[tor-talk] "Safeplug"

Gibson, Aaron aagbsn at extc.org
Mon Nov 25 13:25:37 UTC 2013

On 2013-11-23 19:38, Philipp Winter wrote:
> On Sat, Nov 23, 2013 at 02:22:48PM +0000, Mark McCarron wrote:
>> How about a certification program?  A company can donate some
>> funds to have their product evaluated and if successful gain
>> "TOR Certified" status.  It would stop all this nonsense and
>> provide everyone the opportunity to request specific features
>> or amendments to designs.
> I would imagine such a certificate to be quite misleading.  Even
> professional code audits never catch all bugs.  So it would only
> be a matter of time until one of these "Tor certified" products
> would fail horribly which would then provoke reactions along the
> lines of "but... it was certified?".
> Also, audits are one time snapshots.  The very first commit
> after the certification process might already introduce new
> bugs.
> Cheers,
> Philipp

On the other hand, any Tor-Related hardware is of interest the wider 
community, and many on these lists would be happy to 
receive/evaluate/give feedback, on both actual physical hardware as well 
as proposed designs. Ideally, companies interested in producing safeplug 
like devices would come to the tor-* mailing lists in search of advice, 
feedback, review of proposed designs, and potential hires/developers.

Take note, because we all want to see more Tor in the world!


More information about the tor-talk mailing list