|
|
|
|
|
|
by dsacco
3591 days ago
|
|
|
I don't have skin in this game, but I want to mention that contests are not evidence of security. Furthermore, cryptographers other than those working at Signal have expressed distrust for its security.[1][2] What Telegram should do to earn the trust of the technical community (specifically, the security savvy people who criticize it for unorthodox encryption methodologies), is contract a real audit from a leading security firm that specializes in cryptanalysis, like Riscure. [1]: https://twitter.com/matthew_d_green/status/72642891296898252... [2]: https://news.ycombinator.com/item?id=9775080 |
|
|
Suggestions like this do nothing to dispell the image that modern security firms are little more than a protection racket. If you don't pay for "an audit" from an "industry leading" firm, you'll be shunned by everyone.