Hacker News new | past | comments | ask | show | jobs | submit login

If this is closed source (and the source seems to be only implementing API calls to a closed system) then it's fair to assume that this application is probably insecure or has backdoors.

Also if the private key is stored in the cloud then it's likely to be subject to requisitions.




Private keys for secret chats are only stored on the two participating devices.

As for server code — open sourcing the server code wouldn't really do much to improve trust. You would still have to trust us that we are using THAT code, not something different.


Depending on your definition of "decentralised", open sourcing the code would enable other people to set up servers that they can trust is running that code.


"... open sourcing the server code wouldn't really do that much to improve trust."

It would allow people to run your code (if they like it) on their own servers. Then they wouldn't need to trust you.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: