[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Christoph Pagalies) (by way of [email protected] (Harry Shapiro) says:
> HH> Since that doesn't allow us to verify the code
> If heard that argument quite often, but do you really intend to examine
> all of the sources?
I tend to. I usually only look at diffs between successive versions.
In any case, the point is more about the capacity to examine the
sources more than anything. Even if one has not personally examined
them, the fact that others may examine them is a deterrent to
tampering at the release level. I don't believe in releasing
cryptography or other security software without sources.