Its still their own crypto. Even if you have the code, their could be a mathematical weakness that is unknwon to anybody outside the company. The protocol has not been studied a lot.
Has anyone offer to fund an audit of the code/crypto/workflow? If not, it'd be nice Moxie would spec out a public request for funds via some sort of crowdfunding and means to post public offers to audit the code based on the funds raised.
Oh, interesting, not a huge suprise, though guess I wasn't clear, I was talking about auditing the open source stuff, not Facebook.
Basically, crowdfunded audits of open source crypto tech have been done before; I'd be up for helping with this if it made sense, since currently my sec dev skill are not that useful:
Whatever the server, if the client encryption is reliable, data can't be read on the server side.