I know it sounds weird, but unless you reviewed the source code AND built the binary from it, no open source software is to be trusted.
The versions ready for download may be based on code slightly different than the one in the repo -either deliberetely, or because the NSA managed to redirect the download link to its' servers.
There is always a probability that an anonymity product will be proved to be a honeypot. Even open source projects may either do as mentioned (provide a "hacked" version for downloading), or even include some code that downloads and runs a seemingly harmless module from an external source, that is not so harmless in reality.
If the CIA gives enough money to the core developers or even just the website owner, what do they have to lose? Their reputation? Not everyone cares about that.
I know these scenarios sound far-fetched and paranoid, but nothing should sound impossible after Snowden's revelations. Even for open source software.
> I know it sounds weird, but unless you reviewed the source code AND built the binary from it, no open source software is to be trusted.
That's probably true, but if you want to be really paranoid you'd also want to be sure to compile it with a machine, operating system, and compiler that they are unlikely to have tampered with. Maybe something really old or esoteric or both?
The versions ready for download may be based on code slightly different than the one in the repo -either deliberetely, or because the NSA managed to redirect the download link to its' servers.
There is always a probability that an anonymity product will be proved to be a honeypot. Even open source projects may either do as mentioned (provide a "hacked" version for downloading), or even include some code that downloads and runs a seemingly harmless module from an external source, that is not so harmless in reality.
If the CIA gives enough money to the core developers or even just the website owner, what do they have to lose? Their reputation? Not everyone cares about that.
I know these scenarios sound far-fetched and paranoid, but nothing should sound impossible after Snowden's revelations. Even for open source software.