zlacker

[return to "Ask HN: What scientific phenomenon do you wish someone would explain better?"]
1. memset+tD[view] [source] 2020-04-27 00:33:30
>>qqqqqu+(OP)
Crypto and practical security. I get tired of the circular “don’t roll your own crypto unless you’re qualified”. How does one become qualified? I don’t feel like I know how to evaluate many of the arguments people make for or against technologies people argue about on HN, such as Signal or different password managers. I feel like “security through obscurity” is a bad thing, and “layers of security” are a good thing, but isn’t all security obscuring something, and how does one evaluate whether a layer is adequate? “Just use bcrypt” - okay, help me understand!
◧◩
2. marcos+Xf2[view] [source] 2020-04-27 17:32:57
>>memset+tD
> I get tired of the circular “don’t roll your own crypto unless you’re qualified”. How does one become qualified?

Oh, by all means, roll your own crypto, break it, and roll it again. Just do not use it.

Also, break other people's crypto and study theory.

By the way, the advice is not "unless you are qualified". Nobody is qualified to just roll their own. Good crypto is a community project and can not happen without reviewers.

[go to top]