You are viewing a single comment's thread from:
RE: Gollum snapshot filtered down to 8380 names [+ Security Recommendation]
The stuff is open source, you are welcome to audit the code. Although yeah, that is still a great suggestion.
The stuff is open source, you are welcome to audit the code. Although yeah, that is still a great suggestion.
This is true - however saying "its open source" can also give a false sense of security in itself..
We have no way to tell that whatever appears in browser at gollumcoin.com is actually running that same open source code, or that it hasn't already been hijacked by a third party seeing an opportunity for example..
This is something I would do even if I had complete trust in the gollum team not to do anything malicious on purpose :)