Am 22. Mar, 2013 schwätzte Kevin Brown so: > Being open source doesn't prevent an application from doing what Skype does. > Especially if you are talking to someone else's server. I use Apache for my This is why I and a couple of others specifically mentioned end-to-end encryption :). If the IM clients aren't encrypting specifically to each other, then the conversation is open to server-side surveillance. > stuff, no user coming to a site I build has any idea what Apache is doing > with the request they are making. I could very easily make the server report > to the FBI for any connection to "questionable" material and no one would be > the wiser. Same thing with any software that needs an intermediary to work > (IM, web browsing, email, etc...). Yup. Also, just because it's Free Software doesn't mean the binary distribution hasn't been compromised. They might claim they've released the complete and corresponding source code, but did they? A nice thing about Red Hat Enterprise Linux (RHEL) is that CentOS is a complete bare bones rebuild, so we can audit to see if there are any binary differences. Fedora, debian, Ubuntu and others have derivatives that also rebuild a great portion of the distro, so they're also gettting audited just as a matter of the normal business cycle. I see this as a huge benefit of the Free Enterprise features of Free Software. ciao, der.hans -- # http://www.LuftHans.com/ http://www.LuftHans.com/Classes/ # Nobody grows old merely by living a number of years. # We grow old by deserting our ideals. # Years may wrinkle the skin, but to give up enthusiasm # wrinkles the soul. -- Samuel Ullman