[lotsofmangos]

There is a fair amount of code you should copy/paste unless you are doing pure research, some because it has been so well studied it is almost a certainty that you are not going to drastically improve on it and others, such as encryption implementations, because it is actively dangerous to fuck about with unless you are extremely careful and a domain expert.

[cheald]

If you're copy-pasting encryption implementations rather than using an existing library, you're probably doing it wrong.

[lotsofmangos]

Well yes, but libraries are really just an advanced form of copy/pasting and you can still do damage by using the library incorrectly, so you often end up using sections of examples by the people who wrote the library or who are otherwise experts in its use on how to implement the library correctly.

[cheald]

Sure, you can argue that library use is copy-pasting, if those snippets you're pasting come with regression tests and have been code-reviewed by multiple people.

I'm going to go ahead and suggest that a tremendous number of encryption mistakes are made specifically because people copy-paste library invocations without understanding what they're invoking and why. When you just sling a chunk of code into a project without understanding what you're doing and why, the potential for bugs goes through the roof.

[lotsofmangos]

I agree that you need to understand what you are doing and why. I'm not saying that these bits should be treated like magic, just that you should think very carefully before you differ from them by very much.