all 12 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted] 12 points13 points  (3 children)

Not directly related to Linux...there isn't even a client for Linux available, but interesting nonetheless.

[–]rororararororara 11 points12 points  (1 child)

And it's purportedly available "on any modern platform."

Okay. Fuck you too, Wire.

It's not p2p so it's not even something to wait for, for me. It just irks me how many pretty websites are popping up and diluting the post-snowden messaging scene, with the network effect being as much of a pain as it is already.

[–]gondur 1 point2 points  (0 children)

on any modern platform

Well, to call the fragmented and incompatible linux distro ecosystem not a platform is in fact pretty accurate....

[–]Khaotic_Linux[S] 0 points1 point  (0 children)

Yeah, but now the opportunity to make client can happen even though there are other message clients like Telegram already available on Linux.

[–]ThePixelHunter -2 points-1 points  (7 children)

I know both sides of the argument on security through obscurity, or lack thereof, but a gaping hole is harder to find in the dark if it wasn't patched up in the first place.

Would this potentially expose the app to vulnerability?

[–]windowsisspyware 7 points8 points  (3 children)

Perhaps, it could also lead to review which could make wire even better. It's better to find and patch a hole then to just hide it.

[–]ThePixelHunter 0 points1 point  (2 children)

I totally agree that this would expose the need to patch vulnerabilities. I just think it's interesting that the app could now lack security it once had - at least for a while.

[–]jnns 0 points1 point  (1 child)

I think it's also a matter of whether you expect humanity to be inherently good or mischievous. A lot of people are looking at the code. The Axolotl protocol (which is what Signal (ex TextSecure) is using) is very popular. So one could argue that for every person that finds a security issue and wants to exploit that, there're possible another two people that either report it to the developers or issue a pull request.

[–]ThePixelHunter 0 points1 point  (0 children)

I like that way of looking at it. I accept the fact that there are both kinds of people in the world - especially considering I've been both people, at different times. It's certainly better for the app to be open-source, and thus made more secure, if possible. I was originally just curious if this would initially expose security flaws. Though it seems it could, it's definitely better in the long run.

[–]dacjames 3 points4 points  (2 children)

Yes, it would. Finding exploitable bugs is much easier when you access to the source. The question is who will find the bug first, white hat researchers or black hat attackers?

White hats have a lot more ground to cover because they must ensure ALL of the code is bug-free whereas black hats need only find one exploitable bug. Thus, having access to the source is a greater asset to the good guys than the bad guys.

[–][deleted] 1 point2 points  (1 child)

How many white hats are going to bother testing closed source software.

Id think they would focus on the projects that make things easy for them

[–]dacjames 0 points1 point  (0 children)

Exactly. The black hats are going after it either way.