All the crypto code you've ever written is probably broken:http://tonyarcieri.com/all-the-crypto-code-youve-ever-written-is-probably-broken …
@drawohara @tmornini I think a lot of the libraries (e.g. OpenSSL) are just poorly designed and insecure by default :(
-
-
-
@drawohara@tmornini I've had my eye on NaCl for quite some time... just need to write a Ruby binding :| -
@bascule@tmornini i'm 1/2 serious about http://crypto.stanford.edu/sjcl/ - you could run it easily in many runtimes... -
@drawohara@tmornini while I'd love to eat Dan Boneh's dogfood I'd also like to avoid having to use V8 from Ruby ;) -
-
@drawohara@tmornini the same could be said for NaCl and Keyczar -
-
@drawohara@tmornini you could say the same thing about JVM bytecode - 6 more replies
New conversation -
-
-
@bascule@drawohara@tmornini There's always the tradeoff between flexibility and "secure by default". None have tried both. krypt will. -
@_emboss_@drawohara@tmornini yeah, unfortunately a Tahoe-like capability scheme doesn't fit with standard authenticated encryption modes -
@bascule@drawohara@tmornini yeah, same problem when trying to implement a legacy protocol with keyczar :) That's why I think we need both.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.