maemo.org - Talk - View Single Post - Unbreakable cipher app

dschoepe	2014-01-02 , 16:07
Posts: 2 \| Thanked: 2 times \| Joined on Dec 2013 @ Gothenburg	#17

I think it would be a good idea to try and port these apps to whatever device you have in mind, as they are open-source and many skilled people looked at them, as far as I know:

https://whispersystems.org/

Originally Posted by pichlo

s/closed source/proprietary algorithm

Having worked for a crypto company myself (although not involved in the actual crypto stuff, so no tricky questions please, I am not an expert), I would have no problem using a commercial, closed-source application - as long as the actual algorithm is published. It is the guys that invent their own algorithms that I have no trust for. Security through obscurity is the least reliable kind.

In that case you still have to trust that the company didn't make any mistakes in implementing and/or using the algorithm. As others have said, even if you use an algorithm that is believed to be secure, it's very hard to use it in a secure manner with the right protocols, etc.. If you have an open-source application, a lot more people will (hopefully) check the code for this kind of mistakes.

(And this is all under the optimistic assumption that the company is not malicious or coerced to insert backdoors by some intelligence agency.)

Quote & Reply |

The Following User Says Thank You to dschoepe For This Useful Post:
pichlo