Re: TrueCrypt 7.1 repos on GitHub - forking starting point

[Dave Howe <davehowe.pentesting () gmail com>]

On 30/05/2014 21:00, Brandon Perry wrote:
> Two issues with this:
>
> 1) TrueCrypt wasn't free as in freedom, it was free as in beer. These forks
> break the license afaik.
Not seeing this to be honest. I have taken a look at the 3.0 licence
(applicable to 7.1a), and can't see any real reason to state that you
couldn't fork the project under a new name, but keeping the same code
base and licence.  Its possible I missed something though, which actual
term do you feel prevents forking?

> 2) Do you trust these users to understand the codebase thoroughly enough
> and understand cryptography enough to not introduce stupid crypto bugs?
> That is a huge caveat.
No. But if there is an independent auditor already being paid to audit
the code, and THAT project has plenty of funding left, it would seem a
worthwhile use of the money to audit any new changes as they are
committed, so that once we HAVE an audited codebase, it stays audited
despite being a moving target.



_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/