Full Disclosure mailing list archives
Re: TrueCrypt 7.1 repos on GitHub - forking starting point
From: Dave Howe <davehowe.pentesting () gmail com>
Date: Tue, 03 Jun 2014 12:13:52 +0100
On 30/05/2014 21:00, Brandon Perry wrote:
Two issues with this: 1) TrueCrypt wasn't free as in freedom, it was free as in beer. These forks break the license afaik.
Not seeing this to be honest. I have taken a look at the 3.0 licence (applicable to 7.1a), and can't see any real reason to state that you couldn't fork the project under a new name, but keeping the same code base and licence. Its possible I missed something though, which actual term do you feel prevents forking?
2) Do you trust these users to understand the codebase thoroughly enough and understand cryptography enough to not introduce stupid crypto bugs? That is a huge caveat.
No. But if there is an independent auditor already being paid to audit the code, and THAT project has plenty of funding left, it would seem a worthwhile use of the money to audit any new changes as they are committed, so that once we HAVE an audited codebase, it stays audited despite being a moving target. _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Re: TrueCrypt 7.1 repos on GitHub - forking starting point Dave Howe (Jun 03)