[AnimalMuppet]

That works for you, but on the subject of security, tptacek is on a different level than most of the rest of us. It's perfectly valid for him to say that he wants to see Schneier's references, and for you to say that you will take it on trust from either of them.

> Also, the point I was making is that if he wants to leave work uncited, it should at least be the work he has actual credibility in.

A totally valid point. Way too often, people smuggle credibility from an area where they have expertise (and therefore deserve the credibility) to areas where they don't. In this case, though, the real credibility is Schneier's honesty, not his expertise, since he's passing on (obscured) reports from others.

[linkregister]

My point is that his honesty is actually not existent, as it has been tainted by his provably incorrect speculation from 2013-2016.

I think it's absolutely valid for tptacek to demand citations from Schneier!

[AnimalMuppet]

> My point is that his honesty is actually not existent, as it has been tainted by his provably incorrect speculation from 2013-2016.

What are you referring to here?

And, taking your statement at face value: If he speculated, and was clear that he was speculating, and was wrong, that doesn't destroy his honesty - merely his reputation as a speculator.

[linkregister]

Indeed in my original comment I assert that he speculates without appropriately labeling it as such. Hence, why my viewpoint is controversial on HN. Most HNers believe Mr. Schneier is an authority on computer security. I believe he takes his genuine expertise in cryptography and mistakes it for understanding of computer security that he doesn't actually possess.

His shortcomings are especially apparent when applied to APT, memory corruption, and computer network intrusion/defense.