Some of the messaging community believes that software that is open source is more secure. It is our view that it is not. The more visibility there is into the infrastructure and code, the easier it is to penetrate it. By design, open source software is distributed in nature. There is no central authority to ensure quality and maintenance and by putting that responsibility on Sunbird, development would not be feasible. Open source vulnerabilities typically stem from poorly written code that leave gaps, which attackers can use to carryout malicious activities.
To help satisfy our own ambitious goals of providing total privacy and security, we are currently undergoing a third party audit that will validate our security, encryption and data policies and plan on receiving ISO 27001 certification after launch.