Your Code IS GARBAGE

I must admit, I have reviewed many pieces of cryptography code, and I would have loved to have written … “YOUR CODE IS GARBAGE”. But…

Your Code IS GARBAGE

I must admit, I have reviewed many pieces of cryptography code, and, at times, I would have loved to have written … “YOUR CODE IS GARBAGE”. But, because of politeness, I have always found ways to say it in a more diplomatic form. And, as a teacher, you learn not to give feedback that could crush someone. But when you are as passionate about your software offspring as Linus Tovald, you have the power and status do it, and be honest about it. And, so here is a recent email from him:

The line I love is:

“You copied that function without understanding why it does what it does”

and it rings so many bells for me, as I see software developers using cryptography in a what that they don’t really understand, and just copy and paste things. In fact, research showed that many developers in a study though that Base64 was a good encryption method. I’m not going to even start to say what the fundamental problem of this is.

So, basically, we need more people like Linus, and fewer who have little idea about the methods that they are using.