@bascule fear != worth. i wasn't talking about worthiness, i was talking about imparting fear on those that might try
@maxtaco or is it more likely someone will use your code on a web site that's vulnerable to XSS?
-
-
@bascule same can be said of C code with LD_preload attacks. Xss is a problem but so is picking the right defaults for Crypto. Why skimp? -
@maxtaco the same reason we don't use 512-bit symmetric keys: you're sacrificing performance without raising the security margin -
@bascule performance of ciphers are in the noise relative to pbkdf2 on reasonably sized plaintexts like wallets and crypto keys
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.