Hacker News new | past | comments | ask | show | jobs | submit login

> even the best security researchers would not detect it

By examining only the network traffic, sure, but what about by examining the code?




Is the facebook app open source?


Nope!

That hasn't necessarily stopped people from learning something about how it works, though.


true, but does someone do it? I remember that auditing Truecrypt was already a substantial deliberate undertaking.

And that' not even taking into account that it might be possible to push something different to each user.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: