Stian they are worried about application integrity.


On Sat, Mar 8, 2014 at 4:55 PM, Stian Jørgensrud <stianahj@gmail.com> wrote:
What are you two discussing here, really? I don't understand.


diiz wrote
> On 03/08/2014 04:03 AM, Tres Finocchiaro wrote:
>>
>>     When the link is embedded in our software, the users will get the
>>     impression that we guarantee the viability of that link.
>>
>>
>> Then let's guarantee it.  We've all "been there" in terms of watching
>> free services die off (such as the hypothetical SourceForge
>> unavailability), so lets buy the domain we've been talking about and
>> make sure it's under an account that a handful of trustworthy
>> community members have access to.  Let's make sure we can all renew it
>> and access it under an inbox that we can all sign into.
>
> Even if buy the domain and we own it now (btw who pays it, are you
> offering to?) what happens if we lose it in the future? There needs to
> be a secondary authentication mechanism. Something for the software to
> use to check if the address it's given is still viable.
>
>>  We can't hide behind these excuses as the sole reasons for not
>> providing a service.  If it's too much work, fine.  If it's too
>> expensive, fine, but our banks, our paychecks, our EFTs, this very
>> email, our SourceForge login, our PC data, our photo uploads, our VPN
>> connections, they all relies on certain assumptions of security,
>> despite the backdoors that we know do exist.
>
> Security considerations are not "excuses". Man I'm glad you're not in
> charge of my bank account...
>
> There are ways to create completely secure structures. Like bitcoin.
> Apart from someone figuring out a way to break all modern cryptography,
> there's simply no way for an unauthorized person to access a bitcoin
> address to steal money from it. If you lose the private key to a bitcoin
> address, those coins are lost forever, because there's just absolutely
> no way to access an address without the correct key.
>
> And all THAT is possible without ANY centralized "source of trust", with
> just a peer-to-peer network of enthusiasts, crypto geeks and investors.
>
> So don't you tell me that it's impossible to guarantee security. It's
> not. It's just a matter of putting some effort to it.
>
> The question is, is this feature worth that effort.





--
View this message in context: http://linux-multimedia-studio-lmms.996328.n3.nabble.com/Roadmap-tp6750p6877.html
Sent from the lmms-devel mailing list archive at Nabble.com.

------------------------------------------------------------------------------
Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce.
With Perforce, you get hassle-free workflows. Merge that actually works.
Faster operations. Version large binaries.  Built-in WAN optimization and the
freedom to use Git, Perforce or both. Make the move to Perforce.
http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
_______________________________________________
LMMS-devel mailing list
LMMS-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lmms-devel



--
Jonathan Aquilina