I think the key term in your comment is "cryptographer". Not software engineer, ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		octo_t on June 5, 2014 \| parent \| context \| favorite \| on: How I discovered CCS Injection Vulnerability (CVE-... I think the key term in your comment is "cryptographer". Not software engineer, but cryptographer. The actual encryption that goes on in openssl is very good, but the engineering which surrounds that cryptography - not so much.

mentat on June 6, 2014 [–]

I think given the various side channel attacks, the actually encryption being very good might be overstating it.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact