[cryptography] Intel RNG

Matthew Green matthewdgreen at gmail.com
Tue Jun 19 00:03:34 EDT 2012

On Jun 18, 2012, at 4:21 PM, Jon Callas wrote:

> Reviewers don't want a review published that shows they gave a pass on a crap system. Producing a crap product hurts business more than any thing in the world. Reviews are products. If a professional organization gives a pass on something that turned out to be bad, it can (and has) destroyed the organization.

I would really love to hear some examples from the security world. 

I'm not being skeptical: I really would like to know if any professional security evaluation firm has suffered meaningful, lasting harm as a result of having approved a product that was later broken.

I can think of several /counterexamples/, a few in particular from the satellite TV world. But not the reverse.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20120619/c02eeb42/attachment.html>

More information about the cryptography mailing list