undefined | Better HN

0 pointsjosh26007y ago0 comments

I am going to say this one more time because I think it's a real point and I think you're dismissing it out of hand is unreasonable: there are things that can be learned from the server.

It's one thing to tell people that you aren't logging anything. It's another thing to show everyone you're not logging anything except the account creation date and last access date by open sourcing the software and then show exactly that in a response to a national security letter: https://www.aclu.org/open-whisper-systems-subpoena-documents.

0 comments

3 comments · 1 top-level

zeeboo7y ago· 2 in thread

Did you notice how your proof rests entirely on the NSA letter, and not the source code of the server at all? Isn't a world conceivable where they open sourced the server, with no logging, and then sent an NSA letter that contained information that wasn't logged in the open source code? If this is somehow impossible, please explain how.

josh2600OP7y ago

Did you notice how you can compare the NSA letter to the source code and realize the effect is that they're the same?

If you didn't have the NSA letter, would you be able to verify the source code? If another project got an NSA letter and responded to it, would it tell you anything about the source code?

This is simple: Having the source code means you get to learn more from the other signals, no pun intended, of how that source code is used.

Again, as we move to a world where servers have more verifiable code running on them, the value of having open source code will increase.

zeeboo7y ago

I don't understand your points about the NSA letters, which makes me think that my point was missed. I am saying that the NSA letter claiming that only some information was logged is fully independent of the open source code of the server. Assuming the NSA letter reflects the truth, there could be more information or less information that what appears to be collected from the open source server code because, once again, the server does not have to be running the open source code, and even if it were, that does not preclude other systems from running against the same information the server has access to. Hence, open sourcing the server does not affect the security of the system at all. If the system is insecure without knowledge of how the server works, then the system is insecure. Period.

I think you're trying to argue that open source is good, and I agree with you. Open sourcing the server has many benefits. The only point I have consistently been trying to make is that open sourcing it does not help with determining the security of the system, whatsoever.

edit:

> If you didn't have the NSA letter, would you be able to verify the source code?

No, but even if the code was open sourced, you would not be able to verify the code that is running.

> If another project got an NSA letter and responded to it, would it tell you anything about the source code?

It would tell you something about the code they are running, yes, but nothing about the code they open sourced.

> This is simple: Having the source code means you get to learn more from the other signals, no pun intended, of how that source code is used.

This is equally simple: the source code that is open may have nothing to do with the source code that is running, and you must assume that they are not equal when auditing the security of the system.

1 more reply

j / k navigate · click thread line to collapse