Stef's six rules of snakeoilness.

---------- Treść przekazywanej wiadomości ----------

Temat: Re: Snowden triggers flood of Crapware [was: Gruveo, more secure skype?] Data: środa, 23 lipca 2014, 23:59:25 Od: stef Do: cypherpunks@cpunks.org

On Wed, Jul 23, 2014 at 05:24:22PM -0400, grarpamp wrote:

To quote OP... not open source.. not audited.. central servers.. webrtc.. 'no' logs.. and a shiny link for grins... and then claims it 'looks very interesting and promising'. WTF, really? I appreciate innocent questions, but the answer (or at least our response) should be obvious, from those parameters alone, to someone who's been around for a while.

exactly this prompted me to come up with the seven rules of thumb to detect snakeoil:

not free software runs in a browser runs on a smartphone the user doesn't generate, or exclusively own the private encryption keys there is no threat model uses marketing-terminology like "cyber", "military-grade" neglects general sad state of host security