[kwlug-disc] FAANG-free list

Andrew Sullivan Cant acant at alumni.uwaterloo.ca
Fri May 15 15:58:12 EDT 2020


Mikalai,

>> They have also been open sourcing more of their stack which is pretty
>> awesome.
>> https://protonmail.com/blog/protonmail-open-source/
> 
> c) And how do I know that this code is running on their servers right
> now? How do I know that my particular IP won't get a patched JS in a web
> client that will leak my key, to open end-to-end encrypted messages for
> wiretapping? There is no technical guarantee.
> 
> Don't get me wrong, open source code is great, especially when you can
> run it as a federated service from your own box. But open-sourcing is
> not a protection from scary APT's.

Absolutely. Open sourcing their code is only a slight improvement. If I
have already decided to outsource my email hosting, I would rank a host
that which supports and contributes to open source higher than one that
does not.

But until I am hosting my own email, or using a 3NWeb solution :), I
have already given up a certain level of control.

Andrew
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x0EA280F3A5B9E0D1.asc
Type: application/pgp-keys
Size: 13929 bytes
Desc: not available
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20200515/11b009fe/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20200515/11b009fe/attachment.sig>


More information about the kwlug-disc mailing list