The point is, code was open but nobody (competent) looked at it so no added assurance from being open. Open != verified.
-
-
-
"We have both internal and external review of our code to ensure that it is secure" I'd focus on its failure rather than OSS or not
-
I understand reasons for not going OSS, however I don't like poor claims and incorrect justifications (https://www.yubico.com/2016/05/secure-hardware-vs-open-source/ …)...
-
...that just hide the real reasons.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.