|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2016-05-17 14:58:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
Yubico has posted a blog entry defending the company's decision to switch to closed-source code in the Yubikey 4 product. "If you have to pick only one, is it more important to have the source code available for review or to have a product that includes serious countermeasures for attacks against the integrity of your keys?"
See also: Konstantin Ryabitsev's response to this posting. "When it comes to any hardware, we must at some point trust the manufacturer -- unless we have very large budgets that would allow us to fully monitor every step of the manufacturing process. In the absence of such large budgets, we must base our trust on the company's prior record and their willingness to work with the community to show that their hands are clean and their intentions are pure. Putting out a blackbox proprietary device after all the good will you have built up with NEOs sends the exact opposite message."
