Comments on: Trust but Verify and Trust but Fork http://www.fredtrotter.com/2008/10/28/trust-but-verify-and-trust-but-fork/ Hacktivist, coding for social change Wed, 25 Jan 2012 14:14:05 +0000 hourly 1 http://wordpress.org/?v=3.0.4 By: ftrotter http://www.fredtrotter.com/2008/10/28/trust-but-verify-and-trust-but-fork/comment-page-1/#comment-3221 ftrotter Wed, 29 Oct 2008 18:43:40 +0000 http://www.fredtrotter.com/2008/10/28/trust-but-verify-and-trust-but-fork/#comment-3221 Etienne, You are absolutely correct. This is why "Trust but fork" is so important. Running your own server is the only way to be absolutely sure. Stallman, for instance, thinks it is crazy to trust a computer in the cloud. People running parallel instances of FOSS PHRs help the whole community in another way. It allows the frontend functionality to be compared between instances. So if the frontend of Fred's Indivo based PHR does not match Dossia's, then we know that there may have been backend changes as well. There are ways for companies to ensure that running sourcecode is the same as published sourcecode. You can use code-signing cryptography for this. You can even get community provided certificates for this purpose from CACert.org There is no way to prevent someone from publishing a sourcecode hash, that was created by an unmodified version of the software, but pretending that it came from modified running software. However, those kinds of games begin to approach the breach of more traditional anti-fraud laws. -FT Etienne,
You are absolutely correct. This is why “Trust but fork” is so important. Running your own server is the only way to be absolutely sure. Stallman, for instance, thinks it is crazy to trust a computer in the cloud.

People running parallel instances of FOSS PHRs help the whole community in another way. It allows the frontend functionality to be compared between instances. So if the frontend of Fred’s Indivo based PHR does not match Dossia’s, then we know that there may have been backend changes as well.

There are ways for companies to ensure that running sourcecode is the same as published sourcecode. You can use code-signing cryptography for this. You can even get community provided certificates for this purpose from CACert.org

There is no way to prevent someone from publishing a sourcecode hash, that was created by an unmodified version of the software, but pretending that it came from modified running software. However, those kinds of games begin to approach the breach of more traditional anti-fraud laws.

-FT

]]> By: Etienne http://www.fredtrotter.com/2008/10/28/trust-but-verify-and-trust-but-fork/comment-page-1/#comment-3219 Etienne Wed, 29 Oct 2008 14:02:28 +0000 http://www.fredtrotter.com/2008/10/28/trust-but-verify-and-trust-but-fork/#comment-3219 Fred How can you be sure that Dossia is running the same code that you actually inspect? Unless you personally compiled the code then you still have to trust the sysadmins at Dossia right? Checking the code that someone *say's* they are running is no proof of anything. Fred
How can you be sure that Dossia is running the same code that you actually inspect? Unless you personally compiled the code then you still have to trust the sysadmins at Dossia right?

Checking the code that someone *say’s* they are running is no proof of anything.

]]>