This is the sixth time you've "asked" in this thread about TextSecure's audit. C... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

tptacek on April 3, 2014 | parent | context | favorite | on: CryptoCat iOS Application Penetration Test [pdf]

This is the sixth time you've "asked" in this thread about TextSecure's audit. Cryptocat has literally never implemented a crypto feature of any sort, from random number generation all the way through user authentication, without some terrible vulnerability. TextSecure, on the other hand, is the subject of a total of zero published crypto vulnerabilities.

Whatever Moxie's reasons for not having published their audit, I'm sure they're valid. Either way, no amount of innuendo about TextSecure is going to change the ground truth about your own project.

There might be no person on the Internet more poorly positioned to cast aspersions on other people's projects than you. Please stop.

kaeporan on April 3, 2014 [–]

To be clear, I'm not trying to cast aspersions. As I've already stated, TextSecure is a great project that I strongly recommend.

I'm trying to have a serious discussion regarding transparency of audits. I feel your reaction is overly aggressive and not genuinely constructive.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact