[graham_king_3]

That attitude to crypto is pervasive, annoying, and wrong. We don't tolerate the "you're too stupid to use that" attitude in any other part of software development, and we shouldn't tolerate it in cryptography.

Every developer needs to touch crypto. Encrypted communications needs to be our default. And yes, of course, we should prefer verified, standard algorithms (NSA Suite B, for example).

It's OK to get it wrong, it's OK to fail forward, even with cryptography. ROT13 will protect you very well, if your attack vector is someone glancing over your shoulder for 1 second. As long as the code is open, and you're honest about what it does, you've made people a little bit safer.

There's a fair amount of gloating around Cryptocat, but it protected people's communications from me, because I didn't know how to break it. So that's better than nothing.

[EthanHeilman]

>We don't tolerate the "you're too stupid to use that" attitude in any other part of software development, and we shouldn't tolerate it in cryptography.

We shouldn't, but we should provide tools that allow software engineers to securely design applications without having to be crypto experts, in much the same way I can write python code without being a kernel hacker. Two examples spring to mind: Authenticated https api calls and bcrypt. These both work securely without requiring deep knowledge and they are so easy to setup it is unlikely someone will roll their own.

[josephlord]

You can PLAY with crypto, discuss it try things out and have fun with it. After you have been doing that and hanging out in the right circles for a few years, reading lots and probably breaking other people's ideas and implementations not just yours then you will be some sort of position to judge whether your work may be safe to unleash on the public as anything more than a low security experiment.

One of the problems is with security and crypto is that the people who really understand it make fairly weak promises such as that it is "Pretty Good Privacy" but the incompetent, greedy or malicious make strong marketing claims about the security that they are offering. Emphasis on incompetent in the Cryptocat case.

Crypto is an area where the Dunning Kruger effect[1] seems both especially strong and especially dangerous.

[1] http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect

[tptacek]

Everybody should be able to fly a plane, too. Think of how awesome that would be! A rebirth of the American general aviation industry; new airplane designs; solutions to congested airports.

It does not follow from that sentiment that anyone should be able to jump into the cockpit of a Cessna and just figure things out for themselves.

[ryan-c]

The part where this analogy breaks down is that some random person will probably die in a fire pretty quickly if they try to fly a Cessna. Crypto is like a Cessna that's easy to fly but if you don't fly it exactly right, a few months after your flight, the ground under your flight path spontaneously combusts.

[gyardley]

There's a fair amount of gloating around Cryptocat, but it protected people's communications from me, because I didn't know how to break it. So that's better than nothing.

Not if 'nothing' is "don't send the message", rather than the "send the message in the clear" that you're assuming.

Bad crypto gives end users false confidence in the security of their messages. They then send messages they normally wouldn't, and suffer the consequences when those messages end up being read by others.

Amateurs can play with crypto all they like for fun, but they have no business releasing a product to end users.

[marcosdumay]

That's the same attitude people have with manual memory management.