17 Dec
2003
17 Dec
'03
11:17 p.m.
Christoph Pagalies) (by way of habs@cmyk.warwick.com (Harry Shapiro) says:
HH> Since that doesn't allow us to verify the code
If heard that argument quite often, but do you really intend to examine all of the sources?
I tend to. I usually only look at diffs between successive versions. In any case, the point is more about the capacity to examine the sources more than anything. Even if one has not personally examined them, the fact that others may examine them is a deterrent to tampering at the release level. I don't believe in releasing cryptography or other security software without sources. Perry