What amazes me is that all of this information came voluntarily from Whisper.
>The Guardian visited the Whisper offices to consider the possibility of undertaking other journalistic projects with the company and sent two reporters last month to look in detail at how the app operates. At no stage during the visit were the journalists told they could not report on the information shared with them.
What kind of a company invites journalists from a newspaper known for its investigative/muckraking skills, and then hands over their secret sauce along with such gems:
>Separately, Whisper has been following a user claiming to be a sex-obsessed lobbyist in Washington DC. The company’s tracking tools allow staff to monitor which areas of the capital the lobbyist visits. “He’s a guy that we’ll track for the rest of his life and he’ll have no idea we’ll be watching him,” the same Whisper executive said.
>The Guardian is no longer pursuing a relationship with Whisper.
> What kind of a company invites journalists from a newspaper known for its investigative/muckraking skills
I can only guess, but I'd be willing to bet it's because of a mistaken idea that "we're on the same side", therefore any reporting by Guarding would almost certainly end up positive.
> and then hands over their secret sauce along with such gems:
... but yeah, I've got nothing, other than what were they thinking? I mean, I like the idea of keeping tabs on bad people, but then I'm not the one running a website that claims I won't track people.
In this situation it was in Whisper's interest to sell their ability to locate users as precisely as possible, they were obviously too keen to do so. Journalists value Whisper's user's content because they can be sure that it comes from a military base, for example, if their location tracking tools are precise.
More eyeballs have a good track record -- for instance, since bash is Free Software, many people have looked at it, which is why there have been no recent critical flaws in bash discovered by automated fuzzers.
I tend to look when I run into an issue. So its not "I never look" it is more "I only look when I feel I have to."
If you get enough people doing that...well, imo, you'd probably have most "issues" surface as quickly as it would in commercial software ... and you'd have the added advantage of not everyone having a vested interest in obscuring any potential 'issues' that might negatively affect the company. [e.g. A privacy centric company that records addresses? Ouch]
The other issue is if you don't own the network, you can't trust the network.
>The Guardian visited the Whisper offices to consider the possibility of undertaking other journalistic projects with the company and sent two reporters last month to look in detail at how the app operates. At no stage during the visit were the journalists told they could not report on the information shared with them.
What kind of a company invites journalists from a newspaper known for its investigative/muckraking skills, and then hands over their secret sauce along with such gems:
>Separately, Whisper has been following a user claiming to be a sex-obsessed lobbyist in Washington DC. The company’s tracking tools allow staff to monitor which areas of the capital the lobbyist visits. “He’s a guy that we’ll track for the rest of his life and he’ll have no idea we’ll be watching him,” the same Whisper executive said.
>The Guardian is no longer pursuing a relationship with Whisper.
Well, no shit Sherlock!