[cryptography] open letter to Phil Zimmermann and Jon Callas of Silent Circle, re: Silent Mail shutdown

dan at geer.org dan at geer.org
Sat Aug 17 21:35:27 EDT 2013


On the somewhat tangential-to-cryptography topic of open versus
closed source, may I suggest that the metrics that address the
question are the classic ones that define availability: mean time
between failure (MTBF) and mean time to repair (MTTR).  As you know,
you get 100% availability by driving MTBF to infinity or MTTR to
zero.  At this point in history with the array of installed base and
vested interests that we have, I'd suggest that further investment
in driving MTBF to infinity is a poorer spend that investing in
driving MTTR to zero.  On that proposition, open source wins as
while it is true that closed source is better out of the box on
average, open source has a brisker repair time.  Or so it seems to
this observer.

--dan



More information about the cryptography mailing list