[cryptography] Crypto Vulns

ianG iang at iang.org
Tue Mar 10 15:13:08 EDT 2015

On 7/03/2015 15:23 pm, John Young wrote:
> No 1 vulnerability of crypto is the user
> 2nd passphrases
> 3rd overconfidence
> 4th trust in the producer
> 5th believing backdoors are No. 1

I would have said that the #0 vulnerability is failing to deliver 
anything that the user sees.  Because of over-engineering, 
over-committeeing or over-consulting (h/t to PHB's rework process).

And the #1 vulnerability is delivering something to the user that she 
walks away from.  OK, that aligns somewhat in your No 1 above...

Also known as K6.


More information about the cryptography mailing list