[Bluenoser63]

This might very well be, but the point of my post is that the NSA for example has the resources to steal the sourcecode and find the bug, no matter if it is published or not. Now we at least know about it, if it went unpublished, we might never have known, but powerful adversaries are not so easily hindered.

BlackBerry should give us S/MIME and PGP capabilities!

NSA might have the resources to steal the source code and find the bug. Bad guys might not, but at least they don't have to steal open source code to find the vulnerabilities that the good guys aren't looking for or haven't found. Open source makes it simpler for them.

[sinkingphoenix]

NSA might have the resources to steal the source code and find the bug. Bad guys might not, but at least they don't have to steal open source code to find the vulnerabilities that the good guys aren't looking for or haven't found. Open source makes it simpler for them.

Read up on 'Security through Obscurity', which is what you are arguing for, and in contrast "Kerckhoff's Principle", which is the basis for my standpoint.

BlackBerry should give us S/MIME and PGP capabilities!

[Bluenoser63]

Read up on 'Security through Obscurity', which is what you are arguing for, and in contrast "Kerckhoff's Principle", which is the basis for my standpoint.

BlackBerry should give us S/MIME and PGP capabilities!

Theories are great, the problem is that reality gets in the way. Heartbleed has shown that unless good guys take the time to check for vulnerabilities (have motivation to check everything for nothing) then bad guys will always beat them to the punch as they have motivation and rewards for finding them.

[ArchGalileu]

I don't remember to know for example how to root any BlackBerry device...

I know Jailbreak, "root" android, but BlackBerry...

Something isn't clear out here...

And then bbm isn't safe?....

Show why... in a clear way...

If someone knows why...

Also, please FW to Angela Merkel...

ArchGalileu - Q10SQN100-3/10.3.1.1154

[Dave Bourque]

I don't remember to know for example how to root any BlackBerry device...

I know Jailbreak, "root" android, but BlackBerry...

Something isn't clear out here...

And then bbm isn't safe?....

Show why... in a clear way...

If someone knows why...

Also, please FW to Angela Merkel...

ArchGalileu - Q10SQN100-3/10.3.1.1154

Nobody can show why because it's simply not true.

Posted via CB10

[MmmHmm]

Theories are great, the problem is that reality gets in the way. Heartbleed has shown that unless good guys take the time to check for vulnerabilities (have motivation to check everything for nothing) then bad guys will always beat them to the punch as they have motivation and rewards for finding them.

[sinkingphoenix]

Theories are great, the problem is that reality gets in the way. Heartbleed has shown that unless good guys take the time to check for vulnerabilities (have motivation to check everything for nothing) then bad guys will always beat them to the punch as they have motivation and rewards for finding them.

You are absolutely right that there should be more incentives for 'good guys' to chase the bugs, as there should be more rigorous security audits of critical software. Google and other big tech companies are trying to do so already by offering bug hunting programmes and sponsoring own security teams to find bugs in open source software (project zero). But you can't solve the problem by saying 'We'll better just hide the code and hope no one finds the flaws that it might have'. That is not improving the security of the implementation, it's just trying to mitigate a deeper issue.�

BlackBerry should give us S/MIME and PGP capabilities!

[endevour]

"Secure"

Don't trust such reports, unless you forged them yourself!