it's a teachable moment, recognising this, i hope y'alls who are less abrasive than me will understand what i'm saying, they don't understand the cryptography or the signals intelligence aspects of it

that is,

they don't even realise there is no such thing as a cleartext attack on any brand of AES encryption

they haven't even thought about the idea of app specific configuration data being separately encrypted with a second key or password

the one that threw this in my face and made me realise, literally his app publishes your app configuration in the clear