[cryptography] Crypto Vulns
iang at iang.org
Tue Mar 10 15:13:08 EDT 2015
On 7/03/2015 15:23 pm, John Young wrote:
> No 1 vulnerability of crypto is the user
> 2nd passphrases
> 3rd overconfidence
> 4th trust in the producer
> 5th believing backdoors are No. 1
I would have said that the #0 vulnerability is failing to deliver
anything that the user sees. Because of over-engineering,
over-committeeing or over-consulting (h/t to PHB's rework process).
And the #1 vulnerability is delivering something to the user that she
walks away from. OK, that aligns somewhat in your No 1 above...
Also known as K6.
More information about the cryptography