Quote from: holyfuckisuck on September 06, 2012, 10:28 am"Meh. I'm trying to find a balance between financial remuneration for my work and providing a product that is safe to use."To me this is what a lot of people are disagreeing with. No one seems to believe that you've found that balance.Either that or they just want free stuff. It's funny, no one seems to think it's unfair if a drug vendor refuses to provide a sample, but I have to provide the entire product.Quote from: holyfuckisuck on September 06, 2012, 10:28 amWhat makes you think the vendors have the skills necessary to tell whether what they get is a safe product?A line-by-line explanation of precisely what everything does, with links to Python documentation and sample code for verification should suffice. Seriously, if they can follow my instructions for using GPG on the command line then they will be able to follow this.Quote from: holyfuckisuck on September 06, 2012, 10:28 amI think that the other posters here are really off base and pine is over exaggerating things but don't you think that there has to be a better possible way to provide your product safely?Better than the above? Not while still getting paid or without revealing my real identity.Quote from: holyfuckisuck on September 06, 2012, 10:28 amHypothetically none of the people buying your software would have the skills necessary to audit it so that giving them the open source code would do absolutely nothing to make things safer.The method I just described might help.Quote from: holyfuckisuck on September 06, 2012, 10:28 amThis is why I think that this thread should be more about trying to find a better balance between your financial remuneration and providing a product that is safe to use rather than somewhat childish accusations etc.Look, if you can think of something better, I'm listening.Quote from: holyfuckisuck on September 06, 2012, 10:28 am In the end the more that you avoid giving actual programmers the code or finding a better solution than "buy it or don't buy it" then the more suspicious this becomes imo.I know some very good Python developers I'd trust to audit it, but to my knowledge they're not on Silk Road. They certainly don't know that I am and I'd really like to keep it that way.Quote from: holyfuckisuck on September 06, 2012, 10:28 amI think both sides agree that it is possible for your software to contain exploits but where you disagree is that you believe that giving the vendors who will be using your product the source code is enough to make things safe whereas few others do.In conjunction with a thorough explanation with proof that I can't fake.