zlacker
[parent]
[thread]
5 comments
1. colord+(OP)
[view]
[source]
2020-06-05 06:17:28
The source code is available.
replies(4):
>>bawolf+e
>>antpls+tu
>>nautil+Qv
>>sadfkl+ax
◧
2. bawolf+e
[view]
[source]
2020-06-05 06:19:50
>>colord+(OP)
Fair enough. The point still stands you should do normal source code auditing before worrying about the crypto aspects.
◧
3. antpls+tu
[view]
[source]
2020-06-05 11:57:25
>>colord+(OP)
Great. So now, you need a Software Engineering degree AND a cryptography PhD
◧
4. nautil+Qv
[view]
[source]
2020-06-05 12:09:43
>>colord+(OP)
Ugh...now I have to get a phd in "source code" too??
◧
5. sadfkl+ax
[view]
[source]
2020-06-05 12:20:28
>>colord+(OP)
Unless the build is reproducible it would be smart for a paranoid person to use the published source code only as a comparison with the decompiled app.
replies(1):
>>sigmar+AO
◧◩
6. sigmar+AO
[view]
[source]
[discussion]
2020-06-05 14:09:32
>>sadfkl+ax
The build is reproducible:
https://github.com/signalapp/Signal-Android/blob/master/Repr...
[go to top]