I would support this rather than an outside organisation as I believe in trust based systems. All I know of Marky is he has a swimming pool and writes knowledgeably on issues of IT security.
We use trust, perhaps more than we realise here and its a foundation of humanity that needs encouraging and as a Yorkshireman, saving a few quid is somewhat appealing!
I also have a cat.
😍
@themarkymark, well, I love cats, so sold🙌😜Seriously though, I think you've made an excellent point on the need to audit the keychain. I'm an accountant and we go through the audit drill a couple of times a year. If there is a security flaw to find, it's far better that an audit uncovers it than it be exploited by someone looking to make a quick buck at the expense of everyone who has worked so hard and diligently to create an incredibly rewarding social and financial hub here on Hive. I am not always one to look immediately for the cheaper option to resolve issues but I am one for being realistic about the spending capacity available (I'm super familiar with budgeting lol) My view is that if we can't afford the sky-high prices of external audit firms then we need to decide whether we want to continue with no auditing controls in place (and stick our heads in the sand, fingers crossed that the software will remain immune to attack in a world where every hacker wants to lay their hands on the wealth of others) or whether we want to think a bit outside the box and make use of the resources available to us eg: Marky alone and/or giving out the task to perhaps Marky and one other (as a collaborative duo - although not sure if this is something Marky would be open to), who together may have the combined IT audit experience and technical insights and experiential history with Hive to produce an audit result that instills confidence in all. Alternatively, we give Marky a shot at a first audit and go from there... what have we got to lose, besides a few Hive. Better than losing the entire house IMHO. Can anyone explain how long the current defactoring process is expected to take? Are we prepared to have the keychain in its current form unaudited until such changes take place? How does the funding to keychain work, as in who funds it? Being short-sighted when it comes to issues of importance like this is not an ideal approach. If we aren't prepared to pay to protect the keys to our house, we can't come crying when the burglars break in and steal our life savings. So, yes I would support the proposal.