Replying to Avatar Juraj

In information security, we almost always find hardcore bugs. The internet is a patchwork of bugfixes and new security holes.

Applies to banks as well, although they usually audit before release, so released version is usually ok.

"Military grade encryption" usually means the company does not know what they are talking about and it's a huge red flag.
Avatar
StackSats.IO 2y ago

You can have the strongest encryption in the world but if implemented incorrectly it’s as good as having none. That’s the part most Orgs go wrong with.

Reply to this note

Please Login to reply.

Discussion

Avatar
The Fishcake (nostr.build) 2y ago

They all usually fail at key management, while having good encryption in place 🐶🐾🤣😭

Avatar
Juraj 2y ago

Yes, that's common.

But the most common bugs have nothing to do with encryption.

Avatar
The Fishcake (nostr.build) 2y ago

That too. 🐶🐾🫡

Avatar
Juraj 2y ago

Not really. Sometimes it's the case, but usually the problems have nothing to do with encryption or its implementation, but with the security design and implementation of parts that have nothing to do with encryption.

Encryption is usually an open source library that they just use.