Security Concerns Paramount After Early Reviews of Diaspora Code

Stoobalou writes with this excerpt from Thinq.co.uk: "Following the release of the source code for the Diaspora social networking platform, hackers and tinkerers the world over have been poring over the code in order to improve, enhance, and otherwise help the project in its attempt to unsettle Facebook. Sadly, the current opinion is that the code just isn't up to scratch. While the team clearly stated that 'we know there are security holes and bugs' in the code that was released, it's possible that they weren't aware of just how many show-stopping issues there are — issues which make it hard to recommend that you roll your own Diaspora server just yet."

Re:Freetard fail

Yeah, but it will be like email is now. People won't need to run their own servers. They will be able to pick from a variety of free diaspora hosts who get their revenue from ad dollars and harvesting your data (and that of your friends, who might host their own diaspora node at home, or on another service), and then we will be free of facebook's horrible privacy violations, and be in a new universe of less accountable companies with even worse problems.

I can't wait, diaspora, here I come!

Protocol, not code

[ath1901]

I'm more interested in the protocol than the code. If the protocol is vulnerable to attacks/fraud then it is a show stopper.

If the ruby-web-stuff-code contains bugs and security holes, I'll just write my own (read: wait for someone else to do it).

I couldn't find any relevant info about the protocol in TFA. Am I missing something?