Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This drives me a little nuts. There are something like 4 firms† in the world generally recognized as qualified for assessing cryptosystems, against dozens well-known and qualified to audit software but not cryptography. Cryptography is a rare specialty for software security people. How were you going to know whether an "audit" for age was meaningful?

and, to be fair, dozens of independent practitioners



Oof, yeah maybe "audit" was the wrong word if it causes a reaction this strong.

I just wanted to say it would be nice to know what makes this implementation secure other than the creator's own words about their own project.

(EDIT: Though I guess you coming out to defend it is good enough signal to vouch in favor of it.)




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: