People posting code here: 1. Post all of your code in your original post (posts if it is too big) announcing your program. Sign and timestamp the code. Don't edit your posts in the future, they should not have an edited mark on them. 2. Don't try to bundle other software with yours. If other libraries or programs are required, specify this. People can go and find them and download them themselves. people auditing code here: 1. Post the sha512 hash of the signed timestamped code you audited. 2. Describe how thoroughly you audited the code and your level of expertise in auditing code people using programs from here: 1. Make sure you compile from the source, as I said before 2. After seeing enough people have audited the code to feel safe, sha-512 sum the available code to make sure that it is the same thing that has been audited. potential updates to the program should be posted and signed and audited as well, preferably released as patches to the current code base.