| Hi Thank you, yes we know about haystack and are very aware of the dangers. I also have a heavily annotated copy of The Net Delusion sat on my desk right now. We're not going into this blindly and each of us has a tin foil hat ;) I do apologise if we're coming over as distracted by this conversation and in a hurry to get back with our work. I fear this risks becoming an "emacs vs vi" thread that ultimately resolves nothing - I've worked close to 100 hours already this week and will be working flat out until well past midnight GMT tonight. To be brutally honest while security is critical participating in this particular conversation cannot be an immediate priority for me and the team even though we do welcome your interest and criticisms. I asked for patience. I'll repeat that again. We are exhausted and rushed off our feet not least because we have to earn a living when not working on Sukey. Please give us time. By all means if you don't trust us, don't use it and don't sign up now. Wait and see. We are in a massive crunch to get ready for the TUC demonstration on 26 March. We are supporting the legal, democratic right of peaceful protest within a democratic society. If and when we extend the tool - as we hope to do - so that it could be used in authoritarian regimes then it has to be bullet proof security but right now we want our users to go into it with open eyes - aware of all the criticisms you guys have raised and having read our: http://sukey.org/idiotwarning I hope that we will have addressed all of your issues and will have got the code up under a licence that makes everybody happy before the 26 March. I'm really sorry if that answer doesn't satisfy some of you. We are not bad people just very busy and under enormous stress. I apologise if that has made us seem curt or evasive. I do hope that you come to realise that with time. An email from RMS has to be one of the high points of my life so far: front page, however briefly, on HN comes second :) You are important to us but our priority right now has to be getting the code right and ready and addressing criticisms in the code rather than debating it online. |
Doing a "hit and run" response to comments on HN between other tasks takes far, far less time than writing a concrete, specific, water-tight technical document on security. No one on this thread was happy with the one we rushed out before and rightly so. We're not going to repeat that mistake :)