| How would you know one way or the other? You trust your OS and user agent. Would be better if there were strong cryptographically signed assurances that the open source build is the one you have. And lots of companies should be looking through the source and patches. And even then someone might have hidden a back door by now. And your CPU and encryption algorithms might contain back doors, too. I would say all these things are fixable over time. Cory Doctorow talks about the war on general computing by spyware and locked-down devices. Ultimately the only way to have trust is the same way Ripple has trust - by using products from various ostensibly unrelated parties - indeed enemies - to check adherence an agree-upon standard, like code signing from source without compiler backdoors. So you can eg inspect code. https://softwareengineering.stackexchange.com/a/184896/13446... Here are some recent examples: http://www.cnbc.com/2017/06/23/under-pressure-western-tech-f... http://m.mspmentor.net/managed-security-services/kaspersky-l... https://disruptiveviews.com/chinese-demand-source-code-imple... http://fortune.com/2016/04/19/china-demanded-apple-iphone-co... |