[pentesterlab]

Fair point and you're (obviously) spot-on for the attacks and very valid point on the names used.

It's a problem with most learning resources, you get what you put it. Most people get out of these exercises one of these two things (or both):

#1 a real understanding of the issue (best case scenario) #2 awareness that encrypted/signed doesn't mean bulletproof.

Worst case scenario, I think these exercises help people with #2 and may get them to look a bit deeper when they are reviewing applications. It's not meant to be a crypto training (IANAC), the goal is to help people gain some awareness around crypto issues they may encounter during an assessment.