[biff]

I think what's especially dangerous about it, as a software developer, is that broken crypto runs identically to properly-implemented crypto. If one is in the mentality of rewriting a program until runs without crashing a few times, well, that seems sufficient to land a gig to code printer drivers, but falls short of the rigor I'd hope would go into implementing a secure system.

Nevertheless, at this moment there's a PHP programmer somewhere in the world writing new code that stores passwords hashed with one round of MD5.