| ▲ | LtWorf 11 hours ago |
| > You can write whatever you want into a contract, but if you have no way to validate it, it's meaningless. 3rd party audit like everything else? |
|
| ▲ | bpt3 11 hours ago | parent [-] |
| Okay, if you want to pass responsibility off to someone else, how does the third party auditor do it? I'm not talking about checking a compliance box, I'm talking about actually confirming no backdoor exists. |
| |
| ▲ | jacquesm 8 hours ago | parent | next [-] | | That's proving a negative. You are always going to end up with something like 'to the best of our ability'. | | |
| ▲ | bpt3 5 hours ago | parent [-] | | You figured it out. It's trivial to include a backdoor in a large system of systems, and one placed by a remotely competent adversary will not be found. So what's the point of a regulation that can't be enforced? |
| |
| ▲ | LtWorf 4 hours ago | parent | prev [-] | | So you claim it's never possible to audit anything? |
|
