undefined | Better HN

0 pointssverige9y ago0 comments

I'm not sure that security is fully correlated with the degrees held by developers. It seems to have more to do with their motives. WhatsApp is owned by Facebook, which is wholly motivated by profit and the aggrandizement of Zuckerberg, not by providing secure code.

What's most interesting to me is that for all the people who complain that C is insecure, I don't see any great, proven open source crypto implementations written in the "secure" languages.

As an aside to your aside, LibreSSL is certainly more secure than OpenSSL, and it is written in C. Theo de Raadt doesn't have a PhD (though obviously he's not the only one hacking on LibreSSL).

0 comments

weavie9y ago

There are plenty of crypto implementations out there. What do you mean by proven?

j / k navigate · click thread line to collapse

0 pointssverige9y ago0 comments

What's most interesting to me is that for all the people who complain that C is insecure, I don't see any great, proven open source crypto implementations written in the "secure" languages.

As an aside to your aside, LibreSSL is certainly more secure than OpenSSL, and it is written in C. Theo de Raadt doesn't have a PhD (though obviously he's not the only one hacking on LibreSSL).