How do you make a secret more secure by publishing your code book? Many companies hide their code; this hides bugs from exploitation, in essence providing security through obscurity. However, Lava-bit, the flag ship of secure email, just published all of its encryption code. While this may sound counter-intuitive, open sourcing their encryption code is one of the best ways to provide security. Now Lava-bit encryption will be open to constant public review. Hidden bugs will be trampled by mobs of contributors. Perhaps most importantly, this decentralizes all the public keys preventing big brother from stealing lava-bit’s keychain. Now I hold the key to my secure email, and only I can decrypt them. Because Lava-bit has revealed its secrets, I can rest assured that mine are secure.
It makes it harder for the Government to squash private security as well.
ReplyDelete