![]() Can mistakes still make it in that way? Sure – but the odds are a lot lower. I don’t release it to a ‘production’ environment until I’m sure as I can be that it’s right. Then have other people review it in detail. So I take extra time to review it in detail. Writing key generation code scares me, I’m paranoid that I’ll get it wrong. Having spent the past month doing it, let me tell you: implementing cryptography is *hard*. Or said more accurately, doing it right is hard. There’s no doubt that crypto is hard, everybody agrees on that. While in their blog post they seem to downplay the issue, I won’t – for a year, group chat was completely broken. When I wrote that, I wasn’t expecting it to be a bug that rendered the group chat encryption nearly pointless. Last year was painful for Cryptocat – the last audit may have been clean, but who knows what else may be found. I recently mentioned Cryptocat in my OPSEC article: For a year, the entire user base was at risk. In this case, the team behind Cryptocat failed. activists), you take on a certain responsibility for ensuring that at least the core functionality is doing what’s expected. When you release code like this to the public, and encourage people to use it – especially those that are at higher risk (i.e. Steve does a great job explaining the issue here but the short version is that the person that wrote the code – and anyone that’s reviewed it since then, didn’t understand what they were doing. That code should be well reviewed and understood by multiple people. The most vital step in any crypto system is the key generation if you get it wrong, nothing else matters. #Ĭryptocat has one mission, to provide secure communication – which is to say, to encrypt data. If you’re going to do one thing, do it right.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |