[tialaramex]

"pilot error" isn't good enough. Good design and engineering can mitigate human failings, bad can exacerbate them.

The only accident investigation I've ever read (I read a lot of these) that actually had no broader recommendations for safety, was one where two fishermen used enough heroin to render themselves incapable of operating their boat safely and they drowned. The investors concluded that yup, taking so much heroin that you can't operate the boat is a bad idea, don't do that. Heroin is, of course, already a class A drug and you're not supposed to use it at all while operating a boat. No new recommendations.

Back in software, it's theoretically possible to do PKCS #1 v1.5 decryption safely but you're going to keep seeing Bleichenbacher Oracles until we stop using it in online protocols, because doing it correctly is hard. So we should just stop doing it altogether.