subverted, but it is no less or greater than closed source.
>
> To read more about that topic see "security by obscurity".
>
>
>
> Sent from Siri. Dictated not read.
>
> On 08/03/2012, at 9:11 AM, "alan.tyrell" <alan.s...@gmail.com> wrote:
>
>> I am not trying to be negative here. I do believe there is a need for
>> a secure, adaptive and anonymous wave within the existing internet
>> fabric. And it must be free from any and all interference.
>>

>> A couple of thoughts�

[Joe Hillenbrand]

Well put.

2012/3/8 Magnus Bråding <magnus....@fortego.se>:

>>> A couple of thoughts…