> <@alicebobandeve:mozilla.org> Interesting discussion. I had a few questions I could not find answers on the website so I'll ask them here. No way in hell I'm going to post this on reddit, I could create a Github issue if my question is relevant and not already answered. > > Maybe @strcat can chime in, I'm sure GOS is now being used by various journalists, criminal lawyers and other entities that go to great lengths to protect their data and identity. > > How does GOS prevent itself from being compromised? The updates/deltas sent out are signed with Daniel's key, what is the scenario in which the keys are compromised? In Canada, you are not required to self-incriminate or hand over your keys by law but there are various scenarios in which keys could still become compromised. Is there a dead man's switch in place? Is there a warrant canary? Do @anupritaisno1 or @renlord use a periodically changing passphrase to verify that Daniel is in fact uncompromised when communicating? It's needless to say that I am grateful for GOS, Daniel and other contributors for putting in all the work and I am in no way trying to undermine GOS, that's the last thing I would try to do but it makes sense if there are certain protections in place. Maintainers are usually on their own builds so the chance of compromise is fairly low as we'd check the source we were building Users might be affected but when you're not using your own keys that's always the case If that's your threat model you should consider building it yourself