krishna e bera <k...@cyblings.on.ca> wrote: >There are several pseudonymous development sponsors (named only by >single letters). Any of them could be GCHQ or NSA or one of their >front >agencies. >It doesnt matter - all of the code remains open source and the >developers have their own public reputation to maintain.
Patches are reviewed by some of the most conscientious and intelligently-paranoid security engineers on the planet. The constant "but what if nsa?" refrain tries my patience like nothing else. It assumes that both the US government and Tor are monoliths. Neither could be farther from the truth. The ecosystem is also arranged in such a way that the most competent security engineers, cryptographers, and circumvention developers have their eyes on Tor. If someone doesn't trust Tor, then they shouldn't use it. Tor devs consistently push security fixes to Firefox, so maybe they shouldn't use that, either. =P As for funding, read the tax forms and you'll see where Tor's funding comes from. It's not from the NSA, and I'm happy to stake my reputation on that. I wouldn't be involved if that were the case. ~ Griffin -- Sent from my tracking device. Please excuse brevity and cat photos. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
