[tsujamin]

I can’t remember the example (it was a conference talk a few years ago), but I’m pretty sure there’s LE and DFIR companies who also reverse this stuff and assist in recovery, they just don’t publish the actual flaws exploited to recover the data.

[bawolff]

Key being generated insecurely is hacking crypto systems 101. The mere fact someone can reverse it probably means this is the first thing to check.