[tor-talk] Tor source code

Juan Miguel Navarro Martínez juanmi.3000 at gmail.com
Thu Jun 8 19:56:05 UTC 2017


On 2017-06-08 at 21:16, Suhaib Mbarak wrote:
> My question is to make sure wether tor source code is open and available
> for public or not?
>
If it wasn't then no one would ever use such a software to achieve as
close as 100% anonymity. The moment some part is close sourced, it can
be used to put a backdoor or a "calling home" code which would give the
real IP to whoever was that code intended to receive.

> In case it is open source and can be modified how it is secure?!!!!
> 
You should read more about libre and open source software before making
such a question. But to keep it simple:

- The code is open for everyone to compile, modify and redistribute.
- All source code that comes from the official repository (Tor Project
one) has no third-party modification, so the code that you receive
should be as secure as it was developed.
- There are also the binary files released by Tor Project which should
be the product of compiling that same source code.
- Only a program is not secure if you got it from a shady place or you
modified yourself in an insecure way.

And if you think closed source software is more secure then you are
wrong. Not only you nor anyone else can't check if it is secure, you nor
anyone can't modify it (legally) to fix their insecurities until the
developers do so (if they do).

-- 
Juan Miguel Navarro Martínez

GPG Keyfingerprint:
5A91 90D4 CF27 9D52 D62A
BC58 88E2 947F 9BC6 B3CF

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20170608/81a75e37/attachment.sig>


More information about the tor-talk mailing list