On Wed, Oct 22, 2014 at 01:23:46PM -0400, Andrew Gwozdziewycz wrote: > Who are we talking about? *I* use free software. Despite that, I can't > fully trust what my computer is doing, because I can't verify the > hardware the software runs on isn't doing something malicious. I also > can't verify that my hardware isn't emitting signals that some > malicious person is picking up via some sort of device > [https://www.usenix.org/legacy/events/sec09/tech/full_papers/vuagnoux.pdf > and others], nor can I easily verify that a TLS key that I'm > protecting my connection with isn't extremely weak, and in otherwords, > my communication is actually completely insecure. Nor, can I assume, > in this day and age, that there aren't a crap ton of other errors in > the TLS protocol, or bugs (keep in mind this is in free software > implementations) in the implementations that make me no more unsafe > than running blobs. > > So, yeah, I can verify the software, perhaps, but that doesn't really > make me safe.
Access to the source code of the software you are running is necessary but not sufficient[1]. As simple as that. What is your point here? Since you can't be sure about all details you give a flying fuck about _everything_ and use non-open-source software? You can't be serious. >> People have hired me in the past because of the look of desktop, yes. > That's insane and stupid, and you should have declined the offer due > to their idiocy! Any moron can learn to customize the way their > desktop looks. Well, I oversimplified, you know that. > And no, I don't develop web applications with ruby and javascript. >> Me either, but lots of other (some of them are even very >> intelligent!) people *do.* Sorry to be the bearer of bad news. I just don't care about them. Kind regards, -Alex [1] https://en.wikipedia.org/wiki/Necessity_and_sufficiency
