But look at all the ciphers, hash algorithms and protocols (more or less) forcefully revoked in the last few years. The state of the art is similar, but all the old stuff (SSL, weak KEX algorithms, …) is finally dying and PFS widely used.
Algo development hasn’t been moving a lot (don’t miss out on AES-XTS though, or SHA3-in-progress).
Deployment however has been moving much faster. Much much. Algorithms are cool, but really deployment is critical.
James is so modest and gentlemanly. He gives Snowden all the credit for the (heroic; and virtually unbelievable in the notoriously mired-in-legacy-standards-and-nonstandards software world: cutting four years off mass adoption is ‘And the heroes of Valhalla shall clamor to sing your praises for eternity’ caliber stuff) push forward in commercial software security practices; but completely ignores the fact that Snowden probably never would have acted at all, and certainly nobody would have cared, without a suitably villanous and overreaching clandestine operation to blow the whistle on. He really ought to give himself a pat on the back for his part in this noble effort.
(All snark aside, WTF is it with the “Our actions caused problems; so we should blame the guy who revealed that for causing those problems” logic? It’s not as though software companies enjoy fixing bugs or making work for themselves; and “the terrorists” are not a terribly exciting customer base, so just maybe you should look in the mirror and think for a few minutes about just why a nontrivial slice of the tech sector has run screaming away from you and voluntarily taken on a bunch of PITA crypto adoption?)
This topic was automatically closed after 5 days. New replies are no longer allowed.